AI (Artificial Intelligence) Istio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring by deploying a special sidecar proxy throughout your environment that intercepts all network communication between microservices which includes:
- Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic.
- Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
- A pluggable policy layer and configuration API supporting access controls, rate limits, and quotas.
- Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
- Secure service-to-service communication in a cluster with strong identity-based authentication and authorization.
AI Istio is designed for extensibility and meets diverse deployment needs. It does this by intercepting and configuring mesh traffic as shown in the following diagram:
Core features
AI Istio provides key capabilities across a network of services:
- AI Istio Traffic management
- AI Istio Security
- AI Observability
Integration and customization with AI
The policy enforcement component of Istio can be extended and customized to integrate with existing solutions for ACLs, logging, monitoring, quotas, auditing with AI Ops
Kubernetes Helm in AI Embedded SOC
Kubernetes Helm in AI Embedded system on chip is a tool for managing Kubernetes package to do the:
- new charts creation from scratch
- Packaging charts into archive files
- Interacting with chart repositories where helm charts are stored
- Installing and uninstalling charts into Kubernetes cluster
For Kubernetes Helm, there are concepts of chart, config and release
Kubernetes Helm Components in AI Embedded SOC
The Helm Client a command-line client for end users responsible for the following:
- Local chart test and development
- Managing repositories and releases
The Helm Library provides the logic for Helm operations which interfaces with the Kubernetes API server and provides the capability of:
- Combining a charts
- Configuration to build a release
- Installing charts into Kubernetes
- Managing the subsequent release object
- Upgrading charts by interacting with Kubernetes
Helm Kubernetes Implementation in AI Embedded SOC
The Helm client and library is written in Go language.
The Kubernetes client communicate in AI Embedded Chips with Kubernetes for storing information in Secrets which is located inside of Kubernetes.
Common commands for Helm:
- helm search: searching for charts
- helm pull: downloading a chart to your local directory to view
- helm install: uploading the chart to Kubernetes
- helm list: listing releases of charts
Helm stores configuration based on the XDG base directory specification, for
- cached files which are stored in $XDG_CACHE_HOME/helm
- configuration which is stored in $XDG_CONFIG_HOME/helm
- data which is stored in $XDG_DATA_HOME/helm