istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
istio.io/archive/v1.13/about/service-mesh/index.html

18 lines
30 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html><html lang=en itemscope itemtype=https://schema.org/WebPage><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=theme-color content="#466BB0"><meta name=title content="The Istio service mesh"><meta name=description content="Service mesh."><meta name=keywords content="microservices,services,mesh"><meta property="og:title" content="The Istio service mesh"><meta property="og:type" content="website"><meta property="og:description" content="Service mesh."><meta property="og:url" content="/v1.13/about/service-mesh/"><meta property="og:image" content="https://raw.githubusercontent.com/istio/istio.io/master/static/img/istio-whitelogo-bluebackground-framed.svg"><meta property="og:image:alt" content="Istio Logo"><meta property="og:image:width" content="1024"><meta property="og:image:height" content="1024"><meta property="og:site_name" content="Istio"><meta name=twitter:card content="summary"><meta name=twitter:site content="@IstioMesh"><title>Istioldie 1.13 / The Istio service mesh</title><script async src="https://www.googletagmanager.com/gtag/js?id=UA-98480406-2"></script>
<script>window.dataLayer=window.dataLayer||[];function gtag(){dataLayer.push(arguments)}gtag("js",new Date),gtag("config","UA-98480406-2")</script><link rel=alternate type=application/rss+xml title="Istio Blog" href=/v1.13/blog/feed.xml><link rel=alternate type=application/rss+xml title="Istio News" href=/v1.13/news/feed.xml><link rel=alternate type=application/rss+xml title="Istio Blog and News" href=/v1.13/feed.xml><link rel="shortcut icon" href=/v1.13/favicons/favicon.ico><link rel=apple-touch-icon href=/v1.13/favicons/apple-touch-icon-180x180.png sizes=180x180><link rel=icon type=image/png href=/v1.13/favicons/favicon-16x16.png sizes=16x16><link rel=icon type=image/png href=/v1.13/favicons/favicon-32x32.png sizes=32x32><link rel=icon type=image/png href=/v1.13/favicons/android-36x36.png sizes=36x36><link rel=icon type=image/png href=/v1.13/favicons/android-48x48.png sizes=48x48><link rel=icon type=image/png href=/v1.13/favicons/android-72x72.png sizes=72x72><link rel=icon type=image/png href=/v1.13/favicons/android-96x96.png sizes=96xW96><link rel=icon type=image/png href=/v1.13/favicons/android-144x144.png sizes=144x144><link rel=icon type=image/png href=/v1.13/favicons/android-192x192.png sizes=192x192><link rel=mask-icon href=/v1.13/favicons/safari-pinned-tab.svg color=#466bb0><link rel=manifest href=/v1.13/manifest.json><meta name=apple-mobile-web-app-title content="Istio"><meta name=application-name content="Istio"><meta name=msapplication-config content="/browserconfig.xml"><meta name=msapplication-TileColor content="#466BB0"><meta name=theme-color content="#466BB0"><link rel=stylesheet href=/v1.13/css/all.css><link rel=preconnect href=https://fonts.gstatic.com><link rel=stylesheet href="https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;0,700;1,400;1,600&display=swap"><script src=/v1.13/js/themes_init.min.js></script></head><body class="language-unknown archive-site"><script>const branchName="release-1.13",docTitle="The Istio service mesh",iconFile="/v1.13/img/icons.svg",buttonCopy="Copy to clipboard",buttonPrint="Print",buttonDownload="Download"</script><script src="https://www.google.com/cse/brand?form=search-form" defer></script>
