分类: 痕迹化阅读

Istio In Action – part two

Posted on | by bob

Part two Securing, observing,and controlling your service’s network traffic

Chapter 4 Istio gateways: Getting traffic into a cluster

4.1 Traffic ingress concepts

4.1.1 Virtual IPs: Simplifying service access

4.1.2 Virtual hosting: Multiple services from a single access point

4.2 Istio ingress gateways

4.2.3 Overall view of traffic flow

4.3 Securing gateway traffic

4.3.3 HTTP traffic with mutual TLS

4.5 Operational tips

Chapter 5 Traffic control: Fine-grained traffic routing

5.1 Reducing the risk of deploying new code

5.1.1 Deployment vs. release

5.2 Routing requests with Istio

5.3 Traffic shifting

5.4 Reducing risk even further: Traffic mirroring

5.5 Routing to services outside your cluster by using Istio’s service discovery

In this chapter, we explored how to reduce the risk of deploying new code by using
traffic mirroring, traffic shifting, and traffic routing to slowly introduce changes to our
users.

In the next chapter, we look at making application interactions more resilient
by implementing timeouts, retries, and circuit breakers.

Istio In Action – part one

Posted on | by bob

Part 1 Understanding Istio

Chapter 1 Introducing the Istio service mesh

1.1 Challenges of going faster

1.1.1 Our cloud infrastructure is not reliable

1.2 Solving these challenges with application libraries

1.3 Pushing these concerns to the infrastructure

1.3.2 Meet the Envoy proxy

1.4 What’s a service mesh?

A service mesh is a distributed application infrastructure that is responsible for handling network traffic on behalf of the application in a transparent, out-of-process manner.

1.5 Introducing the Istio service mesh

1.5.1 How a service mesh relates to an enterprise service bus

1.5.2 How a service mesh relates to an API gateway

1.5.4 Where Istio fits in distributed architectures

Chapter 2 First steps with Istio

2.1 Deploying Istio on Kubernetes

kubectl get nodes

curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.13.0 sh -

istioctl x precheck

istioctl install --set profile=demo -y

kubectl get pod -n istio-system

istioctl verify-install

kubectl apply -f ./samples/addons

2.2 Getting to know the Istio control plane

2.2.1 Istiod

2.2.2 Ingress and egress gateway

2.3 Deploying your first application in the service mesh

2.4 Exploring the power of Istio with resilience,observability, and traffic control

2.4.2 Istio for resiliency

Chapter 3 Istio’s data plane: The Envoy proxy

3.1 What is the Envoy proxy?

3.1.1 Envoy’s core features

  • SERVICE DISCOVERY
  • LOAD BALANCING
  • TRAFFIC AND REQUEST ROUTING
  • TRAFFIC SHIFTING AND SHADOWING CAPABILITIES
  • NETWORK RESILIENCE
  • HTTP/2 AND GRPC
  • OBSERVABILITY WITH METRICS COLLECTION
  • OBSERVABILITY WITH DISTRIBUTED TRACING
  • AUTOMATIC TLS TERMINATION AND ORIGINATION
  • RATE LIMITING
  • EXTENDING ENVOY

3.3 Envoy in action

3.4 How Envoy fits with Istio

Modernizing Enterprise Java

Posted on | by bob

这本书通过一个简单的微服务项目Coolstore, 一步步介绍了Cloud-Native相关的技术,框架和平台。尽管没有深入讲具体的某门技术,但是从一个更高的视角给予云原生的企业Java的开发一些技术性的介绍也是很好的。

小小总结一下这本书介绍的技术:

Chapter 1 : Revisiting Enterprise Development

Chapter 2 : The Path to Cloud Native Java

Coolstore.Architecture

Chapter 3: Travel Light on Your Pathway

Chapter 4: A Kubernetes-Based Software Development Platform

Chapter 5: Beyond Lift and Shift: Working with Legacy

Chapter 6: Building Kubernetes-Native Applications

Chapter 7: Tomorrow’s Solutions: Serverless

With this chapter, we complete this “Concise Cloud Native Guide for Developers.”
From microservices to functions, Java developers today have a complete set of frame‐
works, tools, and platforms such as Kubernetes that can help them modernize their
architectures, innovate their solutions, and look ahead to solve the next challenges in
today’s IT context. This context is one that is ever more heterogeneous, ubiquitous,
large scale, and cloud native.