Does all Knative traffic have to route through Master node?

Question

My question: Is all traffic from users to Knative service/pod must traverse through Master node?

For example: I, as a customer from outside of the cluster, create a curl request to a service (pod HelloWorld), then is it true that my request and the return result for my request (from pod Hello World) must go through the Master node first before reaching the destination?

I have done a small test by creating a curl request from outside to a HelloWorld service in my cluster and captured packet flows by tcpdump: flow traces

It seems to me that:

1. Curl traffic for HelloWorld arrives at kourier-internal pod that is residing in Master.

2. Traffic then is forwarded to activator pod, which is also in Master.

3. Now traffic is routed to the Worker node, where HelloWorld pod stays.

4. After being processed in HelloWorld in the Worker node, the return result will be sent back in the reverse path as described above.

Is my explanation correct? and for me this routing is kinda weird ... it creates extra latency and put heavy bandwidth pressure on the paths to the Master node :( Is there a way to route traffic directly from outside to the Worker node where my pod is located? Thanks in advance everyone!

Answer 1

Knative traffic flows through an HTTP ingress, which can be implemented through multiple pods on the cluster, which could run on either control-plane or worker nodes. (If you use a cloud provider's Kubernetes, you won't be able to run any pods on the control plane nodes.)

Try scaling your envoy pods beyond replicas: 1, and make sure that your load balancer can send traffic to all replicas. You should see that there are multiple paths that the traffic flows through. (You may also need to scale the activator replicas to see the full distributed system.)