Google, IBM and Lyft are merging some of their learned best practices around microservices to create a new open-source project called Istio. Istio was developed to connect, manage and secure microservices. The goal of the project is to tackle challenges around resilience, visibility, and security.
Istio is a Layer 7 traffic monitoring and control network designed to work with Kubernetes everywhere, on premise or in the cloud. Today, developers can manually enable the alpha release of Istio on Google Container Engine. It takes a single command to install Istio on any Kubernetes cluster, which will then create a service mesh that, according to Varun Talwar, product manager at Google, is a layer between the services and the networks.
The service mesh lets developers delegate a lot of problems around visibility and security, according to Talwar. It also gives developers and teams traffic encryption, and automatic load balancing for HTTP, gRPC, and TCP traffic. With the service mesh, teams can provide centralized management regardless of the scale and velocity of their applications.
Talwar said since Google has already seen many companies rolling out their microservices on top of Kubernetes, they chose Istio to work with Kubernetes first before they start to expand to other environments, which Talwar said is to come in the near future.
“I think the reality is microservices are here to stay,” said Talwar. “People of course think it’s a great idea for agility, but if you actually want to run and operate and manage [microservices] at scale with large teams, there is a gap. And a framework like [Istio] can take care of hard concepts around resilience, visibility and security.”
Istio is the latest open source effort from Google, and overall, the company has been working on best practices around security, visibility, and management of microservices for 15 years, according to Talwar. And while Istio is just one part of the solution to make microservices easier to manage and build, Google has also been working with the community to contribute to Open Service Broker, a platform designed to simplify service delivery and consumption. According to Google, the services powered by Istio will be able to seamlessly participate in the Service Broker ecosystem.
Looking ahead, Google also wants to bring Istio capabilities to Cloud Endpoints and Apigee Edge. Once Istio becomes production-ready, the goal is to provide deeper integration with the rest of Google Cloud.