Istio Hands-On for Kubernetes
Istio is one of the most talked-about frameworks in recent years! If you've worked with Kubernetes before, then you'll want to learn Istio! With this hands-on, practical course, you'll be able to gain experience in running your own Istio Service Meshes. Warning - Istio currently (April 2022) doesn't support the new Mac M1 architecture.
More
In particular, Ingress gateways don't currently work. It looks like Istio won't be adding support any time soon, sadly. In the meantime, you can still study most of the course but there may be occasional problems! You could also use something like an EC2 instance to run Istio.
This course is designed to be clear and understandable - and fun! But we also go into detail - you'll be learning how to use Istio in real production scenarios - and you'll be looking at the inner workings of Istio.
You can run this course on your own computer, using Minikube (8Gb of Host Ram required) - you don't need a cloud provider, although you can also run the course there - anywhere that you can run Kubernetes!
After a brief talk about what Istio is, we go straight into a hands-on demo, where you'll experience how Istio can solve difficult problems on live projects.
Then you'll find out the details of:
Traffic Management
Telemetry
Visualisation (with Kiali)
Distributed Tracing (with Jaeger)
Using Grafana to monitor network traffic
How to deploy canary releases
How to do "Dark Releases"
Istio VirtualServices and DestinationRules
Load Balancing and Session Affinity
Istio Gateways
Resilience testing with Fault Injection
Circuit Breaking/Outlier Detection
Securing cluster traffic with Mutual TLS (mTLS)
The "learning curve" for Istio is steep - which is why I've designed this course to be as clear and understandable as possible, and I hope with the hands-on demos, you'll also have fun along the way. But most of all, Istio is an extremely powerful tool, and it's a great addition to your CV!
Watch Online Istio Hands-On for Kubernetes
# | Title | Duration |
---|---|---|
1 | Introduction | 03:40 |
2 | What is Istio? | 20:02 |
3 | Getting Istio Running | 18:13 |
4 | Enabling Sidecar Injection | 05:14 |
5 | Visualizing the System with Kiali | 15:57 |
6 | Finding Performance Problems | 14:16 |
7 | Introducing Envoy - The Data Plane | 12:02 |
8 | Going Deeper into Envoy (Optional Video) | 23:04 |
9 | Starting the Demo System | 14:02 |
10 | Kiali Deeper Dive | 22:00 |
11 | Kiali Dynamic Traffic Routing | 12:32 |
12 | Distributed Tracing Overview | 13:56 |
13 | Using Jaeger UI | 17:25 |
14 | Why you need to "Propagate Headers" | 20:32 |
15 | What happens if you don't propagate headers? | 07:36 |
16 | Metrics with Grafana | 14:57 |
17 | Introducing Canaries | 09:41 |
18 | Canaries with Replicas | 10:16 |
19 | Version Grouping | 07:25 |
20 | Elegant Canaries and Staged Releases | 11:07 |
21 | What is an Istio VirtualService? | 19:10 |
22 | VirtualService Configuration in yaml | 12:24 |
23 | What is an Istio DestinationRule? | 15:53 |
24 | Session Affinity ("Stickiness") | 17:01 |
25 | What is Consistent Hashing useful for? | 21:43 |
26 | Why do I need an Ingress Gateway? | 21:26 |
27 | Edge Proxies and Gateways | 25:24 |
28 | Prefix based routing | 14:41 |
29 | Subdomain Routing | 11:43 |
30 | Header Based Routing | 10:45 |
31 | Dark Releases for all Microservices | 27:18 |
32 | Fault Injection | 19:30 |
33 | Cascading Failures | 24:38 |
34 | Configuring Outlier Detection | 23:10 |
35 | Testing Circuit Breakers | 11:46 |
36 | Why is encryption needed inside a cluster? | 18:08 |
37 | How Istio can upgrade traffic to TLS | 07:34 |
38 | Enabling mTLS - it's Automatic | 03:29 |
39 | STRICT vs PERMISSIVE mTLS | 19:41 |
40 | STRICT mTLS Works in Both Directions | 01:24 |
41 | Introducing istioctl | 11:20 |
42 | Istio Profiles | 09:34 |
43 | Installing addons | 05:45 |
44 | Tuning Profiles | 17:00 |
45 | Default vs Demo Profiles - CPU and Memory | 16:01 |
46 | Generating YAML Manifests | 09:03 |
47 | In-Place Upgrades | 28:06 |
48 | "Canary Upgrades" (Rolling Upgrades) | 24:20 |
49 | Live Cluster Switchovers (Alternative to the official upgrade paths) | 09:25 |
50 | Goodbye | 03:42 |