Articles

Traffic Management With Istio (1): Unified Management of TCP Ingress Traffic Routing Based on Istio Rules

,

The Istio traffic management model basically allows for the decoupling of traffic from infrastructure scaling, allowing operations personnel to specify the rules to apply to traffic using Pilot instead of specifying which pods/VMS should receive traffic. Decoupling traffic from infrastructure scaling allows Istio to provide a variety of traffic management functions independent of application code. The Envoy sidecar proxy implements these functions.

In a typical mesh, you often have one or more finalizing external TLS connections at the end to guide traffic into the mesh’s load balancer (known as a gateway); the traffic then flows through internal services after the sidecar gateway. The following figure illustrates the use of gateways in a mesh:

Source de l’article sur DZONE

/0 Commentaires/par

API Gateway vs. Service Mesh

,

A common question that people ask is “should I use Ambassador if I’m using a service mesh (usually Istio)?” After all, both Ambassador and Istio are built on the Envoy Proxy. Moreover, Istio recently added support for explicitly managing ingress with the Gateway abstraction. So, do you need an API Gateway if you’re using a service mesh?

Ambassador (and API Gateways in general) focus on north/south traffic, i.e., traffic into your data center. Istio (and other service meshes) handle east/west traffic, i.e., traffic between services in your data center. If your service mesh already manages L7 traffic, can you use it for managing north/south traffic?

Source de l’article sur DZONE

/0 Commentaires/par