Description
Istio is an open source service network that transparently layers on existing distributed applications.
Istio’s powerful features provide a uniform and more efficient way to secure, connect and monitor services. It is the path to load balancing, service-to-service authentication and monitoring with little or no service code changes.
The powerful control plane offers vital features, including
Secure service-to-service communication in a cluster with TLS encryption, strong identity-based authentication and authorization,
-Automated load balancing for HTTP, gRPC, WebSocket and TCP traffic,
-Detailed control of traffic behavior with rich routing rules, retries, failovers and error injection,
A pluggable policy layer and configuration API that supports access controls, rate limits and quotas,
-Automated metrics, logs and monitoring for all traffic within a cluster, including cluster ingress and egress.
Istio is the most favored tool in the DevOps block and one that we need in our toolbox to solve most of the communication problems for distributed applications.
Istio provides the following functionalities in a distributed application architecture:
-Service discovery,
-Automatic load balancing,
-Routing, circuit breaking, retries, failovers, fault injection,
-Policy enforcement for access control, rate limiting, A/B testing, traffic splitting and quotas,
-Metrics and traces,
Secure service-to-service communication – Changing the manual TLS configuration,
-Authentication and Authorization – Enhancement by Spring Security.
This is a tutorial to simulate different topics where we can solve all the topics step by step in a tutorial way. You will see how to secure communication within the cluster, turn on the circuit breaker to not send a request to a failed service, monitor external calls, see load balancing in action, insert errors, manage traffic to a different version of the application.
Istio Service Mesh training covers the use of a service mesh (Istio) to control network traffic between microservices deployed in Kubernetes.
You will also learn how to control traffic flow and API calls between services, test various failure scenarios, automatically secure your services through managed authentication, authorization and encryption of communication between services, implement policies and ensure their enforcement. It will give you an overview of what can be achieved with Istio and how to achieve it.
About Training
Training Objectives:
- Understand the basic architecture of Istio and learn how to leverage it in Kubernetes.
- What is a service network and how does it work?
- Understand the features provided by the service network (traffic management, security and observability).
- Understand traffic management (dynamic service discovery and routing, traffic shadowing and traffic splitting).
- Understand security (TLS encryption, identity-based authentication and authorization).
- Understanding observability (automated metrics, logs and traces).
- Understand the extensibility of Istio (connecting VMs or other endpoints outside Kubernetes).
Training Content:
- Introduction
- Traffic management – Gateway
- Manage external services
- Encrypt the connection (mTLS)
- Commissioning
- Error injection
- Load balancing
- Application Authentication
- Advanced Routing
- Fault Injection
- mTLS
- Observability
- Open Policy Agent
- Cert Manager
Who Should Receive the Training?
- DevOps Engineers
- Linux System Administrators
- System Design Engineers
- IT Architects
- Everyone working with microservices
- People who are familiar with containerized applications and container orchestration technologies and want to improve the security of their environment.
Requirements
- Basic Docker Knowledge
- Basic Kubernetes Knowledge
- Linux Command Line Knowledge
- Knowledge of JSON and/or YAML syntax
Plan this training for your business!
This training can be planned in different durations and content specific to your organization. Please contact us for detailed rich content and planning to realize your training objectives.
