Istio and Envoy is used by
Cloud migration involves moving your application and data from on-premise to public clouds such as AWS, GCP, and Azure for more availability, scalability, and performance. There are 3 main ways or strategies of migrating on-premise applications to the cloud: lift and shift, improve and move, and rip and replace. Improve and move cloud migration strategy is popular and safest because it involves the gradual migration of applications in smaller chunks — service-by-service — rather than the application itself.
Istio service mesh decouples the network and security layer from your business layer. In microservices architecture traffic to applications happens over the network using API calls. Istio service mesh abstracts away the network operation and reduces the complexity by introducing secured communication between services and advanced traffic management features. By deploying Istio service mesh, you can route the traffic (in the run-time) to legacy and cloud applications. The best part is one does not need to make any changes to core business logic.
Perform initial assessment and find out the least critical feature and plan to migrate the application into the cloud. Pick up a less dependent and less business-critical app and deploy one of the services into the public cloud. You can perform a smoke and sanity test of the new application. And then configure the Istio Ingress controller to allow a smaller portion of traffic to the new service. Exposing the newly deployed cloud service to smaller traffic using Istio is useful because clients will not notice the change.
Check if the newly deployed service is stable by conducting performance and behavior analysis. You can collect the metrics and logs to analyze and find regressions. Istio allows most of the monitoring and logging tools to monitor the sidecar. If there is any problem, you can rollback to the previous version. And in case you are confident about the performance of the deployed services you can increase the amount of traffic. Istio helps you to configure the traffic routing and shaping rules using CRDs based on metrics and log analysis.
Once you gradually increase the traffic to the new service by 80% to 90%, you can perhaps plan to phase out the legacy service. Istio ingress will only divert the traffic to the newly deployed services.
You can gradually repeat the process for other services in the legacy environment and then finally retire the legacy environment. Istio will be routing no traffic to the legacy workloads. The same load balancing approach in Istio can be used for achieving failover in case of high available application configuration.