Workshop: Fast Track Istio - 2/2

Module 3/4

The Fast Track Istio workshop will get developers up and running with Istio on a live Kubernetes cluster. Let us begin with understanding why enterprises need Service Meshes in the first place. Organizations all over the world are in love with microservices. Teams that adopt microservices have the flexibility to choose their tools and languages, and they can iterate designs and scale quickly.

However, as the number of services in the organizations continue to grow, they face challenges that can be broadly classified into two categories:

• Orchestrate the infrastructure on which the microservices are deployed.
• Consistently implement the best practices of service-to-service communication across microservices.

By adopting container orchestration solutions such as Docker Swarm, Kubernetes, and Marathon, developers gain the ability to delegate infrastructure-centric concerns to the hosting platform. With capabilities such as cluster management, scheduling, service discovery, application state maintenance, and host monitoring, the container orchestration platforms specialize in servicing layers 1–4 of the Open Systems Interconnection (OSI) network stack.

Almost all popular container orchestrators also provide some application life-cycle management (ALM) capabilities at layers 5–7, such as application deployment, application health monitoring, and secret management. However, often these capabilities are not enough to meet all the application-level concerns, such as rate-limiting and authentication.

Istio is an open-source service mesh that automatically adds the network capabilities that Microservices need without requiring developers to make any changes to the source code. Istio simplifies service to service communication, traffic ramping, fault tolerance, performance monitoring, tracking and much more.
In this workshop, participants will learn the fundamentals of Istio, its use cases, configurations, and learn how Istio can take care of almost all of the service management issues for new as well as existing applications by writing and applying configurations on the services. The workshop will cover the hands-on experience of building, deploying and managing applications with Istio on Kubernetes.

Format of the Workshop
We will use a set of simple Microservices applications that resemble real-world scenarios to explore the various nuances of Istio by deploying them to a live Kubernetes cluster. By working through the samples and exercises, the readers will get a thorough understanding of the features of Istio and its advantages. The workshop will be delivered in an easy to digest format over two days. On the first day, we will gain an understanding of the platform and its features, and deploy simple applications to Istio to understand the capabilities of the network APIs. On the second day, we will add traffic management, security policies, and monitoring capabilities to the sample applications.

Value to Developers
This workshop will help developers get familiar with the concepts of Istio and apply them to real-world scenarios. After completing the workshop, the participants will gain experience with the following:

1. The value proposition of Service meshes.
2. Manage inter-microservice communication.
3. Manage the security of microservices through the platform.
4. Configure observability of microservices.
5. Implement common microservice networking patterns.

Workshop Outline
Over two days, participants will build and experience the features of the Istio service mesh.

Day 1: Introduction to Istio
1. Service mesh
2. Use cases
3. Advantages of using Istio as a service mesh
4. Istio architecture
5. Istio components

Day 1: Hands-on Istio
1. Istio deployment on K8s
2. Istio deployment configurations
3. Istioctl client

Day 1: Deploying Application with Istio on Kubernetes Cluster
1. Configuration using Helm
2. Configuration using kubectl
3. Deploying Application

Day 2: Observability and Traffic Management
1. Networking API 1: Egress and ingress gateway
2. Networking API 2: Service entry, destination rule, virtual service
3. Monitoring on Istio: metrics, traces, logs

Day 2: Security
1. Authentication: mTLS, transport authentication, origin authentication
2. Authorization policy
3. Securing ingress

Day 2: Patterns
1. Canary deployments
2. A/B testing with Iter8
3. Implementing microservices patterns: timeouts, retry, circuit breakers, fault injection

Target Audience
• Engineers and DevOps professionals.
• Hands-on Engineering leaders.

System Requirements
• Laptop with network access
• Software installed (see below)

Computer setup
• Windows 10 Pro with Hyper-V and Docker for Windows (with Kubernetes cluster setup)
• Macs with Docker for Mac installed (with Kubernetes cluster setup)
• Visual Studio Code

Supplementary Links
• Docker for Windows:
• Docker For Mac:
• Istio: