Managing Microservices Traffic With Istio
Deploying modules of a microservices architecture rather than monolithic gives the flexibility to select different languages and technologies. Maintaining multiple microservices operations is complex and users might face many problems over services like monitoring, traffic routing, service discovery, and security between services. We can overcome these problems by having “Istio” installed on our platform.
In this article, I am going to explain the core features of Istio and traffic routing between services internally or externally.
What is Istio?
Istio is an open-source framework that provides operational control over the services by offering a complete solution to fulfil various requirements of the microservice applications.
Why use Istio?
Istio provides easy solutions to manage a network of deployed services with load balancing, service-to-service authentication, monitoring, and more without rewriting or recompiling any of their service code.
Core features of Istio:
1. Traffic management
Istio provides easy rules configuration to get the control flow of traffic and API calls between the services. Configuration of service-level properties like timeouts, retries, and traffic splits are based on the percentage.
Istio provides a variety of monitoring tools to observe service mesh of the services and configure custom dashboards to see external traffic visibility, upstream, downstream, and external traffic and so on.
3. Platform support
Istio is platform-independent and is designed to support multi-cloud environments. You can deploy Istio on Kubernetes with any cloud platform like AWS, Google Cloud and Azure.
Istio provides many features for traffic routing with easy configurations and without having to change your service code.
I am taking movie-service as an example to explain traffic routing in detail. It has movie’s details along with cast, crew, rating and so on. Let us deploy movie-service as two different subset versions – V1 & V2.
- Version V1 has free movies – all users will get the movies list.
- V2 is a paid version – only premium users will have access to the list.
Routing traffic to multiple versions of a service:
Accessing movies list based on the header to divide traffic within the service can be achieved using the following concepts in Istio.
Virtual service – configures an ordered list of routing rules to control and split traffic based on conditions.
Destination rules – configures all subset versions which are having the service in your virtual service.
Apply virtual service and destination rules for movie-service based on the header (UserType free/premium) to get the list of movies to play.
Connecting external services through mesh:
Istio provides an inbound/outbound security to your service mesh. You should allow external service URLs to communicate through your service mesh.
Service entries – configure any external URL to connect through your mesh.
Movie-service sends notifications to users in the form of Email/SMS. For this to be accomplished, we need to configure the Email/SMS URL in the service entry level.
Service Discovery is a process to identify and register services to a single network. Communication from one service to another is quite easy using Service Discovery concept provided by Istio. You can enable communication between micro-services directly using service names.
Service mesh observability:
Istio provides many monitoring tools to identify the failures in your mesh and to see how communication happens through your mesh internally/externally, such as:
- How many requests are received from a client
- Success and failure rates
- What are the external services connecting to our service mesh
- Increasing pods size based on which service is having more traffic
Following are the various ways to split traffic to microservices based on your requirements:
- Match request URL – you can split traffic based on the URL specified
- Percentage splitting – 50% of the requests go to one version of service and the other 50% of the requests go to another version of service
- Multiple match conditions – One can apply and/or conditions to traffic routing
- Matching header – Based on the header parameter one can divert traffic to different versions of the service
In microservices application, the set of services are running and communicating internally/externally along with security and splitting the traffic between them based on various requirements. This can be maintained by easy configurations without changing your service code using Istio framework.
We can deploy a separate subset version of the services and split traffic based on our requirement. This can help to execute A/B testing of end-to-end services. You can find success/failure rates with the help of grafana/kiali monitoring tools.
Contact for further details
Technology Specialist – Digital Java