<script src=/v1.13/js/all.min.js data-manual defer></script><header class=main-navigation><nav class="main-navigation-wrapper container-l"><div class=main-navigation-header><a id=brand href=/v1.13/ aria-label=logotype><span class=logo><svg xmlns="http://www.w3.org/2000/svg" width="128" height="60" viewBox="0 0 128 60"><path d="M58.434 48.823A.441.441.0 0158.3 48.497V22.583a.444.444.0 01.134-.326.446.446.0 01.327-.134h3.527a.447.447.0 01.325.134.447.447.0 01.134.326v25.914a.443.443.0 01-.134.326.444.444.0 01-.325.134h-3.527a.444.444.0 01-.327-.134z"/><path d="m70.969 48.477a6.556 6.556.0 01-2.818-1.955 4.338 4.338.0 01-1-2.78v-.345a.443.443.0 01.134-.326.444.444.0 01.326-.135h3.374a.444.444.0 01.326.135.445.445.0 01.134.326v.077a2.014 2.014.0 001.054 1.667 4.672 4.672.0 002.664.709 4.446 4.446.0 002.492-.633 1.862 1.862.0 00.958-1.591 1.426 1.426.0 00-.786-1.322 12.7 12.7.0 00-2.549-.939l-1.457-.46a21.526 21.526.0 01-3.3-1.227 6.57 6.57.0 01-2.262-1.783 4.435 4.435.0 01-.92-2.894 5.081 5.081.0 012.109-4.275 8.993 8.993.0 015.558-1.591 10.445 10.445.0 014.1.748 6.3 6.3.0 012.722 2.07 5 5 0 01.958 3.009.441.441.0 01-.134.326.441.441.0 01-.325.134h-3.258a.441.441.0 01-.326-.134.443.443.0 01-.134-.326 1.974 1.974.0 00-.978-1.667 4.647 4.647.0 00-2.665-.671 4.741 4.741.0 00-2.435.556 1.724 1.724.0 00-.938 1.553 1.512 1.512.0 00.9 1.4 15.875 15.875.0 003.01 1.055l.843.229a27.368 27.368.0 013.412 1.246 6.67 6.67.0 012.338 1.763 4.387 4.387.0 01.958 2.933 4.988 4.988.0 01-2.146 4.275 9.543 9.543.0 01-5.712 1.552 11.626 11.626.0 01-4.227-.709z"/><path d="m97.039 32.837a.443.443.0 01-.326.135h-3.911a.169.169.0 00-.191.192v9.239a2.951 2.951.0 00.632 2.108 2.7 2.7.0 002.013.652h1.15a.444.444.0 01.325.134.441.441.0 01.134.326v2.875a.471.471.0 01-.459.5l-1.994.039a8 8 0 01-4.524-1.035q-1.495-1.035-1.533-3.91V33.166A.17.17.0 0088.164 32.974H85.978A.441.441.0 0185.652 32.839.441.441.0 0185.518 32.513V29.83a.441.441.0 01.134-.326.444.444.0 01.326-.135h2.186a.169.169.0 00.191-.192v-4.485a.438.438.0 01.134-.326.44.44.0 01.325-.134h3.336a.443.443.0 01.325.134.442.442.0 01.135.326v4.485a.169.169.0 00.191.192h3.911a.446.446.0 01.326.135.446.446.0 01.134.326v2.683a.446.446.0 01-.133.324z"/><path d="m101.694 25.917a2.645 2.645.0 01-.767-1.955 2.65 2.65.0 01.767-1.955 2.65 2.65.0 011.955-.767 2.65 2.65.0 011.955.767 2.652 2.652.0 01.767 1.955 2.647 2.647.0 01-.767 1.955 2.646 2.646.0 01-1.955.767 2.645 2.645.0 01-1.955-.767zm-.211 22.906a.441.441.0 01-.134-.326V29.79a.444.444.0 01.134-.326.446.446.0 01.326-.134h3.527a.446.446.0 01.326.134.445.445.0 01.134.326v18.707a.443.443.0 01-.134.326.443.443.0 01-.326.134h-3.527a.443.443.0 01-.326-.134z"/><path d="m114.019 47.734a8.1 8.1.0 01-3.047-4.255 14.439 14.439.0 01-.652-4.37 14.3 14.3.0 01.614-4.371A7.869 7.869.0 01114 30.56a9.072 9.072.0 015.252-1.5 8.543 8.543.0 015.041 1.5 7.985 7.985.0 013.009 4.14 12.439 12.439.0 01.69 4.37 13.793 13.793.0 01-.651 4.37 8.255 8.255.0 01-3.028 4.275 8.475 8.475.0 01-5.1 1.553 8.754 8.754.0 01-5.194-1.534zm7.629-3.1a4.536 4.536.0 001.476-2.262 11.335 11.335.0 00.383-3.221 10.618 10.618.0 00-.383-3.22 4.169 4.169.0 00-1.457-2.243 4.066 4.066.0 00-2.531-.785 3.942 3.942.0 00-2.453.785 4.376 4.376.0 00-1.5 2.243 11.839 11.839.0 00-.383 3.22 11.84 11.84.0 00.383 3.221 4.222 4.222.0 001.476 2.262 4.075 4.075.0 002.549.8 3.8 3.8.0 002.44-.809z"/><path d="m15.105 32.057v15.565a.059.059.0 01-.049.059L.069 50.25A.06.06.0 01.005 50.167l14.987-33.47a.06.06.0 01.114.025z"/><path d="m17.631 23.087v24.6a.06.06.0 00.053.059l22.449 2.507a.06.06.0 00.061-.084L17.745.032a.06.06.0 00-.114.024z"/><path d="m39.961 52.548-24.833 7.45a.062.062.0 01-.043.0L.079 52.548a.059.059.0 01.026-.113h39.839a.06.06.0 01.017.113z"/></svg></span></a><button id=hamburger class=main-navigation-toggle aria-label="Open navigation"><svg class="icon menu-hamburger"><use xlink:href="/v1.13/img/icons.svg#menu-hamburger"/></svg></button>
