Remember how cool Kubernetes seemed when you first started using it? A simple, easy API for scalable compute in any cloud: just a Deployment and a Service and you’re done! But as you use it more, you learn that this isn’t really enough. A production system needs requests and limits, liveness checks, HPAs, PDBs, PSPs, etc.
The same is true for Istio, which can solve a lot of the problems with microservices out of the box, but isn’t magic. When you get beyond playing with bookinfo, more configuration is needed to get the most out of it.
In this talk I’ll show you how to:
Identify app versions, deploy canaries and run A/B tests
Set timeouts
Configure retries, with exponential backoff
Enforce rate limits
Enable circuit breakers
Inject faults for testing
I’ll also cover a couple of the big security features:
Enabling mTLS
Using service-to-service access control lists (RBAC)
6. Running resilient workloads with Istio @mt165
Pod
Pod
Pod
Break the Monolith
Namespace A
Namespace B
Namespace C
Namespace A
Namespace B
Namespace C