Skip to content

Latest commit

 

History

History
executable file
·
56 lines (34 loc) · 1.53 KB

architecture.md

File metadata and controls

executable file
·
56 lines (34 loc) · 1.53 KB
Raw
title layout prism_languages weight tags updated category intro
Architecture
2017/sheet
bash
yaml
-3
Featured
2022-08-04
Concepts
Istio concepts.

Intro

Architecture

Istio Architecture

Istio control plane is a single process - istiod, which contains three components Pilot, Citadel and Galley. You can bring containers in Kubernetes and virtual machines into the Istio mesh together.

Istio architecture{:data-img="img/istio-arch.svg"}

Components

The following figure show the components in Istio mesh.

Istio components{:data-img="img/istio-components.svg"}

Transparent Traffic Hijacking

The following figure shows the transparent traffic hijacking and traffic routing in Istio.

Transparent traffic hijacking{:data-img="img/transparent-traffic-hijacking.svg"}

Note

  • Only TCP traffic is shown in the figure. Traffic for UDP and other protocols will not be hijacked.
  • It is based on Istio 1.14.
  • It shows the traffic routing in reviews pod of the Bookinfo sample.

Data Plane

Envoy is the default sidecar proxy in Istio.

Envoy architecture{:data-img="img/envoy-arch.svg"}

See Envoy section.

Envoy

xDS

Istiod distributes the proxy configurations to Envoy via xDS protocol.

xDS{:data-img="img/xds.svg"}