Cloud Expert

Istio — Service Mesh průvodce¶

IstioService MeshmTLSTraffic Management 5 min read

Istio architektura, traffic management, mTLS a observabilita.

Architecture¶

istioctl install --set profile=default
kubectl label namespace default istio-injection=enabled

Data plane (Envoy sidecars) + Control plane (istiod).

Traffic Management¶

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: my-api
spec:
  hosts: [my-api]
  http:
    - route:
        - destination: {host: my-api, subset: v1}
          weight: 90
        - destination: {host: my-api, subset: v2}
          weight: 10

mTLS¶

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
  namespace: istio-system
spec:
  mtls:
    mode: STRICT

Automatická encryption mezi všemi services, zero-code.

Summary¶

Istio = nejkomplexnější mesh. mTLS + traffic management + observabilita bez změny kódu.

Need Help with Implementation?¶

Our team has experience designing and implementing modern architectures. We’re happy to help.

Free Consultation

CORE SYSTEMS tým

Stavíme core systémy a AI agenty, které drží provoz. 15 let zkušeností s enterprise IT.

Všechny články

Istio — Service Mesh průvodce

Istio — Service Mesh průvodce¶

Architecture¶

Traffic Management¶

mTLS¶

Summary¶

Need Help with Implementation?¶

CORE SYSTEMS tým

Další know-how

OpenStack — building a private cloud from scratch

Container orchestration: Kubernetes vs Mesos vs Swarm

Kubernetes 1.0: Production Container Orchestration Is Here