On Wednesday, Google, IBM, and Lyft released Istio, an open source project aimed at making it easier to secure and manage microservices. Istio will initially roll out to Kubernetes, but will be updated every three months, eventually coming to other environments.

The software behind Istio is based on Lyft’s Envoy proxy, and helps add features like security, visibility, routing, compliance, and more to a given microservices deployment, according to a press release. Its aim is to resolve many of the issues that come up when a legacy application is broken down into a set of microservices.

SEE: Why microservices may not be for everybody (ZDNet)

Instead of relying on a common remote procedure call (RPC) library like gRPC, Istio utilizes a service mesh approach. A service mesh sits between the network and a given service in order to offer more control to the operators themselves, the release said.

“Just as microservices help to decouple feature teams, creating a service mesh helps to decouple operators from application feature development and release processes,” the press release said. “Istio turns disparate microservices into an integrated service mesh by systemically injecting a proxy into the network paths among them.”

All three of the partner companies have experience building these microservices, but Lyft’s experience with Envoy could provide the biggest foundational piece of Istio. According to the release, the ride-sharing company used Envoy to manage 100 services across 10,000 VMs, processing 2M requests/second, eventually open sourcing the technology.

Istio monitors microservices and shows users that data, along with data about network behaviors and more, so they can more quickly detect anomalies. The service also includes features that could improve resiliency and boost developer productivity as well, simplifying the development process across certain environments, the release said.

Istio also allows for policy-driven operations, decoupling operator teams from feature development and giving them the ability to improve aspects like security without massive code changes.

“Operators can route a precise subset of production traffic to qualify a new service release. Failures or delays can be injected into traffic to test the resilience of the service mesh,” the release said. Additionally, it offers automatic load balancing for HTTP/1.1, HTTP/2, gRPC, and TCP traffic.

Istio secures communication between services with a transport layer security (TLS) connection, and operates transparently, relative to the services themselves. This makes it easier for users to start small and roll out more features as needed.

The project will eventually be coming to Cloud Foundry, Mesos, and virtual machine environments as well, the release said.

The 3 big takeaways for TechRepublic readers

  1. Google, IBM, and Lyft have released Istio, an open source project aimed at making it easier to securely manage and monitor microservices.
  2. Istio is essentially a service mesh, sitting between the service itself and the network in order to give more control to the user.
  3. Istio will start with Kubernetes, but will eventually come to virtual machines and Cloud Foundry.