Concepts
Concepts help you learn about the different parts of the Istio system and the abstractions it uses.
-
What is Istio?
- Overview. Provides a conceptual introduction to Istio, including the problems it solves and its high-level architecture.
- Design Goals. Describes the core principles that Istio's design adheres to.
-
Traffic Management
- Overview. Provides a conceptual overview of traffic management in Istio and the features it enables.
- Pilot. Introduces Pilot, the component responsible for managing a distributed deployment of Envoy proxies in the service mesh.
- Request Routing. Describes how requests are routed between services in an Istio service mesh.
- Discovery & Load Balancing. Describes how traffic is load balanced across instances of a service in the mesh.
- Handling Failures. An overview of failure recovery capabilities in Envoy that can be leveraged by unmodified applications to improve robustness and prevent cascading failures.
- Fault Injection. Introduces the idea of systematic fault injection that can be used to uncover conflicting failure recovery policies across services.
- Rules Configuration. Provides a high-level overview of the configuration model used by Istio to configure traffic management rules in the service mesh.
-
Security
- Authentication Policy. Describes Istio's authentication policy
- Mutual TLS Authentication. Describes Istio's mutual TLS authentication architecture which provides a strong service identity and secure communication channels between services.
- Istio Role-Based Access Control (RBAC). Describes Istio RBAC which provides access control for services in Istio Mesh.
-
Policies and Telemetry
- Overview. Describes the design of the policy and telemetry mechanisms.
- Configuration. An overview of the key concepts used to configure Istio's policy enforcement and telemetry collection features.