While microservices promise to make developers’ lives easier, managing microservices interdependencies like traffic, security, and policy can get quite complex. To address these challenges, the open source community has launched Istio 1.0, a service mesh that allows developers to apply more automation to managing microservices.
Istio was introduced a year ago, but hit the news cycle again last week as Google announced managed Istio on GKE at Google Cloud Next, its massive cloud conference in San Francisco. Google, of course, is one of the major contributors to the project, along with IBM, Red Hat, Lyft and others. Istio 1.0 officially launched on Tuesday.
Jennifer Lin, director of product management, Google Cloud, said that the service mesh is a network that enables the communication between services, and Istio is the externalization of a decade of learnings from Google managing microservices internally.
“With containers, some of the magic is that we have workload portability and we have abstracted a lot of the infrastructure, now with Istio really what we’re focused on is simplifying the management of the interactions between services,” Lin said.
The Istio framework focuses on ensuring security between the services, including encryption and authentication. It also aims to make it easier to log, monitor and visualize microservices, and allow developers to do things like canary releases, where they can apply intelligent routing rules in the service mesh, not on an application by application basis.
“That is a developer agility that is nice because you can sort of test before you cut it into production, and it’s all part of an automated system,” Lin said. “That is the way a lot of our site reliability engineers manage the introduction of new code into the production environment.”
Lin said that many enterprises don’t operate this way at this point because they have a more manual test operation, but that is changing as they embrace DevOps.
For eBay, which is one of the early Istio case studies, the mesh was helpful in solving a lot of networking challenges as it transitioned from VMs to Kubernetes, making it easier for operators to monitor their environment, she said.
A recent survey by Diamanti said that enterprises are actively evaluating containers, and 44 percent of respondents plan to replace some virtual machines with containers to cut down on costs.
As more organizations take a container-first approach or take eBay’s lead in moving from a mostly-VM set-up to containers, enterprises will be looking for a consistent service management paradigm across those environments, which is where Istio comes in, she said.
Cisco, one of the contributors to the Istio open source project and Google’s Partner of the Year, sees Istio as the missing piece that sits alongside Kubernetes, making it easier for developers to connect microservices.
“The movement to containers is really designed to make it easier for developers who are rapidly developing and deploying new applications,” Lew Tucker, Cisco VP and CTO of cloud computing said. “Kubernetes came along to handle a lot of the orchestration of containers, how you deploy them, how you create them, how you create multiple replicas so that individual development teams don’t have to worry about keeping multiple instances of their pods running.”
Development teams can connect to the service mesh to understand how one service communicates with another, and through the mesh can handle communication in a uniform way at runtime.
“You can have managed policy and everything else based upon wherever you want your application to be deployed,” Tucker said.
Cisco’s work on Istio has centered on multi-cloud networking, making it so that developers can deploy the service mesh across both public and private cloud, he said. The service mesh allows services running on Google’s cloud to be connected to services running in an enterprise data center, or ultimately, on the edge itself.
“The developer community is very excited about Istio, it has been under development for the last year as different companies have been playing with it and are deploying it,” Tucker said. eBay and Lyft are among two of the enterprises using Istio in production.
In the future, Istio could play a bigger part in connecting the edge of the net, or in serverless environments, and Google said it has seen a lot of interest from up and coming developers and grad students based on conversations during its Google Cloud Next conference last week.
“For example, one of the areas that is an obvious one in the role that Istio plays in terms of serverless,” he said. “People are really excited to use things such as Lambda, and other serverless platforms to write very small that gets executed when it gets invoked or when a trigger happens. Now they’re looking at if that is a way to use the service mesh to make that secure and monitor what’s going on, provide observability around the communications, and accelerate the development of serverless-based applications.”
“The pace at which innovation is happening now is just astounding, and for many people that rate of innovation is becoming a problem,” Tucker said. “We are seeing both with what we are doing at Cisco and what Google is doing is to continue to innovate at this rapid pace but in such a way that we’re making it simpler and easier to consume.”