Istio

Service Mesh Architecture

Tanuj Vishnoi | 27th November, 2021

 Hello!

• Software Engineering @JP Morgan Chase

• Part of document automation and App Modernisation team
• IEEE Publication on ROS + Embedded AI
• Patent on Cognitive Wearables using ELL

@vishnoitanuj

 What’s in for today

• Understanding container orchestration with Kubernetes

• Service Mesh Architecture (Need and Requirements)
• Welcoming Istio
• Quick Notes

 Kubernetes
Production Grade Container Orchestration

• Kubernetes is a portable, extensible, open-source platform for managing

containerised workloads and services, that facilitates both declarative
con iguration and automation. It has a large, rapidly growing ecosystem.
f

 Kubernetes
What it does

To scale up or down (fast) To keep processes

Distribute containers in a Without forcing micro-
with the ops you already continuously running
logical and e icient way management
have and healthy

Maximize Capacity Adapt to demand Don’t go dark ever Party Weekends

ff
 Kubernetes
Let’s simplify | What it does

• Portability - Just write as CRD, deploy at cloud of your choice

• Scalability - Self services the proper arrangement of your containers to optimise
OS level performance (Containers are OS level virtualisation)
• High Availability - Scales up at demand and manages health and re-birth
• Open Source

So, now you know how it makes containerised work lows easy to adapt and cheap, since now NO
dedicated DevOps (No more devops monitoring on weekends!!!)

 Kubernetes
Terminology brief

• Pod: k8 abstraction for your container (generally one container, but can
hold many for tightly coupling requirements)
• Node: Group of pods running on same Machine
• Clusters: Nodes are grouped as clusters
• Master Node: Manager for clusters

 Service Mesh - Istio

What is a service mesh? A service mesh provides a transparent &

language independent way to lexibly &
easily automate application network
functions.

f
 Service Mesh - Istio

What is Istio? An open services platform to automate

service interactions across container and
VM based workloads.
(Eg. Knative)

 How Istio Works Secure

Connect
Observe
Virtual
Service Control

T LS Catalogue 1
Destination Rules m

0 % Envoy
9

Gateway UI
Inventory
Envoy 10%
Envoy

Catalogue 2

Envoy

Adapter Mixer

Citadel Telemetry Policy Pilot Galley

 Istio Bene its - Traf ic Management

• Understand network interactions between services

• Tra ic inspection between services
• Granular policies - percentage based routing. (Canary)
• Automate policies across 1000s of services.
• Decouple network from your application code.
ff
f
f

 Istio
Traf ic
Con iguration
f
f

Istio Demo - Application

Destination Rules
Virtual Service
Content-Based Routing
 Thanks 😄
Feel free to hit me

With QUESTION(s)
Twitter: vishnoitanuj
Linkedin: in/tanuj-vishnoi
Mail: tanujvishni1306@gmail.com
Github: vishnoitanuj/istio-demo

Tanuj Vishnoi | JP Morgan Chase & Co.