menu
arrow_back

App Modernization with Istio Using Mixer to Apply Policies

App Modernization with Istio Using Mixer to Apply Policies

1 Stunde 30 Minuten 7 Guthabenpunkte

GSP450

Google Cloud Self-Paced Labs

Introduction

Istio is an open source framework for connecting, securing, and managing microservices. It can be used with any service, including but not limited to services that are hosted in a Kubernetes cluster. Istio lets you create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without requiring any changes in service code.

Istio support is added to services by deploying a special Envoy sidecar proxy to each of your application's pods in your environment. "Sidecar" means that it gets deployed alongside your application. Your application interacts with the outside world, both ingress and egress, through the Envoy Proxy. Developers of applications can take advantage of the communication and networking enhancements provided by Envoy - like client-side load balancing, circuit breakers, logging, mTLS, etc. - without additional coding and without finding the libraries in the language of choice.

Here's an example: In reliable distributed systems, it's common for a system to want to retry a request after a failure, possibly with an exponential backoff delay. There are libraries for Java and Golang and Node.js that do this. However, employing them within the app means each app will need to solve that problem independently. The Istio sidecar could do this for the app automatically. No need to embed the Hystrix library into your app!

Due to the proximity of the sidecar to the application, there's no significant latency when communicating between them; in some cases no network stack at all. (Read more on this.)

Apigee enables you to create APIs and share them with other developers who might be part of your organization, external to your organization, or even unknown to you. API teams using Apigee achieve this by combining APIs into "API Products" that offer different capabilities and levels of service. Apigee enables you to control who consumes each API product and how much is consumed.

The Apigee Istio Mixer adapter lets you use Apigee to manage APIs for services exposed outside the Istio service mesh or between services running entirely within the mesh. With the adapter, you can employ Apigee API management features to services running in an Istio service mesh, such as:

  • API discovery and documentation
  • Self-service API adoption
  • Usage analytics
  • Monetization

In addition, there are certain capabilities that you do not want to build for every service that you create and deploy to a service mesh. The adapter provides some of these capabilities, including security, caching, and quota enforcement. More information on the Apigee Istio adapter is here

This lab shows you how to install and configure Istio on Kubernetes Engine, deploy an Istio-enabled multi-service application, and install Apigee Istio Mixer adapter. The Apigee Istio Mixer plugin provides additional security and governance with api key/token validation, quota enforcement, and analytics.

Wenn Sie sich in Qwiklabs anmelden, erhalten Sie Zugriff auf den Rest des Labs – und mehr!

  • Sie erhalten vorübergehenden Zugriff auf Google Cloud Console.
  • Mehr als 200 Labs für Einsteiger und Experten.
  • In kurze Sinneinheiten eingeteilt, damit Sie in Ihrem eigenen Tempo lernen können.
Beitreten, um dieses Lab zu starten
Punktzahl

—/100

Create GKE Cluster

Schritt ausführen

/ 10

Create a disk to mount the gRPC to HTTP transcode

Schritt ausführen

/ 10

Start the persistent disk setup configuration job

Schritt ausführen

/ 20

Install the Istio components in the YAML file

Schritt ausführen

/ 10

Deploy the Hipster Shop application from the K8s artifacts

Schritt ausführen

/ 20

Apply the Apigee adapter definitions and handler configurations

Schritt ausführen

/ 15

Apply the Apigee Istio Mixer adapter rule configuration

Schritt ausführen

/ 15