An open platform to connect, manage, and secure microservices.
In addition, here are some other docs you may wish to read:
- Istio Working Groups - how we partition work in the project
- Contribution Guidelines - explains the process for contributing to the Istio code base
- Reviewing and Merging Pull Requests - explains the process we use to review code changes
- Istio Developer's Guide - explains how to setup and use an Istio development environment
- Project Conventions - describes the conventions we use within the code base
- Creating Fast and Lean Code - performance-oriented advice and guidelines for the code base
Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.
Visit istio.io for in-depth information about using Istio.
Istio is composed of these components:
-
Envoy - Sidecar proxies per microservice to handle ingress/egress traffic between services in the cluster and from a service to external services. The proxies form a secure microservice mesh providing a rich set of functions like discovery, rich layer-7 routing, circuit breakers, policy enforcement and telemetry recording/reporting functions.
Note: The service mesh is not an overlay network. It simplifies and enhances how microservices in an application talk to each other over the network provided by the underlying platform.
-
Mixer - Central component that is leveraged by the proxies and microservices to enforce policies such as ACLs, rate limits, quotas, authentication, request tracing and telemetry collection.
-
Pilot - A component responsible for configuring the proxies at runtime.
-
CA - A component responsible for cert issuance and rotation.
-
Broker - A component implementing the open service broker API for Istio-based services. (Under development)
Istio currently supports Kubernetes, Consul, and Eureka-based environments. We plan support for additional platforms such as Cloud Foundry, and Mesos in the near future.
Istio is an open source project with an active development community. The project was started by teams from Google and IBM, in partnership with the Envoy team at Lyft.
The Istio project is divided across a few GitHub repositories.
-
istio/istio. This is the main repo that you are currently looking at. It hosts Istio's core components and also the sample programs and the various documents that govern the Istio open source project. It includes:
- security. This directory contains security related code, including CA (Cert Authority), node agent, etc.
- pilot. This directory contains platform-specific code to populate the abstract service model, dynamically reconfigure the proxies when the application topology changes, as well as translate routing rules into proxy specific configuration. The istioctl command line utility is also available in this directory.
- mixer. This directory contains code to enforce various policies for traffic passing through the proxies, and collect telemetry data from proxies and services. There are plugins for interfacing with various cloud platforms, policy management services, and monitoring services.
- broker. This directory contains code for Istio's implementation of the Open Service Broker API.
-
istio/api. This repository defines component-level APIs and common configuration formats for the Istio platform.
-
istio/mixerclient. Client libraries for Mixer's API.
-
istio/proxy. The Istio proxy contains extensions to the Envoy proxy (in the form of Envoy filters), that allow the proxy to delegate policy enforcement decisions to Mixer.
We use GitHub combined with ZenHub to track all of our bugs and feature requests. Each issue we track has a variety of metadata:
-
Epic. An epic represents a feature area for Istio as a whole. Epics are fairly broad in scope and are basically product-level things. Each issue is ultimately part of an epic.
-
Milestone. Each issue is assigned a milestone. This is 0.1, 0.2, 0.3, or 'Nebulous Future'. The milestone indicates when we think the issue should get addressed.
-
Priority/Pipeline. Each issue has a priority which is represented by the Pipeline field within GitHub. Priority can be one of P0, P1, P2, or >P2. The priority indicates how important it is to address the issue within the milestone. P0 says that the milestone cannot be considered achieved if the issue isn't resolved.
We don't annotate issues with Releases; Milestones are used instead. We don't use GitHub projects at all, that support is disabled for our organization.
There are several communication channels available to get support for Istio or to participate in its evolution.