Istio (Service Mesh)
Istio is the service mesh used by FOSPS for network management, providing traffic control, security, and acting as the Service Mesh and Gateway.
Key Functions
Traffic Management
- Load balancing
- Request routing
- Fault injection
- Circuit breaking
- Timeouts and retries
Security
- Mutual TLS (mTLS) between services
- Authentication policies
- Authorization policies
- Certificate management
Gateway
- External traffic ingress
- API exposure
- Virtual service routing
- TLS termination
Integration with FOSPS
Service-to-Service Communication
Istio manages communication between FOSPS architectural layers:
- App Layer ↔ Service Layer
- Service Layer ↔ Data Layer
- Between microservices within the Service Layer
VirtualServices
New components require Istio VirtualService definitions for external access, including:
- Focusing Manager APIs
- FHIR Server endpoints
- Custom tools like Focusing Inspector
Deployment
Works in conjunction with:
- Kubernetes for orchestration
- Helm Charts for configuration
- OpenAPI specifications for API definitions
Related Concepts
- FOSPS - Overall platform
- Kubernetes Deployment - Orchestration layer
- Architectural Layers - Component structure
- Keycloak - Authentication integration