Guest post by Jim Barton, Field Engineer at Solo.io
The CNCF Technical Oversight Committee (TOC) recently voted to accept Istio as a CNCF incubating project. Istio solves the challenges of managing microservices by allowing you to easily observe, connect and secure your services, without writing code in your services to perform these functions.
This is an important milestone in Istio’s rapid emergence as a leader in service mesh tech. Istio was founded by IBM, Google, and Lyft in 2017, and a thriving community has grown up around it. The Top 10 contributors over the past year include industry leaders such as Solo.io, Huawei, DaoCloud, Salesforce, Intel, Ericsson, and Red Hat. With over 6,000 contributors from over 1,000 companies at the time of this writing, the Istio project benefits from an active, diverse community and skill set.
The Free Istio Learning Path
Solo.io offers a core set of Istio training courses, beginning with fundamentals and progressing through production readiness, with each offering no-cost certification options for engineers who complete the courses and pass a qualifying exam.
Learning Path, Step 1: Get Started with Istio
The “Get Started with Istio” course covers the basic concepts of Istio and provides hands-on experience with these tasks:
- Installation
- Accepting outside requests via an ingress gateway
- On-boarding services to the mesh
- Securing those services, managing traffic flow
- Establishing service resiliency
- Chaos testing
This introductory course is available on-demand from Solo Academy and also in instructor-led formats. Check the Solo Events page for upcoming instructor-led, public workshop offerings.
Users who complete this course and pass a certification exam will receive a “Fundamentals for Istio” certification from Solo.io.
Learning Path, Step 2: Deploy Istio for Production
The “Deploy Istio for Production” course is tailored for engineers looking to learn more about how Istio works and how to operationalize it for their organization. We cover topics like the basics of routing, observability, and security, and then expand into leveraging Istio for a DevOps CI/CD flow, zero-downtime upgrades of Istio control plane, plugging in with existing PKI, and running Istio on VMs and across multiple clusters.
This is a hands-on series of lessons focused on what it takes to deploy Istio into production. You will have access to your own sandboxed Linux VM with a Kubernetes cluster and Istio to complete the exercises. This is not an entry-level workshop to learn about Istio, but a more advanced course that includes a certification option.
Here is a complete outline of the course content:
- Running Envoy
- Install Istio
- Connecting to Observability
- Creating an Ingress Gateway
- Add Services to Istio
- Rollout mTLS to Your Services
- Controlling Configuration Scoping
- Debugging Istio
This second-level course is available on-demand from Solo Academy and also in instructor-led formats. Check the Solo Events page for upcoming instructor-led, public workshop offerings.
Users who complete this course and pass a certification exam will receive an “Intermediate for Istio” certification from Solo.io.
Ambient Mesh: The Innovation Doesn’t Stop, and Neither Does the Education
In September 2022, Google and Solo.io announced the release of Istio Ambient Mesh to the community. Ambient offers a revolutionary data-plane architecture that allows service mesh users to ditch sidecars. It slashes operational complexity and enables incremental mesh adoption, all while reducing cost and computational overhead within a service mesh. Injected sidecars can be replaced by two new components. First is a node-level zero-trust-tunnel (ztunnel) that provides mTLS and Layer-4 capabilities. A service-account-level proxy called a waypoint leverages Envoy to deliver Layer-7 capabilities.
Have you heard about Ambient Mesh? Would you like to understand the details? Maybe even get your hands on it?
No Problem! Coincident with the Ambient release, Solo.io released the “Get Started with Istio Ambient Mesh” course as part of Solo Academy. After installing Istio with the Ambient profile in your own sandboxed environment, you’ll cover the following topics hands-on.
- Layer 4 authorization policies
- Layer 7 authorization policies
- Layer 7 observability
- Fault injection
- Traffic shifting
And when you’ve completed the workshop, you’ll have the option to take a certification exam. Pass it and you’ll receive a “Fundamentals for Ambient Mesh” certification from Solo.io.
Plumb the Istio Foundations with Envoy Proxy
Solo Academy offers a wealth of information to go deeper with Istio and related technologies.
For example, Envoy proxy is a foundational open-source project that underlies both Waypoint Proxies (Ambient) and traditional Istio sidecars. It also underlies popular cloud-native API gateway offerings like Gloo Gateway and Gloo Edge. Solo Academy offers foundational training on open-source Envoy using exactly the same hands-on workshop content that Solo has delivered at conferences around the world, like Open Source Summit North America and KubeCon Europe (pictured below). This Envoy course offers a certification too.
The service mesh landscape is fluid. Innovation is still happening fast. Wherever you are in your cloud-native journey, Solo provides educational content that will help you make better decisions along the way.