Using Istio Service Mesh on Kubernetes
Startdata en plaatsen
Beschrijving
Course Overview
This course explains how to use the Istio ServiceMesh for routing and managing and network traffic, enforce security and how to observe telemetry.
Course Prerequisites
Students are expected to have basic knowledge of Kubernetes. We advice students to follow our KUBERNETES course. Though not required, it is helpful to have an understanding of Microservice architecture and patterns
Outline
Introduction
- Introduction to a Service Mesh
- Introduce/recap Micro-services Architecture (MSA ) patterns (in particular the sideecar)
- Discuss challenges in a service mesh
- Understand the differences between an Enterprise Service Bus (ESB) and a Service Mesh
- Introduce Istio
- High-l…
Veelgestelde vragen
Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.
Course Overview
This course explains how to use the Istio ServiceMesh for routing and managing and network traffic, enforce security and how to observe telemetry.
Course Prerequisites
Students are expected to have basic knowledge of Kubernetes. We advice students to follow our KUBERNETES course. Though not required, it is helpful to have an understanding of Microservice architecture and patterns
Outline
Introduction
- Introduction to a Service Mesh
- Introduce/recap Micro-services Architecture (MSA ) patterns (in particular the sideecar)
- Discuss challenges in a service mesh
- Understand the differences between an Enterprise Service Bus (ESB) and a Service Mesh
- Introduce Istio
- High-level architecture of Istio
- Components of the data plane and control plane
- Introduce the Envoy project and its use in Istio
- Brief overview of installation and configuration techniques (e.g, Istioctl, Helm)
- Install Istio using Istioctl
Traffic Management
- Overview of traffic management with Istio
- Controlling Ingress and Egress trafic
- Configuring Gateways
- Defining Virtual Services
- Understand host and destination bindings
- Controlling HTTP trafic (matching, rewriting, redirecting, …)
- Testing resilience by using declarative faults
- Using Destination rules
- Flowing traffic to different versions (subsets)
- Managing versions using mirroring
- Explicitly adding Service Entries for outside traffic
- Resilience service with Circuit Breakers
Security
- Understand the need for declarative security
- List security tasks (identity, message privacy, message integrity, non-repudiation)
- Understand Istio identity (users, services)
- Add end-user authentication using JWT
- Apply Mutual TLS (mTLS) for inter-service authentication
- Managing certificates
- mTLS Migration techniques
- Using namespaces and label selectors to enforce policies
- Define HTTP-based access-control
- Using JWT to define end-user/external client access control
Telemetry
- Overview of Istio's Observability options
- Using Envoy's access logs
- Introduce Metrics
- Understand the different levels of metrics gathering (Envoy, Service and control plane)
- Configuring service-level metrics
- Using Prometheus and Grafana for metric visualisation
- Trace request traffic through your mesh (Distributed traces)
- Using Jaeger as a trace-backend (discuss other options)
Welkom bij EDC4IT: Uw Innovatiehub voor IT-Training
Ontdek de kracht van onze interactieve Open Source Technologieën, DevOps en Infrastructuur cursussen:
- Praktisch & Toepasbaar: Cursusmateriaal dat direct impact maakt in uw werk.
- Persoonlijke Groei: On-the-job coaching en gepersonaliseerde consultancy.
- Deskundige Trainers: Leer van de besten, met state-of-the-art materiaal.
- Voorop in IT: Blijf vooruit met onze actuele en innovatieve aanpak.
Zet Nu de Stap met EDC4IT – Vergroot uw vaardigheden, versnel uw carrière.
Blijf op de hoogte van nieuwe ervaringen
Deel je ervaring
Heb je ervaring met deze cursus? Deel je ervaring en help anderen kiezen. Als dank voor de moeite doneert Springest € 1,- aan Stichting Edukans.Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.