Repository files navigation

An open platform to connect, manage, and secure microservices.

• For in-depth information about how to use Istio, visitistio.io
• To ask questions and get assistance from our community, visitdiscuss.istio.io
• To learn how to participate in our overall community, visitour community page

In this README:

• Introduction
• Repositories
• Issue management

In addition, here are some other documents you may wish to read:

• Istio Community - describes how to get involved and contribute to the Istio project
• Istio Developer's Guide - explains how to set up and use an Istio development environment
• Project Conventions - describes the conventions we use within the code base
• Creating Fast and Lean Code - performance-oriented advice and guidelines for the code base

You'll find many other useful documents on ourWiki.

Istio is an open platform for providing a uniform way tointegratemicroservices, managetraffic flow across microservices, enforce policiesand aggregate telemetry data. Istio's control plane provides an abstractionlayer over the underlying cluster management platform, such as Kubernetes.

Istio is composed of these components:

• Envoy - Sidecar proxies per microservice to handle ingress/egress trafficbetween services in the cluster and from a service to externalservices. The proxies form asecure microservice mesh providing a richset of functions like discovery, rich layer-7 routing, circuit breakers,policy enforcement and telemetry recording/reportingfunctions.

  Note: The service mesh is not an overlay network. Itsimplifies and enhances how microservices in an application talk to eachother over the network provided by the underlying platform.

• Istiod - The Istio control plane. It provides service discovery, configuration and certificate management. It consists of the following sub-components:

  • Pilot - Responsible for configuring the proxies at runtime.

  • Citadel - Responsible for certificate issuance and rotation.

  • Galley - Responsible for validating, ingesting, aggregating, transforming and distributing config within Istio.

• Operator - The component provides user friendly options to operate the Istio service mesh.

The Istio project is divided across a few GitHub repositories:

• istio/api. This repository definescomponent-level APIs and common configuration formats for the Istio platform.

• istio/community. This repository containsinformation on the Istio community, including the various documents that governthe Istio open source project.

• istio/istio. This is the main code repository. It hosts Istio'score components, install artifacts, and sample programs. It includes:

  • istioctl. This directory contains code for theistioctl command line utility.

  • operator. This directory contains code for theIstio Operator.

  • pilot. This directorycontains platform-specific code to populate theabstract service model, dynamically reconfigure the proxieswhen the application topology changes, as well as translaterouting rules into proxy specific configuration.

  • security. This directory containssecurity related code,including Citadel (acting as Certificate Authority), citadel agent, etc.

• istio/proxy. The Istio proxy containsextensions to theEnvoy proxy (in the form ofEnvoy filters) that support authentication, authorization, and telemetry collection.

We use GitHub to track all of our bugs and feature requests. Each issue we track has a variety of metadata:

• Epic. An epic represents a feature area for Istio as a whole. Epics are fairly broad in scope and are basically product-level things.Each issue is ultimately part of an epic.

• Milestone. Each issue is assigned a milestone. This is 0.1, 0.2, ..., or 'Nebulous Future'. The milestone indicates when wethink the issue should get addressed.

• Priority. Each issue has a priority which is represented by the column in thePrioritization project. Priority can be one ofP0, P1, P2, or >P2. The priority indicates how important it is to address the issue within the milestone. P0 says that themilestone cannot be considered achieved if the issue isn't resolved.