<button id=menu-close class=main-navigation-toggle aria-label="Close navigation"><svg class="icon menu-close"><use xlink:href="/v1.13/img/icons.svg#menu-close"/></svg></button></div><div id=header-links class=main-navigation-links-wrapper><ul class=main-navigation-links><li class=main-navigation-links-item><a class="main-navigation-links-link has-dropdown"><span>About</span><svg class="icon dropdown-arrow"><use xlink:href="/v1.13/img/icons.svg#dropdown-arrow"/></svg></a><ul class=main-navigation-links-dropdown><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/service-mesh class=main-navigation-links-link>Service mesh</a></li><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/solutions class=main-navigation-links-link>Solutions</a></li><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/case-studies class=main-navigation-links-link>Case studies</a></li><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/ecosystem class=main-navigation-links-link>Ecosystem</a></li><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/deployment class=main-navigation-links-link>Deployment</a></li><li class=main-navigation-links-dropdown-item><a href=/v1.13/about/faq class=main-navigation-links-link>FAQ</a></li></ul></li><li class=main-navigation-links-item><a href=/v1.13/blog/ class=main-navigation-links-link><span>Blog</span></a></li><li class=main-navigation-links-item><a href=/v1.13/news/ class=main-navigation-links-link><span>News</span></a></li><li class=main-navigation-links-item><a href=/v1.13/get-involved/ class=main-navigation-links-link><span>Get involved</span></a></li><li class=main-navigation-links-item><a href=/v1.13/docs/ class=main-navigation-links-link><span>Documentation</span></a></li></ul><div class=main-navigation-footer><button id=search-show class=search-show title="Search this site" aria-label=Search><svg class="icon magnifier"><use xlink:href="/v1.13/img/icons.svg#magnifier"/></svg></button>
<a href=/v1.13/docs/setup/getting-started class="btn btn--primary" id=try-istio>Try Istio</a></div></div><form id=search-form class=search name=cse role=search><input type=hidden name=cx value=002184991200833970123:iwwf17ikgf4>
<input type=hidden name=ie value=utf-8>
<input type=hidden name=hl value=en>
<input type=hidden id=search-page-url value=/search>
<input id=search-textbox class="search-textbox form-control" name=q type=search aria-label="Search this site" placeholder=Search>
<button id=search-close title="Cancel search" type=reset aria-label="Cancel search"><svg class="icon menu-close"><use xlink:href="/v1.13/img/icons.svg#menu-close"/></svg></button></form></nav></header><div class=banner-container></div><nav aria-label=Breadcrumb class=container-l><ol><li><a href title="Get a bit more in-depth info about the Istio project.">About</a><svg class="icon breadcrumb-arrow"><use xlink:href="/v1.13/img/icons.svg#breadcrumb-arrow"/></svg></li><li>The Istio service mesh</li></ol></nav><main class="primary container about"><div class=article-container><article aria-labelledby=title><div class=title-area><div style=width:100%><h1 id=title>The Istio service mesh</h1><p class=subtitle>Istio addresses the challenges developers and operators face with a distributed or microservices architecture. Whether you're building from scratch or migrating existing applications to cloud native, Istio can help.</p></div></div><div class=centered-block><figure><img src=/v1.13/img/service-mesh.svg alt="Service mesh"><figcaption><h4>By adding a proxy "sidecar" along with every application deployed, Istio lets you program application-aware traffic management, incredible observability, and robust security capabilities into your network.</h4></figcaption></figure></div><div class=centered-block><h2 id=what-is-a-service-mesh>What is a Service Mesh?</h2><p>Modern applications are typically architected as distributed collections of microservices, with each collection of microservices performing some discrete business function. A service mesh is a dedicated infrastructure layer that you can add to your applications. It allows you to transparently add capabilities like observability, traffic management, and security, without adding them to your own code. The term &ldquo;service mesh&rdquo; describes both the type of software you use to implement this pattern, and the security or network domain that is created when you use that software.