Istio gets a major update with version 1.12

Get a free Techzine subscription!

Istio has received a major update with the release of version 1.12. The added functionality should make the service mesh solution more secure.

Istio is a special infrastructure layer — or ‘service mesh’ — that’s suitable for distributed applications. In Istio’s case, the layer tailors to applications based on the container orchestration platform Kubernetes. For these applications, the service mesh brings functionality such as traffic management, load balancing, observability, service-to-service authentication and monitoring.

In this way, developers can secure, connect and monitor their services in a standard and efficient way, with little to no modification to the underlying code.

Release

The arrival of version 1.12 brings a lot of new functionality to Istio. Fully automated mTLS support for workload level peer authentication was added to enhance security. With this, developers no longer need to configure the destination rules themselves. This also offers improvements that ensure that TLS certificates no longer excessively consume memory. Furthermore, support for Googe Kubernetes Engine (GKE) workload certificates and a new VERTIFY_CERT_AT_CLIENT environment variable were introduced.

Traffic management and extensibility

In terms of traffic management, Istio’s support for Kubernetes multi-cluster services has been extended. Requests to the cluster.local host are now only routed to endpoints on the same cluster as the client. Despite being present in the full 1.12 release, this functionality is still in an experimental stage.

Istio can now also create an ordered list of labels. This list can be used to prioritize endpoints for load balancing, which can prove handy when resources are scarce.

Other functionality includes the addition of a so-called web assembly API in version 1.12. Future releases will extend the functionality of this API. Furthermore, tooling for processing telemetry was added and the installation procedure of Istio underwent a change.