Hats off to this guy. These are some quality videos which u won’t find anywhere. I only find “hello world “ kinda demo in Other channels but hey this channel is legit. 🎉
Really happy I found this channel. Really useful deep dives that actually explain the interesting stuff. Not like other channels that half ass things or barely scratch the surface. Amazing content!!
I have seen your few other videos, and all of them are great. A combo of theory along with practice makes your videos excellent. To explain a new tool/service/concept, you first describe the problem statement and explain the solution. This is the cherry on the cake in your videos. However, this was missing in this video. I liked this video.
Hi Anton, thank you for bringing this to your channel. I have little doubt about Kiali's visualization. There is an unknown traffic graph, but it's already configured directly to the Istio ingress gateway do you know how to remove this unknown traffic graph?
Thanks, not sure but you can use kiali config to adjust your parameters. github.com/antonputra/tutorials/blob/main/lessons/155/monitoring/kiali/config.yaml#L8-L106
a real DevOps, started with IaC and have covered enough from Istio, other tutorials i've seen they didn't cover 5% of what Istio could offer, i'm thinking of Istio for a hybrid setup on-prem + cloud
we already had a setup where ingress of type azure/application-gateway is being used and lets encrypt for certificates but without service mesh. If we want to implement istio, does this existing ingress need to be replaced with istio-ingressgateway?
Hello all. I have a doubt here. What is the difference between gateway kind and sprinf cloud gateway . We are using speinf cloud gateway doing lots of filtering within that and redirecting . Isito also does this but we are using istio also for redirecting . Am confused .
Can you answer a question, is it possible to use jaeger + istio, for every request and response event of each microservice? automatic without changing microservice/pod code? How can I look for the configuration I should do?
Hi Anton, Can we have static private Ip address assigned to istio gateway which creates AWS NLB. We tried to have static Ip via annotation but it does not work.
Hi Anton, I really appreciate the excellent content you shared in your video. Do you also offer personal coaching services, I would like on Kubernetes with Monitoring, terraform, EKS, Service Mesh?
Thank you, Manuel! Someday in the future, I might do it, as it's not as widely adopted as Nginx. Also, we've been using Kong Ingress for a year and then had to migrate back to a Kong VM-based solution. I don't remember the reason.
Is it necessary to use the key app:my-app under the label section in deployment?. Can it be name:my-app.(generated via helm install)? because in deployment under labels, I have name:my-app
That's the defaut convention, I believe you can change this default setting to name, discuss.istio.io/t/ability-to-change-istio-app-version-labels/1139
Please make video regarding mtls with istio, if I use Linkerd I got by default mtls, do we have same in Istio? your content is so amazing relevant to real world, thanks a lot
Hi Anton putra, we have istio installed in aws eks but getting “upstream request timeout “ between two pods and its intermittent connection issue . From kaili dashboard we could see that virtual service is failed but could not find why it failed. Can you please help us
The best advice I can give is to reproduce my example, including the versions (istio & eks & all of them). Once you ensure it works, you can start updating parts of it to suit your needs. Debugging may take anywhere from 5 minutes to a day or two, so I don't particularly like debugging other people's code or infrastructure. Keep in mind that if you're having issues right now and you can't fix them, moving to production will likely be much more stressful.
I have a question, I want to run a cronjob and it's a simple curl request to another namespace app. But i don't want to run side are istio container because it's a resource wastage because of running every two minutes. Is there a a way to achieve this because when I added the sidcare istio false annotation then curl was failing
I am planning to wipe out my ALB ingress’s controller due to many issues that’s it’s giving in my production and switch into Istio gateway. Trust me helm with terraform saves life man .
@@AntonPutra Are you able to create a short video on how to setup Istio with ALB+ACM certificate covering deploying an External and Internal ALB (with Terraform)? If you already have a video in youtube, can you tell me the title of it. Thanks
@@AntonPutra I was referring how to Setup an ALB+ACM with Istio on EKS. Under a similar example. Perhaps, you can also add path-based routs as well as covering HTTPS and gRPC.
why is it that nobody ever demonstrates public facing apps in these tutorials? i don't wanna have to use kubectl port-forward every time I wanna access prometheus/grafana so why not demonstrate how to make those publicly available (those endpoints could always have a WAF white list IP so that you are the only one who can access it) this is perhaps one of the most useful things that ppl need when they implement Istio in production yet everyone ALWAYS always demonstrates this with the same concept as Istio's online documentation. show us how to create multiple apps that are public facing using different gateways, different dns records, how to use different paths in the URL to serve different apps
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
Hats off to this guy. These are some quality videos which u won’t find anywhere. I only find “hello world “ kinda demo in Other channels but hey this channel is legit. 🎉
I appreciate that!
