You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
John Howard 917ac854ac
Cleanup envoy download code (#24340)
3 days ago
.github Create Security Policy for Istio issue template (#24153) 1 week ago
bin Remove version mapping (#23512) 1 month ago
common Automator: update common-files@master in istio/istio@master (#24267) 5 days ago
common-protos Release 1 5 common files update (#20394) 4 months ago
docker Remove legacy kubectl image (#21269) 3 months ago
galley Cleanup dead code (#24053) 5 days ago
install Move cert generation tooling to tools/. (#24343) 3 days ago
istioctl Cleanup dead code (#24053) 5 days ago
licenses Update mini Redis version (#23439) 1 month ago
manifests cleanup legacy user-sds metadata config (#24389) 3 days ago
mixer Stop putting year in the copyright notice (#23958) 1 week ago
operator cleanup legacy user-sds metadata config (#24389) 3 days ago
pilot cleanup legacy user-sds metadata config (#24389) 3 days ago
pkg Cleanup envoy download code (#24340) 3 days ago
prow test framework: support multinetwork scenarios (#23732) 2 weeks ago
release Fix download scripts (#23191) 1 month ago
samples Update jquery and nodejs (#24304) 3 days ago
security Cleanup dead code (#24053) 5 days ago
tests CI scoped messages are either None or Info, Debug log statements will never print (#24390) 3 days ago
tools Use v3 filters in bootstrap (#24355) 3 days ago
.codecov.yml Include js/css files into static folder (#12983) 1 year ago
.gitattributes Automator: update common-files@master in istio/istio@master (#23013) 1 month ago
.gitignore Clean up Make for deprecated files to remove (#24205) 5 days ago Update common files. (#14914) 11 months ago
CODEOWNERS Modify CODEOWNERS with micro review optimizations (#24261) 5 days ago Add a local file that points to the main one on istio/community. (#1871) 2 years ago
LICENSE Automator: update common-files@master in istio/istio@master (#20379) 4 months ago
Makefile Automator: update common-files@master in istio/istio@master (#22646) 2 months ago Clean up Make for deprecated files to remove (#24205) 5 days ago Fix PHONY recursion if target matches directory name (#22700) 2 months ago fix typo (#24141) 4 days ago Update common files. (#16989) 8 months ago
codecov.skip Delete unused scripts and references to deleted e2e tests (#22348) 2 months ago
codecov.threshold Use random seeds for jitter in node agent and update test coverage threshold (#17630) 8 months ago
go.mod Automator: update istio/api@master dependency in istio/istio@master (#24347) 4 days ago
go.sum Automator: update istio/api@master dependency in istio/istio@master (#24347) 4 days ago
istio.deps Updating CNI Sha for master branch (#23903) 2 weeks ago

Go Report Card


An open platform to connect, manage, and secure microservices.

  • For in-depth information about how to use Istio, visit
  • To ask questions and get assistance from our community, visit
  • To learn how to participate in our overall community, visit our community page

In this README:

In addition, here are some other documents you may wish to read:

You’ll find many other useful documents on our Wiki.


Istio is an open platform for providing a uniform way to integrate
microservices, manage traffic flow across microservices, enforce policies
and aggregate telemetry data. Istio’s control plane provides an abstraction
layer over the underlying cluster management platform, such as Kubernetes.

Istio is composed of these components:

  • Envoy - Sidecar proxies per microservice to handle ingress/egress traffic
    between services in the cluster and from a service to external
    services. The proxies form a secure microservice mesh providing a rich
    set of functions like discovery, rich layer-7 routing, circuit breakers,
    policy enforcement and telemetry recording/reporting

    Note: The service mesh is not an overlay network. It
    simplifies and enhances how microservices in an application talk to each
    other over the network provided by the underlying platform.

  • Mixer - Central component that is leveraged by the proxies and microservices
    to enforce policies such as authorization, rate limits, quotas, authentication, request
    tracing and telemetry collection.

  • Pilot - A component responsible for configuring the proxies at runtime.

  • Citadel - A centralized component responsible for certificate issuance and rotation.

  • Citadel Agent - A per-node component responsible for certificate issuance and rotation.

  • Galley - Central component for validating, ingesting, aggregating, transforming and distributing config within Istio.

  • Operator - The component provides user friendly options to operate the Istio service mesh.

Istio currently supports Kubernetes and Consul-based environments. We plan support for additional platforms such as
Cloud Foundry, and Mesos in the near future.


The Istio project is divided across a few GitHub repositories.

  • istio/istio. This is the main repository that you are
    currently looking at. It hosts Istio’s core components and also
    the sample programs and the various documents that govern the Istio open source
    project. It includes:

    • security. This directory contains security related code,
      including Citadel (acting as Certificate Authority), citadel agent, etc.

    • pilot. This directory
      contains platform-specific code to populate the
      abstract service model, dynamically reconfigure the proxies
      when the application topology changes, as well as translate
      routing rules into proxy specific configuration.

    • istioctl. This directory contains code for the
      istioctl command line utility.

    • mixer. This directory
      contains code to enforce various policies for traffic passing through the
      proxies, and collect telemetry data from proxies and services. There
      are plugins for interfacing with various cloud platforms, policy
      management services, and monitoring services.

  • istio/api. This repository defines
    component-level APIs and common configuration formats for the Istio platform.

  • istio/proxy. The Istio proxy contains
    extensions to the Envoy proxy (in the form of
    Envoy filters), that allow the proxy to delegate policy enforcement
    decisions to Mixer.

Issue management

We use GitHub combined with ZenHub to track all of our bugs and feature requests. Each issue we track has a variety of metadata:

  • Epic. An epic represents a feature area for Istio as a whole. Epics are fairly broad in scope and are basically product-level things.
    Each issue is ultimately part of an epic.

  • Milestone. Each issue is assigned a milestone. This is 0.1, 0.2, ..., or ‘Nebulous Future’. The milestone indicates when we
    think the issue should get addressed.

  • Priority/Pipeline. Each issue has a priority which is represented by the Pipeline field within GitHub. Priority can be one of
    P0, P1, P2, or >P2. The priority indicates how important it is to address the issue within the milestone. P0 says that the
    milestone cannot be considered achieved if the issue isn’t resolved.

To view the project board on ZenHub, we recommend downloading the ZenHub browser extension.
Please note that this is only supported in Firefox and Chrome at the moment.

We don’t annotate issues with Releases; Milestones are used instead. We don’t use GitHub projects at all, that
support is disabled for our organization.