Istio 是一个由谷歌、IBM 与 Lyft 共同开发的开源项目,旨在提供一种统一化的微服务连接、安全保障、管理与监控方式。Istio
项目能够为微服务架构提供流量管理机制,同时亦为其它增值功能(包括安全性、监控、路由、连接管理与策略等)创造了基础。这款软件利用久经考验的
Lyft Envoy 代理进行构建,可在无需对应用程序代码作出任何发动的前提下实现可视性与控制能力。Istio 项目是一款强大的工具,可帮助
CTO/CIO 们立足企业内部实施整体性安全、政策与合规性要求。
更新内容: Networking Incremental Istio Deployment.
(Preview) You can now adopt Istio incrementally, more easily than
before, by installing only the components you want (e.g, Pilot+Ingress
only as the minimal Istio install). Refer to the istioctl CLI tool for
generating a information on customized Istio deployments. Automatic Proxy Injection. We leverage Kubernetes 1.9’s new mutating webhook feature to
provide automatic pod-level proxy injection. Automatic injection
requires Kubernetes 1.9 or beyond and therefore doesn’t work on older
versions. The alpha initializer mechanism is no longer supported. Learn more Revised Traffic Rules.
Based on user feedback, we have made significant changes to Istio’s
traffic management (routing rules, destination rules, etc.). We would
love your continuing feedback while we polish this in the coming weeks.
Mixer adapters Open Policy Agent. Mixer now has an authorization adapter implementing the open policy agent model, providing a flexible fine-grained access control mechanism. Learn more Istio RBAC. Mixer now has a role-based access control adapter. Learn more Fluentd. Mixer now has an adapter for log collection through fluentd. Learn more Stdio. The stdio adapter now lets you log to files with support for log rotation & backup, along with a host of controls.
Security Bring Your Own CA. There have been many enhancements to the ‘bring your own CA’ feature. Learn more PKCS8. Add support for PKCS8 keys to Istio PKI. Istio RBAC Istio RBAC provides access control for services in Istio mesh. Learn more.
Other Release-Mode Binaries. We switched release and installation default to release for improved performance and security. Component Logging.
Istio components now offer a rich set of command-line options to
control local logging, including common support for log rotation. Consistent Version Reporting. Istio components now offer a consistent command-line interface to report their version information. Optional Instance Fields.
Within configuration, definitions of Mixer instances no longer need to
include every field of the associated template. Omitted fields get a
zero or empty value.
Known issues | 
