istio
anthos-service-mesh-packages
Our great sponsors
istio | anthos-service-mesh-packages | |
---|---|---|
87 | 2 | |
34,943 | 130 | |
1.3% | 0.0% | |
10.0 | 8.2 | |
6 days ago | 2 days ago | |
Go | Shell | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
istio
-
Improve your EKS cluster with Istio and Cilium : Better networking and security
Istio is a popular open-source service mesh framework that provides a comprehensive solution for managing, securing, and observing microservices-based applications running on Kubernetes.
-
Optimal JMX Exposure Strategy for Kubernetes Multi-Node Architecture
Leverage a service mesh like Istio or Linkerd to manage communication between microservices within the Kubernetes cluster. These service meshes can be configured to intercept JMX traffic and enforce access control policies. Benefits:
-
Open Source Ascendant: The Transformation of Software Development in 2024
Open Source and Cloud Computing: A Match Made in Heaven The cloud is accelerating OSS adoption. Cloud-native technologies like Kubernetes [https://kubernetes.io/] and Istio [https://istio.io/], both open-source projects, are revolutionizing how applications are built and deployed across cloud platforms.
-
Delving Deeper: Enriching Microservices with Golang with CloudWeGo
Consider the case of Bookinfo, a sample application provided by Istio, rewritten using CloudWeGo's Kitex for superior performance and extensibility.
-
How to Build & Deploy Scalable Microservices with NodeJS, TypeScript and Docker || A Comprehesive Guide
It is a dedicated infrastructure layer that manages service-to-service communication, providing features like load balancing, encryption, authentication, and monitoring. Istio deploys sidecar proxies alongside each microservice instance. These proxies handle communication, providing features like load balancing, service discovery, encryption, monitoring and authentication.
-
Caddy for Certs and Istio for Reverse Proxy
5Y old post that sounds like they've done similar here: Caddy Issue Istio Issue but doesn't cover much of the implementation
- Understanding Istio: A Beginner's Guide to Service Mesh
-
Developer’s Guide to Building Kubernetes Cloud Apps ☁️🚀
In a production environment there will be a load balancer setup with an Ingress Controller, Service Mesh or some type of Custom Router. This allows all traffic to be sent to the single load balancer IP address and then route the traffic to a service based on the Domain name or subpath. We are using a NGINX ingress controller but service meshes like Istio have been becoming the most popular solution to use as they offer more segmentation, security and granular control.
-
Progressive Delivery on AKS: A Step-by-Step Guide using Flagger with Istio and FluxCD
Flagger is a progressive delivery tool that enables a Kubernetes operator to automate the promotion or rollback of deployments based on metrics analysis. It supports a variety of metrics including Prometheus, Datadog, and New Relic to name a few. It also works well with Istio service mesh, and can implement progressive traffic splitting between primary and canary releases.
-
Implementing TLS in Kubernetes
End-to-end data encryption with a service mesh: Using an end-to-end data encryption mechanism with a service mesh like Istio, TLS can secure communication between different microservices within a Kubernetes cluster. This is a popular approach for modern, distributed microservice architectures.
anthos-service-mesh-packages
-
Installing GCP Anthos using Terraform
module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: ------------- module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: Running: 'kpt pkg get --auto-set=false https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages.git/[email protected]+config2 asm' module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: ------------- module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: Running: 'kpt pkg get --auto-set=false https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages.git/[email protected]+config2 asm' module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: ------------- module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: Running: 'kpt pkg get --auto-set=false https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages.git/[email protected]+config2 asm' module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): install_asm_1.10: ------------- module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): .terraform/modules/asm/modules/asm/scripts/install_asm.sh: line 211: 15216 Segmentation fault: 11 ./install_asm_${ASM_VERSION} --verbose --project_id ${PROJECT_ID} --cluster_name ${CLUSTER_NAME} --cluster_location ${CLUSTER_LOCATION} --mode ${MODE} ${MCP_COMMAND_SNIPPET} ${OPTIONS_COMMAND_SNIPPET} ${CUSTOM_OVERLAYS_COMMAND_SNIPPET} ${OUTDIR_COMMAND_SNIPPET} ${ENABLE_ALL_COMMAND_SNIPPET} ${ENABLE_CLUSTER_ROLES_COMMAND_SNIPPET} ${ENABLE_CLUSTER_LABELS_COMMAND_SNIPPET} ${ENABLE_GCP_COMPONENTS_COMMAND_SNIPPET} ${ENABLE_REGISTRATION_COMMAND_SNIPPET} ${ENABLE_NAMESPACE_CREATION_COMMAND_SNIPPET} ${CA_COMMAND_SNIPPET} ${CA_CERTS_COMMAND_SNIPPET} ${SERVICE_ACCOUNT_COMMAND_SNIPPET} ${KEY_FILE_COMMAND_SNIPPET} ${REVISION_NAME_COMMAND_SNIPPET} module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): + cleanup module.asm.module.asm_install.module.gcloud_kubectl.null_resource.run_command[0] (local-exec): + rm -rf /tmp/kubectl_wrapper_6385_10294
-
Anthos Service Mesh, Istio on Google Cloud ⛵️
