In a traditional environment, a centralized proxy receives all traffic, and that traffic is routed to the services that do the actual work. As workloads grow, scalability issues can arise. However, Istio solves this and other similar problems with the use of a lean and thin proxy, which we will learn about in this chapter. We will discuss in detail the enablement of policies related to rate limits, service denials, and the enforcement of quotas without having to change any application source code.

By the end of this chapter, you will learn how to enable network-based policies for resource quotas and quota limits, as well as learning about how quota rules are assigned to a demo microservice. Besides this, we will set up a white/blacklist of services (based on IP) within the demo application for service denials.

In a nutshell, we will cover the following topics in this chapter:

• An introduction to rate limits
• Enabling rate limits
• Controlling access to a service