我不知道在技术社区中有多少人有这样的观点，35年之后，我们的生活就会像是“银翼杀手”的续集。“银翼杀手”向我们展现了一个技术的未来，其中的许多视觉建筑，像动画广告板，视频通话，现在都是那么的普通，而这些是我们小的时候想都不会想到的东西。“银翼杀手”里面的场景竟然如此充分地实现了，这使得像我一样的人开始在思考云能做的事情，如果我们用心地在上面思考的话。

许多年来，这意味着大规模的应用－和许多可持续的工作。没有更多的东西了。其中一个当我们的技术深入到云原生架构的结果，就是我们更加强调基于微服务的应用，这意味这一个单一的服务可以微多个应用提供难以评估的益处－有点像是“代码复用”的终极版本。

但是，当你已经有了一个应用，这个应用包含了成千上完的独立服务，你这样才能管理好你的架构，以至于不让你的应用，至少你的理智－完全脱离轨道呢？我们需要的是一个架构，可以帮助我们连接，管理，还有保证这些微服务的安全，同事提供了负载均衡，身份验证和监控等等功能。

如果有这个的事情存在，你当然愿意参与进来，不是吗？当然你会。好的，你的机会来了。

Istio就是这样的一个开源项目，它完成了所有的这些事情。在周一，就是9月25号的时候，它们已经举办了一次用户测试的“黑客马拉松”活动。我想我们可以直接从那些参与到这项活动的人身上获得更多的细节，所以我们将会和Google的软件工程师Douglas Reid和Mandar Jog交流一下，他们一直致力于领导这些开发成果。

Nick Chase:先生们，非常谢谢今天花时间和我会谈。对于那么还不知道什么是Istio的人来说，请解释一下它。

Mandar Jog: Istio是一个服务网格，它提供了所有微服务需要的交叉功能。例如，你需要流量管理。你需要找到那些你需要触及的服务，有人必须决定你需要和那些服务对接。

然后接下来是可观测的，基本上就是遥测和指标。所以你需要找到某些东西被调用了多少次，同样的，可以追溯。日志都记录在同样的区域。

然后就是强制策略，就是访问控制，或者是任何种类的特定策略的制定，例如在什么样的条件下，一个特定的服务应该和另外一个通信。

最后，Istio验证提供了身份验证，所以你可以基于你整体的身份和身份验证故事实现服务对服务的验证和中央的验证。

Douglas Reid:这些只是一些功能上的东西，但是从另外一个不同的角度来看，我认为Istio是Lyft，IBM和Google这些公司在分布式环境中部署，管理和服务应用软件中用户经验积累的产品。这有些像是这些年来如何简单地去管理规模化，特别是分布式系统，积累的一些最佳实践。

NC: 所以基本上来讲，你拥有的就是这种微服务，Istio就是这样的一个请求编排器？

MJ:Istio 处于不同的服务之间。它解释了这些我们之前提到的请求。

NC:我很多时候同时听到关于Envoy和Istio的很多事情，这两者之间有什么区别？

DR:Envoy是Istio的一个组件.Envoy是服务的代理。它是Istio的数据平面层。Istio同样也有一个控制面板，叫做Pilot.Pilot控制Envoy的部署，然后帮助配置它们，同样的还有Mixer,帮助做出决策。Envoy 在请求时间调用Mixer。PPilot还控制Envoy用来保护流量的所有其他部分的部署。

NC: Istio 是专注于自己的领域，还是你们正和其它的项目建立联系来打造一个生态呢？

MJ:还无疑问。例如，LinkerD 现在也可以和Istio一起运行。它们可以调用Mixer,所以基本上LinkerD,从最简单的的角度上来说，可以取代 Envoy作为这个请求的解释器或者代理，然后正如Envoy调用Mixer去做决策，LinderD同样也可以调用Mixer去做决策。Nginx同样还是运行着，或者已经被通知，它们将会和Mixer进行通信，所有你可以使用Ngix作为你的代理，而不是Envoy.

事实上，Mixer和Envoy之间的协议是很好的被定义和发布的，这意味着理论上是不可替换的。所以作为Istio,我们定义的就是配置的界面，还有Envoy是如何和Mixer进行通信的。

DR:Mixer采用了Prometheus作为它内置的度量报告机制，我们同样也有给StatsD的插件，我确定这里会有其它的专有指标和遥测方案的插件。我们正在打算实行配额系统。我们有了一个配额系统。我认为现在它是建立在Redis上面，我们期待看到更多的第三方的开发，正如我们允许编写适配器的生态系统，从而建立和其它项目更多的联系。

MJ:同样的，从策略层面上来说，Istio正在和其它的几个伙伴一起合作。例如开放政策机构(OPA)就是我们正在合作的第一个策略适配者，你可以在新的半标准语言中去实现你的策略，这和社区工作的标准是一致的。

DR: 然后还有其它值得一提的项目就是，Istio正在和SPIFFE紧密合作，支持SPIFFE作为Istio的一项认证协议。

Me:所以Istio有点像是包罗万象的伞。

MJ:从一个运营者的角度，Istio是操作者可以进行交互的配置。你可以配置Istio去做一些网络工作，这里也有一些Istio支持的网络功能，例如路由规则，目的地策略，还有其它的事情。同样在策略管理和度量方面，这里也有其它的功能，是可以作为插件的。所以当它们发展的时候，Istio支持它们。有点像是Istio的大伞。（未完待续）

There is also the matter of how the proxy is being configured. Pilot also exposes a configuration interface that Envoy calls out to, so that’s kind of the third interface. The umbrella defines things in terms of interfaces and protocols, and then we have implementations of all those components in action for a working system.