</p><p>As the deployment of distributed services, such as in a Kubernetes-based system, grows in size and complexity, it can become harder to understand and manage. Its requirements can include discovery, load balancing, failure recovery, metrics, and monitoring. A service mesh also often addresses more complex operational requirements, like A/B testing, canary deployments, rate limiting, access control, encryption, and end-to-end authentication.</p><p>Service-to-service communication is what makes a distributed application possible. Routing this communication, both within and across application clusters, becomes increasingly complex as the number of services grow. Istio helps reduce this complexity while easing the strain on development teams</p></div><div class=centered-block><h2 id=what-is-istio>What is Istio?</h2><p>Istio is an open source service mesh that layers transparently onto existing distributed applications. Istio&rsquo;s powerful features provide a uniform and more efficient way to secure, connect, and monitor services. Istio is the path to load balancing, service-to-service authentication, and monitoring with few or no service code changes. Its powerful control plane brings vital features, including:</p><ul><li>Secure service-to-service communication in a cluster with TLS encryption, strong identity-based authentication and authorization</li><li>Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic</li><li>Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection</li><li>A pluggable policy layer and configuration API supporting access controls, rate limits and quotas</li><li>Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress</li></ul><p>Istio is designed for extensibility and can handle a diverse range of deployment needs. Istio&rsquo;s control plane runs on Kubernetes, and you can add applications deployed in that cluster to your mesh, extend the mesh to other clusters, or even connect VMs or other endpoints running outside of Kubernetes.</p><p>A large ecosystem of contributors, partners, integrations, and distributors extend and leverage Istio for a wide variety of scenarios.
You can install Istio yourself, or a number of vendors have products that integrate Istio and manage it for you.</p></div><div class=centered-block><h2 id=how-it-works>How it Works</h2><p>Istio has two components: the data plane and the control plane.</p><p>The data plane is the communication between services. Without a service mesh, the network doesn&rsquo;t understand the traffic being sent over, and can&rsquo;t make any decisions based on what type of traffic it is, or who it is from or to.</p><p>Service mesh uses a proxy to intercept all your network traffic, allowing a broad set of application-aware features based on configuration you set.</p><p>An Envoy proxy is deployed along with each service that you start in your cluster, or runs alongside services running on VMs.</p><p>The control plane takes your desired configuration, and its view of the services, and dynamically programs the proxy servers, updating them as the rules or the environment changes.