Really happy I found this channel. Really useful deep dives that actually explain the interesting stuff. Not like other channels that half ass things or barely scratch the surface. Amazing content!!
Thank you!
Istio is my favorite service mesh because of it's simplicity. Once again, thanks for sharing Anton.
thanks, do you use gateway api or virtual services?
@@AntonPutra I use virtual services.
I have seen your few other videos, and all of them are great. A combo of theory along with practice makes your videos excellent. To explain a new tool/service/concept, you first describe the problem statement and explain the solution. This is the cherry on the cake in your videos. However, this was missing in this video. I liked this video.
ok noted
Fantastic Istio Tutorial.
Thanks :)
Great Video with excellent demonstration at a perfect pace 👌 👏 thanks a lot for an amazing contribution.
You're very welcome!
Thanks mate, great work!
Thanks Matthew!
waiting for MTLS tutorial..thank you for sharing your knowledge.
Thanks! mTLS is automatically configured between pods with isio sidecars
@@AntonPutrathank you! I really appreciate your efforts..
Lol, i did this all by just reading the docs and then found your video 😂It was fun though. Didn't take me too long. Good video!
Hello, Anton, Can you do a cilium video? Thank you.
These videos have been really helpful, thanks!
Happy to help!
perfecto
thanks :)
amazing video!!!
Thank you for making this video!
thank you! I'll update this soon along with cilium service mesh
Excellent !!!!
Thank you!
You are genuine 🎉
thanks =)
Great one
Thanks!
Спасибо, бро!
spasibo za visit =)
Hi Anton, thank you for bringing this to your channel. I have little doubt about Kiali's visualization. There is an unknown traffic graph, but it's already configured directly to the Istio ingress gateway do you know how to remove this unknown traffic graph?
Thanks, not sure but you can use kiali config to adjust your parameters.
github.com/antonputra/tutorials/blob/main/lessons/155/monitoring/kiali/config.yaml#L8-L106
a real DevOps, started with IaC and have covered enough from Istio, other tutorials i've seen they didn't cover 5% of what Istio could offer,
i'm thinking of Istio for a hybrid setup on-prem + cloud
Thanks =)
we already had a setup where ingress of type azure/application-gateway is being used and lets encrypt for certificates but without service mesh. If we want to implement istio, does this existing ingress need to be replaced with istio-ingressgateway?
Yes, if you want to expose services that use Istio mesh, you need to create an Istio ingress or a gateway API.
Does ingress gateway creates alb like ingress ??
It creates nlb (network load balancer), layer 7 routing is done on the gateway so there is no need for alb (application load balancer)
I have been subscribed for this video i guess.. ) Thanks
Your videos are always very interesting. Can I ask if you have also made comparisons with other services similar to Istio like Linkerd? Thanks
Thanks, I've been using Linkerd for a while. I'll make a video soon..
@@AntonPutra Thank you! I prefer Linkerd instead of Istio, but only because I started with Linkerd :)
Hello all.
I have a doubt here. What is the difference between gateway kind and sprinf cloud gateway . We are using speinf cloud gateway doing lots of filtering within that and redirecting . Isito also does this but we are using istio also for redirecting . Am confused .
Can you answer a question, is it possible to use jaeger + istio, for every request and response event of each microservice? automatic without changing microservice/pod code? How can I look for the configuration I should do?
Yes, you can. They provide an example at istio.io/latest/docs/tasks/observability/distributed-tracing/jaeger/.
Please make a video on Istio ambient mesh which runs without sidecars with the help of eBPF.
Sure, will do in the future
Hi Anton,
Can we have static private Ip address assigned to istio gateway which creates AWS NLB. We tried to have static Ip via annotation but it does not work.
Hi all any help would be appreciated
Hi Anton,
I really appreciate the excellent content you shared in your video. Do you also offer personal coaching services, I would like on Kubernetes with Monitoring, terraform, EKS, Service Mesh?
Yes I do, pls send me an email me@antonputra.com
is there a way to integreate istio with external-dns to automate record creation in route53?
sure - github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/istio.md
Amazing Anton.
Congratulations for the quality of the videos.
Do you plan to do a Kong Ingress controller video?
Thank you, Manuel! Someday in the future, I might do it, as it's not as widely adopted as Nginx. Also, we've been using Kong Ingress for a year and then had to migrate back to a Kong VM-based solution. I don't remember the reason.
I realise that you have a video with NGINX. I will listen this one and it will be enough for me.
