The Life of a Packet Through Istio - Deep dive


Recording

Session Information

Conference Link

Abstract

Istio is a service mesh for Kubernetes that offers advanced networking features. It provides intelligent routing, resiliency, and security features, so that service authors don’t have to keep re-implementing them. Istio is rapidly taking off and there are great introductory talks everywhere. However in this session, we will dive deep to explore precisely how it does what it does, following one brave little packet in from the internet and back out again. At each point we’ll see how to configure the features of that component to exploit istio’s full potential. This will give a great insight into Istio’s full power, and its fascinating architecture.

Over the course of the session, we will look at the following components and features, as our packet encounters them:

  • cloud / kubernetes networking
  • pod construction, namespaces, envoy interception
  • Pilot
  • Mixer
  • canaries
  • traffic splitting
  • circuit breaking
  • traffic mirroring
  • mTLS
  • istio ingress
  • istio egress
  • telemetry

Slides

Coming soon!

Demo Scripts

Reviews

2.73 / 5 (n==45)

Not every talk is perfect, and not all of them are right for the audience. I think this was my mistake here; when I polled the audience at the start, very few had been hands-on with Istio. I was invited to talk to this title, and to me the title and description imply there will be no intro material, just a deep-dive into the workings. However this was a Java conference and I should have considered this.

Detailed feedback:

  • 12 x Learned something new
  • 5 x Very interesting
  • 5 x Difficult to understand
  • 4 x Not enough demos/samples
  • 2 x I loved the demos
  • 2 x Complicated