Istio becomes a more stable platform with the latest update

Get a free Techzine subscription!

Service mesh Istio has recently been updated to version 1.7. With the new version, the platform becomes more stable. Added features involve operational capabilities and the integration of virtual machines.

Service mesh Istio, an initiative of Google, is an open-source platform that allows administrators to control the way microservices share data with each other. This year, Istio aims to make the platform more stable to increase its usability. The usage of Istio in production environments should be without problems, no attention should be required regarding performance, upgrades should be carried out smoothly, and complex tasks should be solved through automation.

Operational updates

With the introduction of Istio 1.7, this goal has come closer. The upgrade includes several improvements that meet the set goals.

Operationally, it is now possible for administrators to start an application only when the so-called ‘side-car’ is running. This enables the application to access underlying resources such as computing power and storage via its proxy.

In addition, it is possible to perform various control plane upgrades. The canary upgrades are integrated with the Istio Operator. This makes the canary upgrade the obvious upgrade path according to the developers of Istio. With a canary upgrade, administrators can monitor a new control plane with continuous integration and the telemetry functionality of Istio. When a part of the workloads is verified, more workloads can be transferred until they use the new Istio control plane.

To prevent configuration problems, the istioctl analyze tool has been added with functionality that warns users when an obsolete Mixer source is being used. Mixer is an Istio platform that allows custom adapters to act as an intermediary between the data plane and the back-end environments used for policies or telemetry. This feature also examines whether a potentially unsafe DestinationRule has been found.

Integration of VM’s

In addition to operational upgrades, Istio 1.7 also receives more possibilities for the integration of VM’s. This integration aims to ensure that VM’s behave like any other workload within Istio. The integration of VM’s in the service mesh remains in development, but according to the developers, it has now reached beta status with the latest upgrade.

With the improvements in Istio 1.7, VM’s behave like Kubernetes pods due to the newly added WorkloadEntry API in Istio. This means that administrators in Istio can now manage the infrastructure as APIs. In addition, non-Kubernetes workloads can now be used in VM’s within Istio. This enables companies to continue to use their legacy applications.

Furthermore, several security measures based on best practices have been added for VM’s. For example, token bootstrapping and certificate rotation.

Introduction Central Istiod

Finally, the upgrade paid attention to multi-tenancy. The tool Central Istiod has now been introduced as an alpha version within Istio version 1.7. Central Istiod was developed by IBM, one of the main contributors to the service mesh.

The tool separates the Istio control plane clusters from the data plane clusters. This makes it possible to use different environments or vendors for the control plane and the data plane. The feature also makes it possible to set up logically isolated instances in a shared environment.

Tip: What is Google Anthos? Is this the modern cloud infrastructure you’re looking for?