Istio hits 1.4, and gets Mixer-less and experimental

Istio security
Istio security

The Istio project shipped a “major update” of the service mesh this week, promising changes that will make it easier to use as well as a raft of experimental and beta features.

The Istio team has put Mixer-less telemetry at the top of the new feature list with v1.4.  Mixer is a “rich intermediation layer between the Istio components, Istio-based services, and the infrastructure backends.

However,  simpler is usually better, and the team reckons “Our implementation of telemetry without Mixer will simplify installation and operation of meshes, all while vastly improving performance.”

As part of this, “The in-proxy generation of HTTP metrics has graduated from experimental to alpha” while v1.4 adds “new experimental features that don’t require Mixer: TCP metrics and Stackdriver metrics.”

Advertisement

The team has also put in “tons of work” on Envoy, which means the sidecar component now “exits more gracefully on crashes, supports more metrics, and can mirror traffic to a percentage of traffic.”

Envoy also now reports the direction of traffic and has better configuration of stat patterns. It gets an experimental command “that can tell you when configuration has been pushed to all proxies in the mesh.” The Pilot traffic management component has also been improved so that it doesn’t send redundant config info to Envoy when changes are needed.

A v1beta1 authorization policy that focuses on “simplification and flexibility” is now in beta, and will v1alpha1 RBAC policy. There is also experimental support for automatic mutual TLS, trust domain migration, and aDNS certificate management.

You can see a full list of the changes on the Istio site here. The Istio team shipped v1.3.5 earlier this week.

- Advertisement -