Istio 1.11 changes gateway management, introduces multi-cluster services

Get a free Techzine subscription!

Istio has released version 1.11 of the project, which features gateway injection, with multi-cluster Kubernetes services implementation in an experimental capacity. Adding gateway injection into the project makes admins’ management and upgrading tasks easier since they are Istio’s interface with other instances.

Once they are updated, they can be managed from the same method that sidecar proxies use so that global proxy configuration also applies to gateways which help to reduce drift between components.

Multi-cluster service support lends itself to the Kubernetes project’s API. 

What version 1.11 brings

If users enable the feature using ENABLE_MCS_SERVICE_DISCOVERY, the service endpoints can only be discovered from the same cluster by default. If they are accessible throughout a mesh, the endpoints have to be exported first.

However, there is an automation flag available to solve that pickle.

Istio also provided testing and documentation work for the CNI plugin since the last version. It is slated to replace the istio-init container currently used for setting up pod network traffic redirection and has now reached beta status. The external control plane introduced in 2020 to improve the separation of concerns between cluster admins and users has also moved to beta.

Additional information

Istio’s command-line tool, istioctl, now has features like auto-completion for namespaces, a -dry-run flag for the uninstall command to know what will get deleted before deleting, and Kubernetes pods and services.

A new -workloadIP flag can help users configure the workload IP a sidecar proxy uses to register a workload entry automatically.

The proficient Istio users will have to change their workflows for installing the mesh hon remote clusters. However, the changes are not too significant. Find the release notes and additional information on the official Istio website.