Course Catalog  > DevOps and CI/CD  > Docker and Kubernetes
WA3622

Istio with AKS (Azure Kubernetes Service) Training

This hands-on course teaches learners to implement and manage Istio on Azure Kubernetes Service (AKS). Through practical exercises, learners gain proficiency in leveraging Istio for traffic control, enhancing security, achieving comprehensive observability, and streamlining service-to-service communication within microservices deployments.
Request Information
Request On-Site or Customized Course Info
Course Details

Duration

2 days

Prerequisites

All participants must have taken Introduction to Docker and Kubernetes or have equivalent experience.

Skills Gained

  • Understand the fundamentals of service mesh and Istio
  • Deploy Istio on AKS and configure its components
  • Manage traffic routing and observe advanced networking in Istio
  • Implement Istio security features like mutual TLS and authorization policies
  • Gain insights into microservices performance using Istio observability tools
Course Outline
  • What is a Service Mesh?
    • Challenges in microservices networking
    • Service mesh solutions and benefits
  • Istio Overview
    • Key features: traffic management, security, and observability
    • Istio architecture: Envoy proxy, control plane components
    • Sidecar vs. Ambient mode
  • Azure Kubernetes Service (AKS) Overview
    • Benefits of using AKS for container orchestration
    • Prerequisites for Istio deployment on AKS
  • Installing Istio on AKS
    • Configuring AKS clusters
    • Installing Istio using Helm or Istioctl
    • Verifying the installation
  • Core Traffic Features
    • Traffic splitting, retries, and timeouts
    • Implementing canary deployments and blue-green deployments
  • Istio Gateway and VirtualService Resources
    • Configuring ingress and egress traffic
    • Path-based and header-based routing
  • Monitoring and Telemetry
    • Istio metrics and logs using Prometheus and Grafana
    • Distributed tracing with Jaeger
    • Service graph visualization using Kiali
  • Securing Service-to-Service Communication
    • Mutual TLS (mTLS) setup
    • Istio authentication policies
  • Authorization Policies
    • Configuring role-based access control (RBAC)
    • Enforcing security policies
  • Optimizing Istio for Performance
    • Fine-tuning Envoy proxies
    • Resource management for Istio components
  • Scaling and Upgrading Istio
    • Rolling updates for Istio control plane
    • Strategies for multi-cluster service mesh
  • Troubleshooting Common Issues
  • Conclusion