Concepts
Concepts help you learn about the different parts of the Istio system and the abstractions it uses.
- What is Istio?
- Overview. Provides a conceptual introduction to Istio, including the problems it solves and its high-level architecture.
- Design Goals. Describes the core principles that Istio's design adheres to.
- Traffic Management
- Overview. Provides a conceptual overview of traffic management in Istio and the features it enables.
- Pilot. Introduces Pilot, the component responsible for managing a distributed deployment of Envoy proxies in the service mesh.
- Request Routing. Describes how requests are routed between services in an Istio service mesh.
- Discovery & Load Balancing. Describes how traffic is load balanced across instances of a service in the mesh.
- Handling Failures. An overview of failure recovery capabilities in Envoy that can be leveraged by unmodified applications to improve robustness and prevent cascading failures.
- Fault Injection. Introduces the idea of systematic fault injection that can be used to uncover conflicting failure recovery policies across services.
- Rules Configuration. Provides a high-level overview of the domain-specific language used by Istio to configure traffic management rules in the service mesh.
- Security
- Mutual TLS Authentication. Describes Istio's mutual TLS authentication architecture which provides a strong service identity and secure communication channels between services.
- Istio Role-Based Access Control (RBAC). Describes Istio RBAC which provides access control for services in Istio Mesh.
- Policies and Control
- Attributes. Explains the important notion of attributes, which is a central mechanism for how policies and control are applied to services within the mesh.
- Mixer. Architectural deep-dive into the design of Mixer, which provides the policy and control mechanisms within the service mesh.
- Mixer Configuration. An overview of the key concepts used to configure Mixer.