Istio 1.7’s improved VM support, step-by-step

Christian Posta | August 22, 2020

In the recently released Istio 1.7, support for running workloads in the service mesh on VMs has been improved. In 1.6, Istio added the WorkloadEntry resource which gives VMs first-class support in the service mesh, while Istio 1.7 adds the ability to securely bootstrap the identity of the running service in a VM as well as using the istioctl cli to validate configurations. Lastly, Istio 1.7 adds packaging of the sidecar to support CentOS/Red Hat along side the existing Debian/Ubuntu support.

Setting up this VM support has a few steps outlined in the docs. In these two videos we take a close look at getting all of this working. We show how to enable communication from the VM-based service to the rest of the mesh as well as from the Kubernetes based workloads to the VM service. We enable communication as well as mTLS.

Take a look here:

Part I

Part II

What else is new in Istio 1.7?

Join me (@christianposta) and Dan Berg from IBM (@dancberg) on as we review the Istio 1.7 release and demo some of these new features on Tuesday Aug 25th at 10AM Pacific time on this youtube live.

Looking for Istio Support?

At Solo.io, we work with the worlds largest customers to help them succeed at adopting Envoy and service-mesh based technologies. Please reach out if you are looking for Istio Support (consulting, dedicated support engineering, break-fix production support/expertise, etc).

About the Author

Christian Posta

Christian Posta (@christianposta) is Global Field CTO at Solo.io supporting customers and end users in their adoption of cloud-native technologies. He is an author for Manning and O’Reilly publications, open source contributor, blogger and sought after speaker on Envoy Proxy and Kubernetes technologies. Prior to Solo.io, Chrisitan was a Chief Architect at Red Hat, FuseSource and held engineering positions at organizations like Wells Fargo, Apollo Group, Intel.