Complete Istio Service Mesh (1.8) Masterclass + AWS EKS 2024
Learn Istio Service Mesh using Handson (Gateway, Canary Traffic Shifting, Fault Injection, Circuit Breaker, JWT, Egress)
Description
If I summarize this course in one sentence?
Learn Istio Service Mesh in Kubernetes (demo is done using AWS EKS) using Handson concepts and labs (e.g. Gateway, Virtual Service, Destination Rule, Canary Rollout, Load Balancing Rules, Mirror Live Traffic, Fault Injection, Circuit Breaker, JWT Authentication and Authentication, TLS Origination, Kiali Dashboard, etc).
☆Please check preview videos to see if this course is really for you☆
Are you one of the below?
You want to learn how to secure K8s in-cluster network with Istio Service Mesh
You feel overwhelmed and don't know where to start with Istio Service Mesh in Kubernetes
You used Nginx Ingress Controller but want to use production-ready Ingress Controller
You used AWS ALB Ingress Controller but its limitation with ingress YAML pushed you away from using it
You want to learn service mesh so that you can control in-cluster traffic to microservice applications
You want to authenticate and authorize end users using JWT using Istio
You want to be able to configure SSL for AWS ELB using Istio Ingress Gateway Service YAML
You want to learn how to monitor microservice app's distributed request tracing using Kiali and Jaeger dashboards
Who should take this course
you have learned Kubernetes fundamentals (pod, service, deployment, ingress, configmap, role, etc)
you don't know how to go about learning Istio Service mesh in Kubernetes
you have development experience in Kubernetes YAML resources
you want to learn about production-level in-cluster security such as mutual TLS using Istio Service Mesh in Kubernetes
you want to learn ins and outs of Istio Service Mesh features (traffic control, security, observability) from a cloud DevOps working at an US company in SF
who should NOT need to take this course
you already know a lot of Istio Service Mesh in Kubernetes
you are not planning on using Kuberenetes
you are not planning on working on security in Kuberenetes cluster
you have never used Kubernetes before
In this course, you will learn various aspects of Istio Service Mesh in Kubernetes such as:
how to control Ingress Traffic using Gateway, VirtualService, DestinationRules
how to configure SSL Termination at AWS ELB created by Istio ingress gateway using k8s service YAML
how to configure canary rollouts/weight-based routing/traffic splitting using Virtual Service and Destination Rule
how to configure identity/header based routing
how to configure and test failure recovery features (injecting delay and abort, setting retries and timeout)
how to configure and test mirroring live traffic to different versions of app workloads
how to configure and test rate limiting and circuit breaker
how to verify default "permissive mode" of mutual TLS in service mesh, and how to enable STRICT mode of mutual TLS
how to set up end user authentication and authorization with JWT using Request Authentication and Authorization Policy
how to control egress traffic using Service Entry and Virtual Service
how to enable TLS Origination for egress traffic using Destination Rule
how to use Kiali dashboard to visualize mesh topology, logs, metrics, and YAML validation
5 Reasons why you should take this course:
1. Instructed by a cloud DevOps engineer (with CKA and certified AWS DevOps pro) working at US company in SF
I have been pretty handson with Istio Service Mesh, Kubernetes, AWS, AWS EKS with 6.5+ industry experience in both North America and Europe.
2. Abstract Istio Concepts Explained with Diagrams
Istio is pretty complex, and its operational complexities are pretty high. That means, a learning curve is also high.
Especially with Istio, its documentation page offers LITTLE to NO diagrams explaining relationships between `Gateway`, `Virtual Service`, `Destination Rule`, `Service Entry`, etc.
So I created a whole bunch of diagrams from high level architectures to low level YAML resources for Istio features such as canary rollout/traffic splitting, JWT Authentication and Authorization, and much more. You will have the most VISUAL-oriented learning experience you can EVER find on the Internet for Istio.
3. Updated Knowledge about Istio Service Mesh v1.6~ in 2020
Some of the Istio Architecture and Componets are outdated. I will demonstrate 2020-updated version of resources and concepts.
4. Tons of handson!
I won't bore you with dry lectures. Instead every concepts are paired with handson demo.
5. Entire course under FIVE HOURS
I tried to make this course compact and concise so students can learn the concepts and handson skills in shorted amount of time, because I know a life of software engineer is already pretty busy :)
My background & Education & Career experience
Cloud DevOps Software Engineer with 6.5+ years experience
Bachelor of Science in Computing Science from a Canadian university
Knows Java, C#, C++, Bash, Python, JavaScript, Terraform, IaC
Expert in AWS (holds AWS DevOps Professional certification) and Kubernetes (holds Certified Kubernetes Administrator, CKA)
I will see you inside!
What You Will Learn!
- how to control ingress traffic using Gateway, VirtualService, DestinationRules
- how to configure SSL Termination at AWS ELB created by Istio ingress gateway using k8s service YAML
- how to configure canary rollouts/weight-based routing/traffic splitting using Virtual Service and Destination Rule
- how to configure identity/header based routing
- how to configure and test failure recovery features (injecting delay and abort, setting retries and timeout)
- how to configure and test mirroring live traffic to different versions of app workloads
- how to configure and test rate limiting and circuit breaker
- how to verify default "permissive mode" of mutual TLS in service mesh, and how to enable STRICT mode of mutual TLS
- how to set up end user authentication and authorization with JWT using Request Authentication and Authorization Policy
- how to control egress traffic using Service Entry and Virtual Service
- how to enable TLS Origination for egress traffic using Destination Rule
- how to use Kiali dashboard to visualize mesh topology, logs, metrics, and YAML validation
Who Should Attend!
- You want to learn how to secure K8s in-cluster network with Istio Service Mesh
- You feel overwhelmed and don't know where to start with Istio Service Mesh in Kubernetes
- You used Nginx Ingress Controller but want to use production-ready Ingress Controller
- You used AWS ALB Ingress Controller but its limitation with ingress YAML pushed you away from using it
- You want to learn service mesh so that you can control in-cluster traffic to microservice applications
- You want to authenticate and authorize end users using JWT using Istio
- You want to be able to configure SSL for AWS ELB using Istio Ingress Gateway Service YAML
- You want to learn how to monitor microservice app's distributed request tracing using Kiali and Jaeger dashboards