NC: So what it what this Istio user hackathon all about?

DR:  So as we work towards the next release of Istio, we’re getting closer to what we think are release candidates for all the components, and we are writing up the documentation and all the changes we’ve made over the last couple of months. This event is really to get early adopters to take a look at it, try to run through the documentation, tell us where we might have certain bugs that need to be closed before we consider the release blessed, and see where feature gaps are and so we can start planning for future work on Istio.

NC: What is the next Istio release, and when do you expect to have it?

DR: Our goal is to have it ready by the end of September.

NC: Do you have need to have like kubernetes experience or any other particular prerequisites in order to participate in this event?

MJ:  Some kubernetes would be helpful but it’s not required. We have setup instructions, and we will kind of walk you through how to set up a kubernetes cluster and get things started, so that it shouldn’t be a real impediment.

NC: Are there any particular hardware prerequisites?

DR: What I think what we’re going to do is Google is going to provide a bunch of experimental projects so you can set up clusters, so you shouldn’t need to provide any hardware. I think IBM is going to do that as well on Bluemix, so there should be a fair amount of available infrastructure for testing. So you need a laptop and the ability to run Git, or even just the installer and that should be enough. So I think there aren’t any real hardware requirements that I know of.

NC: Once this release is out, where do you think Istio is on the production-ready scale?

MJ: Istio 0.2 is the release where we have enough features that people can actually get something done, so I’m really looking forward to feedback. Production-readiness, performance, and all that are goals for 0.3.

DR:  In some ways, it’s like the difference between Istio and Envoy and the various components. Certain components of Istio have been used in production environments, and we are well aware of their characteristics. Others have gone through big rewrites over the last couple of months as we learned some things, and we’re still starting to get a feel for what needs to be hardened and what needs to be addressed. So depending on what you’re trying to do with it, you might have different opinions about production-readiness. I think we’re getting close to beta-type status, but we’re not quite there yet.

NC: So where do you think Istio is going?

DR: Well, the Silicon Valley answer is that ultimately Istio will help power all of the world’s services, but I think we’re we’re a long way from that. We’ve got a lot of stuff to do before we get there. I mean one of the features that we were doing for this cycle was just an enabling of VMs that aren’t part of any Kubernetes cluster to join a mesh. So we want to keep working on doing that and expanding to more environments, as well as supporting multiple environments at the same time. Sort of a hybrid scenario. So those are some of our near-term goals.

MJ:  I think Doug covered the really long term and the near term. There are several intermediate goals, but they they kind of get into the nitty-gritty of what’s what’s important. One of the things that we really would like to see is a is a robust kind of vendor community that is building on top of Istio, or on the side of Istio. There are certain things that Istio does foundationally, and we would like to see where those belong to the stack, and then there are also areas and tasks on the side of Istio, and we would also like to see something come up there.

DR:  We’re really focused on getting more community engagement. We’ve been trying to get stuff out, but I think we need to start focusing more on how do we enable community, how do we excite the community, how do we meet the community’s needs now that we’ve sort of got the initial foothold out in the world?

NC: So what do what kind of engagement do you need the most in the community?

DR:  We could use development support, documentation support, design support, process support…

MJ:  We also want to see people do scenario testing to see whether the things we think are relevant are relevant to what people are actually doing. Then we’d like to see people actually trying them out and giving us some feedback. We would really like to get feedback, especially on configuration because that is the surface that an operator touches, and that is how an operator interacts with the system, so so that that feedback is extremely valuable to us

Also, Mixer has an adapter framework, which is the extensibility mechanism for Istio, and it’s how you can write new adapters to enable new functions. That has gone through a big rewrite between 0.1 and 0.2, so it’s another place where we really want feedback from users. For this event it’s unlikely that we’ll be able to get that feedback, but I’m just kind of laying that out there. For 0.2 these are some of the things that we really want some feedback for

DR: There’s a lot of stuff that we want to see happen but probably don’t have the experience to make happen ourselves, like the expertise to make this work on Amazon’s Cloud or different environments like that. I think we could really use community support. So that’s what I’d like to see.

If you’d like to participate in the user testing hackathon, you can sign up here to get instructions and access to donated hardware resources. Missed the date?  You can still help out by executing the test tasks and providing feedback.