Connect, secure, control, and observe services.
Failed to load latest commit information.
.circleci Adding integration tests to circle periodic (#9868) Nov 10, 2018
.github Adding "kind/test failure" to stalebot exempt list (#9870) Nov 9, 2018
addons Deprecate Servicegraph. (#9094) Oct 3, 2018
bin fix license check tool (#9893) Nov 12, 2018
docker Build Istio's own kubectl container (#8934) Oct 11, 2018
galley Fix MCP Legacy Mixer config conversion logic. (#9862) (#9873) Nov 10, 2018
install Fix some issues on perf dashboard (#9539) Nov 12, 2018
istioctl Merge remote-tracking branch 'origin/release-1.1' into r11tomv2 Nov 8, 2018
mixer Merge remote-tracking branch 'origin/release-1.1' into r11tomv2 Nov 8, 2018
pilot fix typo (#9830) Nov 9, 2018
pkg [test-framework] Extending deployment timeouts to match old framework ( Nov 12, 2018
prow fix license check tool (#9893) Nov 12, 2018
release fix license check tool (#9893) Nov 12, 2018
samples Replace external link with a local one (#9807) Nov 8, 2018
security fix typo (#9830) Nov 9, 2018
tests [test-framework] Fixing system deploy and undeploy (#9885) Nov 11, 2018
tools fix license check tool (#9893) Nov 12, 2018
vendor Use ServiceMeta to convey the protocol and other service properties (#… Nov 9, 2018
.codecov.yml Adding requirement for codecov package (#3884) Mar 3, 2018
.gitignore Enable e2e MCP integration with optional presubmit tests (#8192) Sep 17, 2018 Add a local file that points to the main one on istio… Nov 27, 2017
Gopkg.lock Use ServiceMeta to convey the protocol and other service properties (#… Nov 9, 2018
Gopkg.toml Use ServiceMeta to convey the protocol and other service properties (#… Nov 9, 2018
LICENSE Another license fix. May 18, 2017
Makefile fix license check tool (#9893) Nov 12, 2018
OWNERS Clean up owners a tad. (#8695) Sep 13, 2018 Remove outdated istio/mixerclient ref in docs (#9305) Oct 12, 2018
codecov.requirement [test-framework] Replace pilot test app (#9381) Oct 31, 2018
codecov.skip Fix integration tests caused by recent helm change (#9619) Nov 1, 2018 fix boilerplate error in /bin and /prow (#9024) Oct 9, 2018
istio.deps Update istio/proxy and envoyproxy/go-control-plane (#9750) Nov 7, 2018
lintconfig_base.json Update gometalinter installation method (#8779) Sep 20, 2018
test.yaml allow configure of proxy image (#9565) Oct 31, 2018


CircleCI Go Report Card GoDoc

An open platform to connect, manage, and secure microservices.

In addition, here are some other documents you may wish to read:

You'll find many other useful documents on our Wiki.


Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.

Visit for in-depth information about using Istio.

Istio is composed of these components:

  • Envoy - Sidecar proxies per microservice to handle ingress/egress traffic between services in the cluster and from a service to external services. The proxies form a secure microservice mesh providing a rich set of functions like discovery, rich layer-7 routing, circuit breakers, policy enforcement and telemetry recording/reporting functions.

    Note: The service mesh is not an overlay network. It simplifies and enhances how microservices in an application talk to each other over the network provided by the underlying platform.

  • Mixer - Central component that is leveraged by the proxies and microservices to enforce policies such as authorization, rate limits, quotas, authentication, request tracing and telemetry collection.

  • Pilot - A component responsible for configuring the proxies at runtime.

  • Citadel - A centralized component responsible for certificate issuance and rotation.

  • Node Agent - A per-node component responsible for certificate issuance and rotation.

  • Galley- Central component for validating, ingesting, aggregating, transforming and distributing config within Istio.

Istio currently supports Kubernetes and Consul-based environments. We plan support for additional platforms such as Cloud Foundry, and Mesos in the near future.


The Istio project is divided across a few GitHub repositories.

  • istio/istio. This is the main repository that you are currently looking at. It hosts Istio's core components and also the sample programs and the various documents that govern the Istio open source project. It includes:

    • security. This directory contains security related code, including Citadel (acting as Certificate Authority), node agent, etc.
    • pilot. This directory contains platform-specific code to populate the abstract service model, dynamically reconfigure the proxies when the application topology changes, as well as translate routing rules into proxy specific configuration.
    • istioctl. This directory contains code for the istioctl command line utility.
    • mixer. This directory contains code to enforce various policies for traffic passing through the proxies, and collect telemetry data from proxies and services. There are plugins for interfacing with various cloud platforms, policy management services, and monitoring services.
  • istio/api. This repository defines component-level APIs and common configuration formats for the Istio platform.

  • istio/proxy. The Istio proxy contains extensions to the Envoy proxy (in the form of Envoy filters), that allow the proxy to delegate policy enforcement decisions to Mixer.

Issue management

We use GitHub combined with ZenHub to track all of our bugs and feature requests. Each issue we track has a variety of metadata:

  • Epic. An epic represents a feature area for Istio as a whole. Epics are fairly broad in scope and are basically product-level things. Each issue is ultimately part of an epic.

  • Milestone. Each issue is assigned a milestone. This is 0.1, 0.2, ..., or 'Nebulous Future'. The milestone indicates when we think the issue should get addressed.

  • Priority/Pipeline. Each issue has a priority which is represented by the Pipeline field within GitHub. Priority can be one of P0, P1, P2, or >P2. The priority indicates how important it is to address the issue within the milestone. P0 says that the milestone cannot be considered achieved if the issue isn't resolved.

We don't annotate issues with Releases; Milestones are used instead. We don't use GitHub projects at all, that support is disabled for our organization.