# Istio

Istio is one of the famous service mesh implementations out there. It uses Envoy for proxy sidecars. Some of the features that Istio is providing includes,

* Service discovery
* Load balancing
* Failure recovery
* Rate limiting
* Audit trials
* Secure inner cluster communication
* Identity based authentication and authorization among containers
* Traffic management / cannary deployments / geo located routing
* Observability

## Istio Architecture

![Istio Architecture](https://github.com/isurusiri/infra-n-plat-notes/blob/master/images/Servicemesh/istio-architecture-1-1024x937.png?raw=true)

Istio includes few components to get it's work done, which includes,

* Envoy proxies
* Citadel
* Pilot
* Mixer

### Envoy proxies

Envoy proxies provides following functionalities

* Dynamic service discovery
* TLS termination
* Health checks
* Staged rollouts
* Fault injection

### Citadel

Citadel provides following functionalities,

* User authentication and authorization
* Certificate management
* Traffic encryption

### Pilot

Pilot provides following functionalities,

* Service discovery
* Intelligent routing
* Resiliency

## Mixer

Mixer provides following functionalities,

* Access control
* Usage policies
* Telemetry data