Bootstrapping Service Mesh Implementations with Istio: Build reliable, scalable, and secure microservices on Kubernetes with Service Mesh

A step-by-step guide to Istio Service Mesh implementation, with examples of complex and distributed workloads built using microservices architecture and deployed in Kubernetes

Purchase of the print or Kindle book includes a free PDF eBook

Key Features:

• Learn the design, implementation, and troubleshooting of Istio in a clear and concise format
• Grasp concepts, ideas, and solutions that can be readily applied in real work environments
• See Istio in action through examples that cover Terraform, GitOps, AWS, Kubernetes, and Go

Book Description:

Istio is a game-changer in managing connectivity and operational efficiency of microservices, but implementing and using it in applications can be challenging. This book will help you overcome these challenges and gain insights into Istio's features and functionality layer by layer with the help of easy-to-follow examples. It will let you focus on implementing and deploying Istio on the cloud and in production environments instead of dealing with the complexity of demo apps.

You'll learn the installation, architecture, and components of Istio Service Mesh, perform multi-cluster installation, and integrate legacy workloads deployed on virtual machines. As you advance, you'll understand how to secure microservices from threats, perform multi-cluster deployments on Kubernetes, use load balancing, monitor application traffic, implement service discovery and management, and much more. You'll also explore other Service Mesh technologies such as Linkerd, Consul, Kuma, and Gloo Mesh. In addition to observing and operating Istio using Kiali, Prometheus, Grafana and Jaeger, you'll perform zero-trust security and reliable communication between distributed applications.

After reading this book, you'll be equipped with the practical knowledge and skills needed to use and operate Istio effectively.

What You Will Learn:

• Get an overview of Service Mesh and the problems it solves
• Become well-versed with the fundamentals of Istio, its architecture, installation, and deployment
• Extend the Istio data plane using WebAssembly (Wasm) and learn why Envoy is used as a data plane
• Understand how to use OPA Gatekeeper to automate Istio's best practices
• Manage communication between microservices using Istio
• Explore different ways to secure the communication between microservices
• Get insights into traffic flow in the Service Mesh
• Learn best practices to deploy and operate Istio in production environments

Who this book is for:

The book is for DevOps engineers, SREs, cloud and software developers, sysadmins, and architects who have been using microservices in Kubernetes-based environments. It addresses challenges in application networking during microservice communications. Working experience on Kubernetes, along with knowledge of DevOps, application networking, security, and programming languages like Golang, will assist with understanding the concepts covered.

《Istio服務網格實施逐步指南》是一本提供Istio服務網格實施的逐步指南，並以使用微服務架構建立的複雜和分散工作負載的示例來說明，這些工作負載在Kubernetes上部署。

購買印刷版或Kindle電子書的讀者將獲得免費的PDF電子書。

主要特點：
- 以清晰簡潔的格式學習Istio的設計、實施和故障排除。
- 掌握可以在實際工作環境中立即應用的概念、思想和解決方案。
- 通過涵蓋Terraform、GitOps、AWS、Kubernetes和Go的示例，實際演示Istio的運作。

書籍描述：
Istio在管理微服務的連接性和操作效率方面具有革命性的影響，但在應用中實施和使用它可能具有挑戰性。本書將幫助您克服這些挑戰，並通過易於理解的示例逐層深入了解Istio的功能和功能。它將讓您專注於在雲端和生產環境中實施和部署Istio，而不是處理演示應用程序的複雜性。

您將學習Istio服務網格的安裝、架構和組件，執行多集群安裝，並集成部署在虛擬機上的遺留工作負載。隨著進一步的學習，您將了解如何保護微服務免受威脅，使用Kubernetes進行多集群部署，使用負載平衡，監控應用程序流量，實施服務發現和管理等等。您還將探索其他服務網格技術，如Linkerd、Consul、Kuma和Gloo Mesh。除了使用Kiali、Prometheus、Grafana和Jaeger觀察和操作Istio外，您還將執行零信任安全和可靠的分散應用程序之間的通信。

閱讀本書後，您將具備使用和操作Istio的實用知識和技能。

學到什麼：
- 瞭解服務網格及其解決的問題。
- 熟悉Istio的基礎知識，包括其架構、安裝和部署。
- 使用WebAssembly（Wasm）擴展Istio數據平面，並了解為什麼使用Envoy作為數據平面。
- 瞭解如何使用OPA Gatekeeper自動化Istio的最佳實踐。
- 使用Istio管理微服務之間的通信。
- 探索保護微服務之間通信的不同方法。
- 獲取有關服務網格中的流量流向的見解。
- 學習在生產環境中部署和操作Istio的最佳實踐。

本書適合DevOps工程師、SRE、雲端和軟體開發人員、系統管理員和架構師，他們在基於Kubernetes的環境中使用微服務。本書解決了微服務通信中的應用程式網絡挑戰。具有Kubernetes的工作經驗，以及對DevOps、應用程式網絡、安全性和Golang等程式語言的知識，將有助於理解所涵蓋的概念。