In this book, we are focusing on Istio, Linkerd, and Consul from the implementation perspective.
A service mesh implementation, such as Istio, takes away some of the responsibilities of developers and puts them in a dedicated layer so that they are consumable without writing any code. In other words, it frees up developers so that they can focus on business logic and places more responsibility in the hands of operational professionals.
This book is not about developing microservices, and so does not cover the persona of a developer.
Chapter 1, Monolithic Versus Microservices, provides a high-level overview of monolithic versus microservices-based applications. The evolution of service-oriented architecture to microservices-based architecture became possible as a result of distributed computing through Kubernetes.
Chapter 2, Cloud-Native Applications, provides an overview of building cloud-native applications using container-based environments to develop applications built with services that can scale independently. This chapter explains the ease of Development (Dev) using the polyglot app through containerization and the assumption of further responsibilities by Operations (Ops) due to the decoupling of services.
Chapter 3, Service Mesh Architecture, covers the evolution of the term service mesh and its origin. It provides an overview of the service mesh as a decoupling agent between Dev (provider) and Ops (consumer) and explains basic and advanced service communication through smart endpoints and trust between microservices.
Chapter 4, Service Mesh Providers, provides an overview of the three open source service mesh providers – Istio, Linkerd, and Consul.
Chapter 5, Service Mesh Interface and SPIFFE, provides an introduction to the evolving service mesh interface specification. The SPIFFE specification offers secure naming for the services running in a Kubernetes environment.
Chapter 6, Building Your Own Kubernetes Environment, explains how, in order to learn about service meshes with any of the three providers throughout this book, having a development environment is essential. There are choices when it comes to spinning a Kubernetes cluster in a public cloud, and that requires an upfront cost. This chapter provides a straightforward way to build your single-node Kubernetes environment so that you can practice the examples using your laptop or MacBook.
Chapter 7, Understanding the Istio Service Mesh, shows the architecture of the Istio control plane and its features and functions.
Chapter 8, Installing the Demo Application, shows how to install the demo application for Istio.
Chapter 9, Installing Istio, shows the different ways of installing Istio using separate profiles to suit the end goal of a service mesh.
Chapter 10, Exploring Istio Traffic Management Capabilities, shows Istio's features of traffic routing from the perspectives of canary testing, A/B testing, traffic splitting, shaping, and conditional routing.
Chapter 11, Exploring Istio Security Features, explores how to secure service-to-service communication using mTLS, securing gateways, and using Istio Citadel as a certificate authority.
Chapter 12, Enabling Istio Policy Controls, explores of enabling network controls, rate limits, and the enforcement of quotas without having to change the application.
Chapter 13, Exploring Istio Telemetry Features, looks at using observability features in Prometheus, Grafana, and Kiali to display collected metrics and service-to-service communication.
Chapter 14, Understanding the Linkerd Service Mesh, shows the architecture of Linkerd from the control plane perspective to demonstrate its features and functions.
Chapter 15, Installing Linkerd, shows how to install Linkerd in Kubernetes, how to set up a Linkerd demo emoji application, and how to inject a sidecar proxy.
Chapter 16, Exploring the Reliability Features of Linkerd, goes through Linkerd traffic reliability features and covers load balancing, retries, traffic splitting, timeout circuit breaking, and dynamic request routing.
Chapter 17, Exploring the Security Features of Linkerd, explains the process of setting up mTLS without any configuration by default and gradual installation as regards the certificate creation process.
Chapter 18, Exploring the Observability Features of Linkerd, details the Linkerd dashboard and CLI, which provides some insights into the service mesh for live traffic, success rates, routes, and latencies.
Chapter 19, Understanding the Consul Service Mesh, shows the architecture of Consul from the control plane perspective to demonstrate its features and functions.
Chapter 20, Installing Consul, shows how to install Consul in Kubernetes and VMs/bare-metal machines.
Chapter 21, Exploring the Service Discovery Features of Consul, shows a demo application explaining Consul service discovery, key/value stores, ACLs, intentions, and monitoring/metrics collection. We explain the integration process of external services running in a non-Kubernetes environment.
Chapter 22, Exploring Traffic Management in Consul, shows the integration of Consul using the open source project Ambassador. It shows traffic management capabilities such as rate limits, self-service routing, testing, and enabling end-to-end TLS through the use of an Envoy sidecar proxy.