</p><figure><img src=/v1.13/img/service-mesh-before.svg alt="Before utilizing Istio"><figcaption><h4>Before utilizing Istio</h4></figcaption></figure><figure><img src=/v1.13/img/service-mesh.svg alt="After utilizing Istio"><figcaption><h4>After utilizing Istio</h4></figcaption></figure></div><h1 id=concepts>Concepts</h1><div class=feature-block><div class=feature-block-image><svg xmlns="http://www.w3.org/2000/svg" id="Group_4864" width="70.94" height="72" viewBox="0 0 70.94 72"><defs id="defs64"><style id="style62">.cls-1{fill:none}</style></defs><circle id="Ellipse_1" cx="5.229" cy="5.229" r="5.229" class="cls-1"/><circle id="Ellipse_2" cx="5.229" cy="5.229" r="5.229" class="cls-1"/><circle id="Ellipse_3" cx="5.229" cy="5.229" r="5.229" class="cls-1"/><path id="Path_212" d="M216.656-283.631a10.074 10.074.0 00-9.7 7.579h-4.017a2.442 2.442.0 01-2.425-2.425V-297.2h6.366a10.009 10.009.0 009.7 7.579 9.994 9.994.0 0010-10 9.995 9.995.0 00-10-10 10.075 10.075.0 00-9.7 7.579h-6.366v-18.8a2.442 2.442.0 012.426-2.425h4.016a9.926 9.926.0 009.7 7.579 9.995 9.995.0 0010-10 9.995 9.995.0 00-10.079-9.928 10.075 10.075.0 00-9.7 7.579h-4.017a7.2 7.2.0 00-7.2 7.2v18.872h-7.2v-5.235a8.8 8.8.0 00-8.792-8.792h-15.156a8.8 8.8.0 00-8.792 8.792v15.309a8.8 8.8.0 008.792 8.792h15.309a8.8 8.8.0 008.792-8.792v-5.229h7.124v18.72a7.2 7.2.0 007.2 7.2h4.017a9.925 9.925.0 009.7 7.579 10 10 0 0010-10 10 10 0 00-9.998-10.01zm-.076-21.221a5.239 5.239.0 015.229 5.229 5.239 5.239.0 01-5.229 5.229 5.239 5.239.0 01-5.229-5.229 5.239 5.239.0 015.229-5.229zm0-26a5.239 5.239.0 015.229 5.229 5.239 5.239.0 01-5.229 5.229 5.239 5.239.0 01-5.229-5.229 5.24 5.24.0 015.229-5.225zm-37.592 29.482-6.821 6.821a2.349 2.349.0 01-1.667.682 2.349 2.349.0 01-1.667-.682l-3.562-3.562a2.472 2.472.0 010-3.411 2.472 2.472.0 013.411.0l1.895 1.895 5.078-5.078a2.455 2.455.0 013.334-.076 2.471 2.471.0 01-.002 3.415zm37.592 32.97a5.239 5.239.0 01-5.229-5.229 5.239 5.239.0 015.229-5.229 5.239 5.239.0 015.229 5.229 5.239 5.239.0 01-5.229 5.229z" transform="translate(-155.72 335.623)"/></svg></div><div><h2 class=feature-block-header>Traffic management</h2><div class=feature-block-text><p>Routing traffic, both within a single cluster and across clusters, affects performance and enables better deployment strategy. Istio&rsquo;s traffic routing rules let you easily control the flow of traffic and API calls between services. Istio simplifies configuration of service-level properties like circuit breakers, timeouts, and retries, and makes it easy to set up important tasks like A/B testing, canary deployments, and staged rollouts with percentage-based traffic splits.</p></div></div></div><div class=feature-block><div class=feature-block-image><svg xmlns="http://www.w3.org/2000/svg" id="Group_4866" width="72" height="66.013" viewBox="0 0 72 66.013"><g id="Group_228"><path id="Path_235" d="M69.2 60.328h-6.6V28.269a1.876 1.876.0 00-1.895-1.895h-6.137a1.876 1.876.0 00-1.895 1.895v32.059h-6.366v-22.66a1.876 1.876.0 00-1.895-1.895h-6.138a1.876 1.876.0 00-1.895 1.895v22.66h-6.366V45.7a1.877 1.877.0 00-1.895-1.895h-6.139A1.877 1.877.0 0020.084 45.7v14.628H5.608V52.75h5.229a2.8 2.8.0 100-5.608H5.608v-7.579h5.229a2.8 2.8.0 000-5.609H5.608v-7.579h5.229a2.8 2.8.0 000-5.608H5.608v-7.5h5.229a2.8 2.8.0 000-5.608H5.608V2.8A2.848 2.848.0 002.8.0 2.848 2.848.0 000 2.8v60.4A2.847 2.847.0 002.8 66h66.4a2.842 2.842.0 000-5.684"/><path id="Path_236" d="M32.4 34.72l6.821-7.882a12.315 12.315.0 006.67 1.364A12.69 12.69.0 1032.327 16.455a12.267 12.267.0 002.349 6.366L27.855 30.7a3.028 3.028.0 00.3 4.32 2.943 2.943.0 004.244-.3m12.13-25.769A6.609 6.609.0 1138.39 16a6.617 6.617.0 016.139-7.048"/></g></svg></div><div><h2 class=feature-block-header>Observability</h2><div class=feature-block-text><p>As services grow in complexity, it becomes challenging to understand behavior and performance. Istio generates detailed telemetry for all communications within a service mesh. This telemetry provides observability of service behavior, empowering operators to troubleshoot, maintain, and optimize their applications. Even better, you get almost all of this instrumentation without requiring application changes. Through Istio, operators gain a thorough understanding of how monitored services are interacting.</p><p>Istio&rsquo;s telemetry includes detailed metrics, distributed traces, and full access logs. With Istio, you get thorough and comprehensive service mesh observability.