What is Istio? The latest open source project out of Google
- 01 August, 2018 09:48
Google's latest open source release, Istio is getting a generally available 1.0 version - but what is Istio, what are the benefits and who is using it?
In short, Istio is an "open platform to connect, manage, and secure microservices".
Otherwise known as a 'service mesh', the aim is to unify traffic flow management, access policy enforcement and telemetry data aggregation across microservices into a shared management console, regardless of environment.
Originally launched in May 2017, version 1.0 becomes generally available on 1 August 2018 and was announced on stage during Google Next in San Francisco this week, where it was described as 'production ready'.
As containers have become the industry standard for cloud deployments they have brought a new element of complexity to developers who have to orchestrate and monitor a bunch of microservices across a disparate architecture. Istio is Google and the open source community's attempt to ease these burdens.
Urs Holzle, SVP technical infrastructure at Google Cloud said from the stage during Google Cloud Next that Istio was developed and released to address one of the fastest-growing costs in the enterprise: the complexity of administration across hybrid environments.
"Istio is another Google-developed open source project which extends Kubernetes into these higher level services," he said. "So you can discover, connect and monitor services holistically across multiple locations in one place" - without having to change code.
Google started working on what is now called Istio last year, along with IBM, Lyft, Pivotal, Cisco and Red Hat.
Istio can be deployed on Kubernetes and Nomad with Consul, with plans to support platforms like Cloud Foundry and Apache Mesos in the near future.
Holzle said that some Google Cloud Platform customers are already running Istio in production, including eBay and Auto Trader.
Benefits of Istio
The benefits of Istio run from improved performance to greatly simplified administration and security, all with better telemetry data across microservices.
As Holzle said: "With the cloud services platform you can better control traffic with dynamic route configuration and it is easier to conduct A/B tests and release canaries."
It does this by decoupling traffic flow from infrastructure scaling, allowing developers more granular control over traffic and API calls.
Istio also gives a more comprehensive set of controls for failure recovery, from timeouts to limiting concurrent connections and circuit breakers.
In terms of policy enforcement Istio gives admins the option to enforce organisational policies across services, without changing a line of code.
Istio also aggregates telemetry data from across all micrsoservices, regardless of where they run.
In terms of simplifying configuration and monitoring of services, Holzle said: "By having Istio and Kubernetes you manage not just the implementation and deployment of a service but you manage the service itself as it is running.
"Today for some people a cloud strategy is just a combination of lift and shift of existing workloads and writing new cloud application code for new applications. That approach misses so many benefits of the cloud.
"Using Istio in contrast you get a common platform to train your people against with a common service and security model for lower operational complexity and faster innovation."
Case study: Auto Trader
One early access customer of Istio is the UK-based car classifieds site Auto Trader, which is in the middle of a public cloud migration, going from virtual machines to Kubernetes in the process.
"The level of control and visibility that Istio provides has enabled us to significantly de-risk this ambitious work, and in several cases has actually helped surface issues we were previously unaware of," Karl Stoney, delivery infrastructure lead at Auto Trader told Computerworld UK via email.
Auto Trader is a big proponent of open source, with many of its engineers contributing back to the community regularly. It is through this community that the organisation became aware of Istio.
More specifically Istio has helped Auto Trader engineers get greater insight into their deployed applications.
"The service level metrics (percentile response times, body sizes, success rates etc) help them to diagnose issues before they become customer impacting," Stoney said.
"They gain access to 'flick of a switch' features, such as retrying of problem request, intelligent routing of traffic allowing them to test out new versions of their application with just a subset of users. These were features that previously they'd have to have written, built and deployed themselves."
And why did Auto Trader opt for Istio for its service mesh?
"Our primary reason for using Istio was because of our experiences working with Google both as a vendor (GKE/GCP) but also their contributions in the open source space (Kubernetes) gave us a sense of security and support that we didn't feel we would could anywhere else," Stoney said.
"As a result we've been working with the Istio team since version 0.3, it's that working relationship that has made its implementation a success for us."