This repository holds all the code and notes produced during the Service Mesh with Istio module of the Full Cycle course.
The following steps will guide you through the process of running the application locally. Make sure to check the prerequisites before starting.
-
Clone the repository
-
Install Docker
-
Install kubectl
-
Install k3d
-
Create the cluster with
k3d cluster createk3d cluster create -p "8000:30000@loadbalancer" --agents 2 -
Install istioctl
-
Install Istio into the cluster
istioctl install -y
-
Label the default namespace to enable automatic sidecar injection
kubectl label namespace default istio-injection=enabled
-
Apply Kubertenes resources
kubectl apply -f . -
Add any addons you want to the cluster. Example:
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.20/samples/addons/prometheus.yaml && \ kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.20/samples/addons/grafana.yaml && \ kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.20/samples/addons/kiali.yaml
-
Create Fortio deployment
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.20/samples/httpbin/sample-client/fortio-deploy.yaml
In order to make it easier to send traffic to the cluster, we are gonna use Fortio. Fortio is a load testing tool that can be used to send traffic to a specific endpoint.
-
Export the Fortio pod into a variable
export FORTIO_POD=$(kubectl get pod -lapp=fortio -o 'jsonpath={.items[0].metadata.name}')
-
Send traffic to the cluster
kubectl exec "$FORTIO_POD" -c fortio -- fortio load -c 2 -qps 0 -t 200s -loglevel Warning http://nginx-service:8000
To access Kiali's dashboard, run the following command:
istioctl dashboard kialiService Mesh is an additional layer added to your cluster to monitor and modify application traffic in real-time, as well as enhance the security and reliability of the entire ecosystem.
Istio is an open-source project that implements a service mesh aiming to reduce the complexity in managing distributed applications, regardless of the language or technology they were developed in. Despite being complex, even more complex are the problems it solves.
K3d is a lightweight wrapper to run k3s (Rancher Lab’s minimal Kubernetes distribution) in docker. It makes it very easy to create single and multi-node k3s clusters in docker, e.g. for local development on Kubernetes.
Manages incoming and outgoing traffic. It works on layers 4-6, ensuring port, host, and TLS management. It is directly connected to a Virtual Service that will be responsible for routing.
A Virtual Service allows you to configure how requests will be routed to a service. It has a series of rules that, when applied, will ensure that the request is directed to the correct destination.
Destination Rules are used to configure the behavior of the traffic that reaches a service. It is possible to configure the load balancing algorithm, timeouts, and circuit breakers.
On Istio consistent Hash is a load balancing algorithm that uses the request's source IP address or Cookie to determine which instance will receive the request. This ensures that the same source IP or Cookie address will always be directed to the same instance. The downside of this algorithm is that it can cause an imbalance in the number of requests per instance that way overloading a single instance for example.
Fault Injection is a technique used to test the resilience of a system. It consists of injecting failures into the system to test how it behaves. Istio allows you to inject delays, aborts, and even HTTP errors.
Circuit Breaker is a technique used to prevent cascading failures. It consists of monitoring the number of errors that occur in a service and, if it exceeds a certain threshold, the circuit is opened and the requests are no longer sent to that service. This prevents the service from becoming overloaded and causing a cascade of failures on all services that depend on it.