</p></div></div></div><div class=feature-block><div class=feature-block-image><svg xmlns="http://www.w3.org/2000/svg" id="Group_4944" width="56.813" height="71.242" viewBox="0 0 56.813 71.242"><path id="Path_237" d="M56.79 29.334V16.066c0-1.5.051-3.022.0-4.524V11.491A2.608 2.608.0 0054.923 9.038Q50.517 7.51 46.1 5.982 39.148 3.576 32.2 1.161c-1.019-.36-2.038-.76-3.082-1.07-1.095-.331-2.351.322-3.361.671L12.447 5.371Q7.24 7.179 2.041 8.979C1.982 8.996 1.931 9.021 1.871 9.039A2.625 2.625.0 000 11.491v15.737c0 3.31-.008 6.621.0 9.931a26.2 26.2.0 001.46 8.514 38.126 38.126.0 009.74 14.628 53.567 53.567.0 0014.166 9.81c.541.255 1.1.5 1.647.741a2.139 2.139.0 00.721.328 3.108 3.108.0 00.436.042 2.21 2.21.0 00.914-.067 2.541 2.541.0 00.66-.293 52.982 52.982.0 0014.313-9.146 39.6 39.6.0 0010.356-13.751 28.671 28.671.0 002.292-8.87c.136-1.57.085-3.158.085-4.737zm-5.248 10.628a25.724 25.724.0 01-1.549 5.576 32.057 32.057.0 01-2.965 5.348c-.305.45-.62.891-.951 1.324l-.027.035c-.059.059-.1.135-.152.194-.17.212-.34.424-.518.637-.7.849-1.435 1.672-2.2 2.47a48.119 48.119.0 01-4.88 4.413 1.786 1.786.0 00-.292.232L37.4 60.647c-.441.323-.891.645-1.341.951-.874.6-1.774 1.18-2.682 1.732a51.063 51.063.0 01-4.944 2.621 51.8 51.8.0 01-9.69-5.821c-.085-.059-.45-.348-.093-.076s-.008-.008-.093-.076c-.221-.17-.433-.348-.645-.518Q17.263 58.938 16.639 58.39C15.799 57.66 14.992 56.905 14.211 56.124s-1.528-1.587-2.249-2.428C11.636 53.312 11.31 52.921 10.998 52.521A2.894 2.894.0 0010.782 52.244C10.621 52.023 10.459 51.811 10.298 51.59A32.385 32.385.0 016.831 45.524 25.733 25.733.0 015.29 39.983a37.909 37.909.0 01-.177-4.462V13.34L12 10.956q6.965-2.419 13.929-4.83 1.252-.431 2.5-.867l8.06 2.794q6.965 2.419 13.921 4.83l1.307.452v21.389a45.247 45.247.0 01-.172 5.238"/><path id="Path_238" d="m43.455 22.891a2.586 2.586.0 00-3.6.0l-5.788 5.791-9.159 9.159-.314.314-6.409-6.409-1.171-1.171a2.5455844 2.5455844.0 10-3.6 3.6l8.208 8.208 1.171 1.171a2.578 2.578.0 003.6.0l5.789-5.789 9.159-9.159 2.114-2.114a2.578 2.578.0 000-3.6"/></svg></div><div><h2 class=feature-block-header>Security capabilities</h2><div class=feature-block-text><p>Microservices have particular security needs, including protection against man-in-the-middle attacks, flexible access controls, auditing tools, and mutual TLS. Istio includes a comprehensive security solution to give operators the ability to address all of these issues. It provides strong identity, powerful policy, transparent TLS encryption, and authentication, authorization and audit (AAA) tools to protect your services and data.</p><p>Istio&rsquo;s security model is based on security-by-default, aiming to provide in-depth defense to allow you to deploy security-minded applications even across distrusted networks.</p></div></div></div><h1 id=solutions>Solutions</h1><script src=https://cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/js/splide.min.js></script>
<link rel=stylesheet href=https://cdn.jsdelivr.net/npm/@splidejs/splide@latest/dist/css/splide.min.css><script>document.addEventListener("DOMContentLoaded",function(){new Splide(".solutions",{type:"loop",perPage:3,start:1,arrows:!1,gap:"2.5rem",fixedWidth:"320px",breakpoints:{1120:{perPage:1,fixedWidth:0,padding:0}}}).mount()})</script><div class="solutions splide istio-splide"><div class=splide__track><ul class=splide__list><li class=splide__slide><a class="panel panel--carousel" href=/v1.13/about/solutions/enabling-defense-in-depth-for-enterprise-applications/><div class=panel-body><h5 class=panel-title>Enabling Defense-in-Depth for Enterprise Applications</h5><span class="btn btn--primary panel-btn">Learn more</span></div></a></li><li class=splide__slide><a class="panel panel--carousel" href=/v1.13/about/solutions/increasing-kubernetes-deployment-and-management-efficiency/><div