Installing Open Source Istio on Kubernetes Engine

Istio is an open source framework for connecting, securing, and managing microservices. It can be used with any service, including but not limited to services that are hosted in a Kubernetes cluster. Istio lets you create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without requiring any changes in service code.

You add Istio support to services by deploying a special Envoy sidecar proxy to each of your application's pods in your environment. Sidecar means that it gets deployed alongside your application, and your application interacts with the outside world, both ingress and egress, through the Envoy Proxy. Developers of applications can take advantage of the communication and networking enhancements provided by Envoy - like client-side load balancing, circuit breakers, logging, mTLS, etc. - without additional coding, and without finding the libraries in the language of choice.

As one example - in reliable distributed systems, it's common for a system to want to retry a request after a failure, possibly with an exponential backoff delay. There are libraries for Java, Golang and NodeJS that do this. However, employing them within the app means each different app will need to solve that problem independently. The Istio sidecar could do this for the app, automatically.

Because of the proximity of the sidecar to the application, there's no significant latency when communicating between them.

Open Source Istio

This guide shows you how to install open source Istio on a GKE cluster using the Helm package manager for Kubernetes. Istio has configurable profiles, that can be used with Helm, that serve as helpful starting points for customizing your Istio setup.

As an alternative, you can learn more about the Istio on GKE Add-On, which automatically keeps your Istio control plane components up-to-date. The Istio on GKE Add-On manages the Istio control plane lifecycle as part of the GKE upgrade process.


In this lab, you will learn how to perform the following tasks:

  • Provision a cluster on Google Kubernetes Engine (GKE).
  • Install and configure open source Istio using Helm, which includes the Istio control-plane and Envoy proxies as sidecars.
  • Deploy Bookinfo, an Istio-enabled multi-service application.
  • Enable external access using an Istio Ingress Gateway.
  • Use the Bookinfo application.
  • Explore Stackdriver Kubernetes Engine Monitoring.

