IstioCon 2022 Review and Video, PPT Sharing

Leave a Comment / 17/08/2022 /

foreword

This review article may be a bit late. I have been asked several times in the cloud native community China before when I can watch the video of IstioCon 2022 on station B (the IstioCon organizing committee has already uploaded the video to YouTube, But some people in China may not be able to access YouTube), just recently I and the conference staff asked for the video of the conference and uploaded it to station B.

Video playback and PPT

Most of the content has been uploaded to station B, except for the following three, some people have already uploaded it to station B in advance.

There are three videos of the crash
There are three videos of the crash

PPT can be downloaded directly by selecting the topic you are interested in through the link above.

Summarize

IstioCon 2022 is the second session this year. It will be held online from April 25th to 29th. As one of the organizers of the Chinese session of IstioCon, the author participated in the opening and round-table discussions of the Chinese session of this event. Istio’s Open Source Ecological Outlook”, the following are the forum guests.

image

Opening speech in Chinese: Istio’s Open Source Ecological Outlook Forum Guests

In the past two years, several representative open source projects have emerged in China around Istio, such as Aeraki open sourced by Tencent, Merbridge open sourced by DaoCloud, and Slime open sourced by NetEase. Based on the extensions developed by Istio, what I see are basically from China, which can be said to be Chinese characteristics.

The keywords of this IstioCon are as follows:

  • zero trust
  • Multi-cluster
  • Proxyless
  • eBPF
  • Gateway
  • Safety

At the same time, Google Cloud’s VP Eric Brewer announced a big news to donate Istio to CNCF. Once successful, the three open source projects Kubernetes, Istio, and Knative led by Google will become CNCF’s container orchestration, service mesh, Serverless, etc. The troika of the Kubernetes stack.

image

The Troika of the Kubernetes Technology Stack

What you should know about Istio

  • Istio is only suitable for special scenarios and scales
  • I won’t eat a fat man in one bite, I need to gradually improve one version after another
  • Understanding Envoy is especially important for applying Istio
  • Users don’t want to learn another set of CRDs, please consider adding a layer of abstraction on top of Istio
  • Don’t underestimate the energy required for the Day 2 operation

Istio’s plans for 2022

The conference also announced what Istio will focus on in 2022.

Stability and redefining Istio’s API plane

  • Push current features and APIs to stable
  • Move API configuration from MeshConfig into data plane and make it stable
  • Continue to help align Kubernetes API definitions with Istio APIs (Kubernetes Gateway API)
  • Continue to enhance the Telemetry API: add support for logging with vendors such as OpenTelemetry, filter access logs, and customize the trace service name

Enhanced upgrades and troubleshooting

  • Push revision tag based upgrades to stable
  • Roll out Helm installations to beta
  • Add more analyzers to istioctl and extend the current analyzers to include analyzers for environments other than Kubernetes clusters
  • Users want to use service meshes to troubleshoot services, not to troubleshoot service meshes

Enhanced scalability

  • Wasm Plugin
  • custom authorization
  • Add standardized integration points to include custom CAs or gateways

Extending Istio usage scenarios

  • Support IPv6 and Dual Stack Networking
  • ARM support
  • Extending proxyless Istio using gRPC
  • Performance enhancements: incremental xDS, reduced sidecar latency
What is a dual stack network?
The dual-protocol stack technology refers to enabling both the IPv4 protocol stack and the IPv6 protocol stack on one device. This way, the device can communicate with both IPv4 and IPv6 networks. If the device is a router, then different interfaces of the router are configured with IPv4 addresses and IPv6 addresses respectively, and are likely to be connected to the IPv4 network and the IPv6 network respectively. IPv4/IPv6 dual stack is supported in Kubernetes, see Kubernetes documentation for details
.

Security hardening

  • As secure as possible by default
  • Continue to improve the security best practice documentation
  • push distroless mirroring
  • Software BOM (Bill of Materials, List of Dependent Services)
  • Add extra fuzzing

other enhancements

  • Making Upgrades Easier with Automation: Make Istio’s upgrades work like any other upgrade, publish a reference implementation of upgrade automation
  • Multi-scale and large-scale clusters
  • For developers, we’ve incorporated weekly working group meetings into . For developers, we’ve combined weekly working group meetings, one in the US and one in Asia Pacific.

write at the end

I hope the day when Istio officially enters CNCF will come soon. I also hope to see more terminal case sharing from Istio in the community, and welcome everyone to join the cloud native community
In Zhonglai, we have a dedicated Istio discussion group.

This article is reprinted from https://jimmysong.io/blog/istiocon-2022-recap/
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment