This chapter covers
- Defining entry points into a cluster
- Routing ingress traffic to deployments in your cluster
- Securing ingress traffic
- Routing non HTTP/S traffic
As we’ll see throughout the rest of this book, Istio will allow us to solve some difficult challenges in service-to-service communication. For most of the book, we’ll assume a single cluster with a single Istio control-plane deployment, but in reality Istio’s capabilities are not limited to a single or homogeneous cluster. But even before we look at multi-cluster or hybrid deployments, we should understand how to connect different networks together. This chapter will consider two different networks: the cluster in which the service mesh is deployed, and anything outside of the cluster.
We will most likely run interesting services and applications inside our cluster. We will most likely have intra-service communication within the cluster and that’s where Istio shines. But what about those clients that are deployed or exist outside of the cluster? In this chapter, we’ll take a look at connecting those clients that live outside the cluster to services running inside the cluster.