install_asm: Setting up necessary files... install_asm: Fetching/writing GCP credentials to kubeconfig file... install_asm: [WARNING]: nc not found, skipping k8s connection verification install_asm: [WARNING]: (Installation will continue normally.) install_asm: Checking installation tool dependencies... install_asm: Getting account information... install_asm: Confirming cluster information for kevin-anthos-asm/europe-north1-a/anthos-asm-demo... install_asm: Downloading ASM.. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 41.7M 100 41.7M 0 0 31.5M 0 0:00:01 0:00:01 --:--:-- 31.5M install_asm: Downloading ASM kpt package... fetching package "/asm" from "https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages" to "asm" install_asm: Confirming node pool requirements for kevin-anthos-asm/europe-north1-a/anthos-asm-demo... install_asm: Checking Istio installations... install_asm: Enabling required APIs... install_asm: Binding user:[email protected] to required IAM roles... install_asm: Checking for project kevin-anthos-asm... install_asm: Reading labels for europe-north1-a/anthos-asm-demo... install_asm: Adding labels to europe-north1-a/anthos-asm-demo... install_asm: Enabling Workload Identity on europe-north1-a/anthos-asm-demo... install_asm: (This could take awhile, up to 10 minutes) install_asm: Initializing meshconfig API... install_asm: Enabling Stackdriver on europe-north1-a/anthos-asm-demo... install_asm: Querying for core/account... install_asm: Binding [email protected] to cluster admin role... clusterrolebinding.rbac.authorization.k8s.io/kevin.davin-cluster-admin-binding created install_asm: Creating istio-system namespace... namespace/istio-system created install_asm: Configuring kpt package... asm/ set 22 field(s) of setter "gcloud.container.cluster" to value "anthos-asm-demo" asm/ set 40 field(s) of setter "gcloud.core.project" to value "kevin-anthos-asm" asm/ set 2 field(s) of setter "gcloud.project.projectNumber" to value "62405001080" asm/ set 6 field(s) of setter "gcloud.project.environProjectNumber" to value "62405001080" asm/ set 21 field(s) of setter "gcloud.compute.location" to value "europe-north1-a" asm/ set 2 field(s) of setter "gcloud.compute.network" to value "kevin-anthos-asm-default" asm/ set 6 field(s) of setter "anthos.servicemesh.rev" to value "asm-193-2" asm/ set 2 field(s) of setter "anthos.servicemesh.tag" to value "1.9.3-asm.2" install_asm: Installing validation webhook fix... service/istiod created install_asm: Installing ASM control plane... install_asm: ...done! install_asm: Installing ASM CanonicalService controller in asm-system namespace... namespace/asm-system created customresourcedefinition.apiextensions.k8s.io/canonicalservices.anthos.cloud.google.com created role.rbac.authorization.k8s.io/canonical-service-leader-election-role created clusterrole.rbac.authorization.k8s.io/canonical-service-manager-role created clusterrole.rbac.authorization.k8s.io/canonical-service-metrics-reader created serviceaccount/canonical-service-account created rolebinding.rbac.authorization.k8s.io/canonical-service-leader-election-rolebinding created clusterrolebinding.rbac.authorization.k8s.io/canonical-service-manager-rolebinding created clusterrolebinding.rbac.authorization.k8s.io/canonical-service-proxy-rolebinding created service/canonical-service-controller-manager-metrics-service created deployment.apps/canonical-service-controller-manager created install_asm: Waiting for deployment... deployment.apps/canonical-service-controller-manager condition met install_asm: ...done! install_asm: install_asm: ***************************** client version: 1.9.3-asm.2 control plane version: 1.9.3-asm.2 data plane version: 1.9.3-asm.2 (2 proxies) install_asm: ***************************** install_asm: The ASM control plane installation is now complete. install_asm: To enable automatic sidecar injection on a namespace, you can use the following command: install_asm: kubectl label namespace istio-injection- istio.io/rev=asm-193-2 --overwrite install_asm: If you use 'istioctl install' afterwards to modify this installation, you will need install_asm: to specify the option '--set revision=asm-193-2' to target this control plane install_asm: instead of installing a new one. install_asm: To finish the installation, enable Istio sidecar injection and restart your workloads. install_asm: For more information, see: install_asm: https://cloud.google.com/service-mesh/docs/proxy-injection install_asm: The ASM package used for installation can be found at: install_asm: /home/kevin_davin/anthos/asm/2021-05-11-apres-midi/asm-downloads/asm install_asm: The version of istioctl that matches the installation can be found at: install_asm: /home/kevin_davin/anthos/asm/2021-05-11-apres-midi/asm-downloads/istio-1.9.3-asm.2/bin/istioctl install_asm: A symlink to the istioctl binary can be found at: install_asm: /home/kevin_davin/anthos/asm/2021-05-11-apres-midi/asm-downloads/istioctl install_asm: The combined configuration generated for installation can be found at: install_asm: /home/kevin_davin/anthos/asm/2021-05-11-apres-midi/asm-downloads/asm-193-2-manifest-raw.yaml install_asm: The full, expanded set of kubernetes resources can be found at: install_asm: /home/kevin_davin/anthos/asm/2021-05-11-apres-midi/asm-downloads/asm-193-2-manifest-expanded.yaml install_asm: ***************************** install_asm: Successfully installed ASM.
What are some alternatives?
osm - Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
terraform-google-kubernetes-engine - Configures opinionated GKE clusters
keda - KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes
crossplane - The Cloud Native Control Plane
falco - Cloud Native Runtime Security
kratos - Your ultimate Go microservices framework for the cloud-native era.
thanos - Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.
helm - The Kubernetes Package Manager
metrics-server - Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.
Telegraf - The plugin-driven server agent for collecting & reporting metrics.
k0s - k0s - The Zero Friction Kubernetes
velero - Backup and migrate Kubernetes applications and their persistent volumes