class=panel-body><h5 class=panel-title>Increasing Kubernetes deployment and management efficiency</h5><span class="btn btn--primary panel-btn">Learn more</span></div></a></li><li class=splide__slide><a class="panel panel--carousel" href=/v1.13/about/solutions/instituting-observability-and-sre-best-practices/><div class=panel-body><h5 class=panel-title>Instituting Observability and SRE Best Practices</h5><span class="btn btn--primary panel-btn">Learn more</span></div></a></li></ul></div></div><div class=cta-container><a href=/v1.13/about/solutions class=btn>Go to solutions</a></div></article><div id=feedback><div id=feedback-initial>Was this information useful?<br><button class="btn feedback" onclick='sendFeedback("en",1)'>Yes</button>
<button class="btn feedback" onclick='sendFeedback("en",0)'>No</button></div><div id=feedback-comment>Do you have any suggestions for improvement?<br><br><input id=feedback-textbox type=text placeholder="Help us improve..." data-lang=en></div><div id=feedback-thankyou>Thanks for your feedback!</div></div><div id=endnotes-container aria-hidden=true><h2>Links</h2><ol id=endnotes></ol></div></div></main><footer class=footer><div class="footer-wrapper container-l"><div class="user-links footer-links"><a class=channel title="GitHub is where development takes place on Istio code" href=https://github.com/istio/community aria-label=GitHub><svg class="icon github"><use xlink:href="/v1.13/img/icons.svg#github"/></svg></a><a class=channel title="Access our team drive if you'd like to take a look at the Istio technical design documents" href=https://groups.google.com/forum/#!forum/istio-team-drive-access aria-label="team drive"><svg class="icon drive"><use xlink:href="/v1.13/img/icons.svg#drive"/></svg></a><a class=channel title="Interactively discuss issues with the Istio community on Slack" href=https://slack.istio.io aria-label=slack><svg class="icon slack"><use xlink:href="/v1.13/img/icons.svg#slack"/></svg></a><a class=channel title="Stack Overflow is where you can ask questions and find curated answers on deploying, configuring, and using Istio" href=https://stackoverflow.com/questions/tagged/istio aria-label="Stack Overflow"><svg class="icon stackoverflow"><use xlink:href="/v1.13/img/icons.svg#stackoverflow"/></svg></a><a class=channel title="Follow us on Twitter to get the latest news" href=https://twitter.com/IstioMesh aria-label=Twitter><svg class="icon twitter"><use xlink:href="/v1.13/img/icons.svg#twitter"/></svg></a></div><hr class=footer-separator role=separator><div class="info footer-info"><a class=logo href=/v1.13/ aria-label=logotype><svg xmlns="http://www.w3.org/2000/svg" width="128" height="60" viewBox="0 0 128 60"><path d="M58.434 48.823A.441.441.0 0158.3 48.497V22.583a.444.444.0 01.134-.326.446.446.0 01.327-.134h3.527a.447.447.0 01.325.134.447.447.0 01.134.326v25.914a.443.443.0 01-.134.326.444.444.0 01-.325.134h-3.527a.444.444.0 01-.327-.134z"/><path d="m70.969 48.477a6.556 6.556.0 01-2.818-1.955 4.338 4.338.0 01-1-2.78v-.345a.443.443.0 01.134-.326.444.444.0 01.326-.135h3.374a.444.444.0 01.326.135.445.445.0 01.134.326v.077a2.014 2.014.0 001.054 1.667 4.672 4.672.0 002.664.709 4.446 4.446.0 002.492-.633 1.862 1.862.0 00.958-1.591 1.426 1.426.0 00-.786-1.322 12.7 12.7.0 00-2.549-.939l-1.457-.46a21.526 21.526.0 01-3.3-1.227 6.57 6.57.0 01-2.262-1.783 4.435 4.435.0 01-.92-2.894 5.081 5.081.0 012.109-4.275 8.993 8.993.0 015.558-1.591 10.445 10.445.0 014.1.748 6.3 6.3.0 012.722 2.07 5 5 0 01.958 3.009.441.441.0 01-.134.326.441.441.0 01-.325.134h-3.258a.441.441.0 01-.326-.134.443.443.0 01-.134-.326 1.974 1.974.0 00-.978-1.667 4.647 4.647.0 00-2.665-.671 4.741 4.741.0 00-2.435.556 1.724 1.724.0 00-.938 1.553 1.512 1.512.0 00.9 1.4 15.875 15.875.0 003.01 1.055l.843.229a27.368 27.368.0 013.412 1.246 6.67 6.67.0 012.338 1.763 4.387 4.387.0 