Course Catalog  > DevOps and CI/CD  > Docker and Kubernetes
WA3624

Istio with EKS (Elastic Kubernetes Service) Training

This Elastic Kubernetes Service (EKS) training introduces Istio, a service mesh solution. Learners learn how to deploy and manage Istio on EKS and master traffic management, security, observability, and service-to-service communication in a microservices architecture.
Request Information
Request On-Site or Customized Course Info
Course Details

Duration

2 days

Prerequisites

All participants must have taken Introduction to Docker and Kubernetes or have equivalent experience.

Skills Gained

  • Understand the fundamentals of service mesh and Istio
  • Deploy Istio on EKS and configure its components
  • Manage traffic routing and observe advanced networking in Istio
  • Implement Istio security features like mutual TLS and authorization policies
  • Gain insights into microservices performance using Istio observability tools
Course Outline
  • What is a Service Mesh?
    • Challenges in microservices networking
    • Service mesh solutions and benefits
  • Istio Overview
    • Key features: traffic management, security, and observability
    • Istio architecture: Envoy proxy, control plane components
    • Sidecar vs. Ambient mode
  • Elastic Kubernetes Service (EKS) Overview
    • Benefits of using EKS for container orchestration
    • Prerequisites for Istio deployment on EKS
  • Installing Istio on EKS
    • Configuring EKS clusters
    • Installing Istio using Helm or Istioctl
    • Verifying the installation
  • Core Traffic Features
    • Traffic splitting, retries, and timeouts
    • Implementing canary deployments and blue-green deployments
  • Istio Gateway and VirtualService Resources
    • Configuring ingress and egress traffic
    • Path-based and header-based routing
  • Monitoring and Telemetry
    • Istio metrics and logs using Prometheus and Grafana
    • Distributed tracing with Jaeger
    • Service graph visualization using Kiali
  • Securing Service-to-Service Communication
    • Mutual TLS (mTLS) setup
    • Istio authentication policies
  • Authorization Policies
    • Configuring role-based access control (RBAC)
    • Enforcing security policies
  • Optimizing Istio for Performance
    • Fine-tuning Envoy proxies
    • Resource management for Istio components
  • Scaling and Upgrading Istio
    • Rolling updates for Istio control plane
    • Strategies for multi-cluster service mesh
  • Troubleshooting Common Issues
  • Conclusion