Thank you.
Is it possible to use AWS ACM generate certificate into istio ?
No, but you can use acm with app mesh. It’s pretty much the same service mesh based on envoy
please create tutorial Istio + Grafana Mimir, Kiali
Thanks, noted!
@@AntonPutra because grafana mimir better than prometheus at scale and native support S3/GCS storage
@@salamander-007 Interesting. I've never heard about it. Thanks for bringing this to my attention.
@@AntonPutrasure, i love ypur channel anton ❤ very high quality 😎
Really nice.
Is it difficult to set a JWT authorisation for token validation in specific routes?
I haven't used it, but I don't think it's difficult - istio.io/latest/docs/tasks/security/authorization/authz-jwt/
Again, it was a great video. 👏Could there be more videos about Istio? Real-world examples, egress, monitoring, authentication, etc.
thanks, I'll create one soon refresh video, i'll try to include more examples
@@AntonPutra Excellent, I'm looking forward to new videos.👏
Is it necessary to use the key app:my-app under the label section in deployment?. Can it be name:my-app.(generated via helm install)? because in deployment under labels, I have name:my-app
That's the defaut convention, I believe you can change this default setting to name, discuss.istio.io/t/ability-to-change-istio-app-version-labels/1139
Please make video regarding mtls with istio, if I use Linkerd I got by default mtls, do we have same in Istio? your content is so amazing relevant to real world, thanks a lot
Thanks, mTLS is a default for istio. All your apps must be deployed with side cars for mTLS.
@@AntonPutra 👍 Thanks
Hi Anton putra, we have istio installed in aws eks but getting “upstream request timeout “ between two pods and its intermittent connection issue . From kaili dashboard we could see that virtual service is failed but could not find why it failed. Can you please help us
The best advice I can give is to reproduce my example, including the versions (istio & eks & all of them). Once you ensure it works, you can start updating parts of it to suit your needs. Debugging may take anywhere from 5 minutes to a day or two, so I don't particularly like debugging other people's code or infrastructure.
Keep in mind that if you're having issues right now and you can't fix them, moving to production will likely be much more stressful.
Hi Anton. Would u reply if i post a question here ??
Sure, what's your question?
How do you do request logs?
kubectl logs -f ...
I have a question, I want to run a cronjob and it's a simple curl request to another namespace app. But i don't want to run side are istio container because it's a resource wastage because of running every two minutes. Is there a a way to achieve this because when I added the sidcare istio false annotation then curl was failing
i guess label not annotation, what's the error?
Антон, привет! Я ищу ментора для EKS clusterа. Дай знать пожалуйста.
Privet, izvini mnogo raboti seychas, esli est kakie to konkretnie voprosi pishi na email, obyazatelno otvechu v techenii 1, 2 dney
I am planning to wipe out my ALB ingress’s controller due to many issues that’s it’s giving in my production and switch into Istio gateway. Trust me helm with terraform saves life man .
Well manage your own controller can be tricky sometimes, you need to monitor it closely.
Great video 🎉
Thanks
Awesome vid
1:46. Someone is not a fan of rust. lol....
Go vs. Rust: Performance Benchmark - ua-cam.com/video/QWLyIBkBrl0/v-deo.html
First
You just show the usage without actually explaining how it works.
thanks for the feedback, but you can find the source code under that video with implementation details
Great invaluable content. But the guy is talking like a robot and make it hard to follow and grasp for a newbie like me..
noted
@@AntonPutra Are you able to create a short video on how to setup Istio with ALB+ACM certificate covering deploying an External and Internal ALB (with Terraform)? If you already have a video in youtube, can you tell me the title of it. Thanks
@@vishwaseneviratne9727 If you mean load balancer controller + acm -> ua-cam.com/video/ZfjpWOC5eoE/v-deo.html
@@AntonPutra I was referring how to Setup an ALB+ACM with Istio on EKS. Under a similar example. Perhaps, you can also add path-based routs as well as covering HTTPS and gRPC.
why is it that nobody ever demonstrates public facing apps in these tutorials? i don't wanna have to use kubectl port-forward every time I wanna access prometheus/grafana so why not demonstrate how to make those publicly available (those endpoints could always have a WAF white list IP so that you are the only one who can access it)
this is perhaps one of the most useful things that ppl need when they implement Istio in production yet everyone ALWAYS always demonstrates this with the same concept as Istio's online documentation.
show us how to create multiple apps that are public facing using different gateways, different dns records, how to use different paths in the URL to serve different apps
Thanks for the feedback, but I think I used a public gateway in this video to expose it to the internet.