01.958 2.933 4.988 4.988.0 01-2.146 4.275 9.543 9.543.0 01-5.712 1.552 11.626 11.626.0 01-4.227-.709z"/><path d="m97.039 32.837a.443.443.0 01-.326.135h-3.911a.169.169.0 00-.191.192v9.239a2.951 2.951.0 00.632 2.108 2.7 2.7.0 002.013.652h1.15a.444.444.0 01.325.134.441.441.0 01.134.326v2.875a.471.471.0 01-.459.5l-1.994.039a8 8 0 01-4.524-1.035q-1.495-1.035-1.533-3.91V33.166A.17.17.0 0088.164 32.974H85.978A.441.441.0 0185.652 32.839.441.441.0 0185.518 32.513V29.83a.441.441.0 01.134-.326.444.444.0 01.326-.135h2.186a.169.169.0 00.191-.192v-4.485a.438.438.0 01.134-.326.44.44.0 01.325-.134h3.336a.443.443.0 01.325.134.442.442.0 01.135.326v4.485a.169.169.0 00.191.192h3.911a.446.446.0 01.326.135.446.446.0 01.134.326v2.683a.446.446.0 01-.133.324z"/><path d="m101.694 25.917a2.645 2.645.0 01-.767-1.955 2.65 2.65.0 01.767-1.955 2.65 2.65.0 011.955-.767 2.65 2.65.0 011.955.767 2.652 2.652.0 01.767 1.955 2.647 2.647.0 01-.767 1.955 2.646 2.646.0 01-1.955.767 2.645 2.645.0 01-1.955-.767zm-.211 22.906a.441.441.0 01-.134-.326V29.79a.444.444.0 01.134-.326.446.446.0 01.326-.134h3.527a.446.446.0 01.326.134.445.445.0 01.134.326v18.707a.443.443.0 01-.134.326.443.443.0 01-.326.134h-3.527a.443.443.0 01-.326-.134z"/><path d="m114.019 47.734a8.1 8.1.0 01-3.047-4.255 14.439 14.439.0 01-.652-4.37 14.3 14.3.0 01.614-4.371A7.869 7.869.0 01114 30.56a9.072 9.072.0 015.252-1.5 8.543 8.543.0 015.041 1.5 7.985 7.985.0 013.009 4.14 12.439 12.439.0 01.69 4.37 13.793 13.793.0 01-.651 4.37 8.255 8.255.0 01-3.028 4.275 8.475 8.475.0 01-5.1 1.553 8.754 8.754.0 01-5.194-1.534zm7.629-3.1a4.536 4.536.0 001.476-2.262 11.335 11.335.0 00.383-3.221 10.618 10.618.0 00-.383-3.22 4.169 4.169.0 00-1.457-2.243 4.066 4.066.0 00-2.531-.785 3.942 3.942.0 00-2.453.785 4.376 4.376.0 00-1.5 2.243 11.839 11.839.0 00-.383 3.22 11.84 11.84.0 00.383 3.221 4.222 4.222.0 001.476 2.262 4.075 4.075.0 002.549.8 3.8 3.8.0 002.44-.809z"/><path d="m15.105 32.057v15.565a.059.059.0 01-.049.059L.069 50.25A.06.06.0 01.005 50.167l14.987-33.47a.06.06.0 01.114.025z"/><path d="m17.631 23.087v24.6a.06.06.0 00.053.059l22.449 2.507a.06.06.0 00.061-.084L17.745.032a.06.06.0 00-.114.024z"/><path d="m39.961 52.548-24.833 7.45a.062.062.0 01-.043.0L.079 52.548a.059.059.0 01.026-.113h39.839a.06.06.0 01.017.113z"/></svg></a><div class=footer-languages><a tabindex=-1 lang=en id=switch-lang-en class="footer-languages-item active"><svg class="icon tick"><use xlink:href="/v1.13/img/icons.svg#tick"/></svg>English</a>
<a tabindex=-1 lang=zh id=switch-lang-zh class=footer-languages-item>中文</a></div></div><ul class=footer-policies><li class=footer-policies-item><a class=footer-policies-link href=https://policies.google.com/privacy>Privacy policy</a> |
<a class=footer-policies-link href=https://github.com/istio/istio.io/edit/release-1.13/content/en/about/service-mesh/index.md>Edit this Page on GitHub</a></li></ul><div class=footer-base><span class=footer-base-copyright>&copy; 2022 Istio Authors.</span>
<span class=footer-base-version>Version
Archive
1.13.4</span><ul class=footer-base-releases><li class=footer-base-releases-item><a tabindex=-1 class=footer-base-releases-link onclick='return navigateToUrlOrRoot("https://istio.io/about/service-mesh/"),!1'>current release</a></li><li class=footer-base-releases-item><a tabindex=-1 class=footer-base-releases-link onclick='return navigateToUrlOrRoot("https://preliminary.istio.io/about/service-mesh/"),!1'>next release</a></li><li class=footer-base-releases-item><a tabindex=-1 class=footer-base-releases-link href=https://istio.io/archive>older releases</a></li></ul></div></div></footer><div id=scroll-to-top-container aria-hidden=true><button id=scroll-to-top title="Back to top" tabindex=-1><svg class="icon top"><use xlink:href="/v1.13/img/icons.svg#top"/></svg></button></div></body></html>
Reference in New Issue View Git Blame Copy Permalink