Stack Overflow
Stack Overflow

Questions tagged [istio]

Istio is an open-source platform for managing and securing microservices

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:

  • Automatic load balancing for HTTP, gRPC, and TCP traffic.
  • Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
  • A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
  • Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
  • Secure service-to-service authentication with strong identity assertions between services in a cluster.

enter image description here

Getting Started

Books

2612 questions
4
votes
1 answer

Changing secrets of kiali in istio is not working

I have deployed istio in my eks cluster with demo profile. demo has kiali deployment with it. The access secret for kiali dashboard is ( username:admin,password:admin ).I was able to access my dashboard with this credentials. Then I created my own…
Shajal Ahamed
  • 141
  • 2
  • 16
4
votes
2 answers

istio: VirtualService rewrite to the root url

I have an Istio 1.4.6 VirtualService with a match and a url rewrite defined as follows: match: - authority: prefix: example.com uri: prefix: /foo/bar rewrite: uri: / route: - destination: host:…
Joe J
  • 9,985
  • 16
  • 68
  • 100
4
votes
2 answers

mTLS between two kubernetes clusters

I'm trying to get mTLS between two applications in two kubernetes clusters without the way Istio does it (with its ingress gateway), and I was wondering if the following would work (for Istio, for Likerd, for Consul...). Let's say we have a k8s…
JGG
  • 41
  • 4
4
votes
2 answers

k8s/istio - What's the alternative to HTTP caching between services while Envoy doesn't support it?

I'm looking for a fast HTTP response of cacheable data between services in Kubernetes. Since my apps are already container-native, I don't want to code in my application the logic of caching, neither via cache lib. The apps are focused mainly on…
ethanxyz_0
  • 713
  • 12
  • 37
4
votes
2 answers

Can envoy in istio trace external https api?

We use istio to use distributed tracing. Our microservices sometimes need to hit external APIs, which usually communicate over https. To measure the exact performance of the whole system, we want to trace the communication when hitting an external…
yu saito
  • 125
  • 7
4
votes
1 answer

After the Pod is injected into the sidecar of istio, the websocket connection will be interrupted abnormally

The backend uses Springboot to provide a WebSocket connection and sets the maximum idle time to 3 minutes. The program runs well in local. After 3 minutes of idle, the connection will be disconnected as scheduled. It can also be accessed normally by…
Li Yongsheng
  • 43
  • 1
  • 5
4
votes
4 answers

How to assign an IP to istio-ingressgateway on localhost?

I am using kubespray to run a kubernetes cluster on my laptop. The cluster is running on 7 VMs and the roles of the VM's spread as follows: NAME STATUS ROLES AGE VERSION k8s-1 Ready master 2d22h v1.16.2 k8s-2 Ready master …
softshipper
  • 32,463
  • 51
  • 192
  • 400
4
votes
3 answers

Equivalents of Nginx Ingress Annonations on IstIO Ingress Gateway

I'm currently migrating an IT environment from Nginx Ingress Gateway to IstIO Ingress Gateway on Kubernetes. I need to migrate the following Nginx…
Ronny Forberger
  • 393
  • 1
  • 8
  • 23
4
votes
1 answer

Istio: Can not access service with gateway over HTTP/HTTPS

Istio: 1.3 (also tried 1.1 before update to 1.3) K8s: 1.16.2 Cloud provider: DigitalOcean I have a cluster setup with Istio. I have enabled grafana/kiali and also installed kibana and RabbitMQ management UI and for all of those I have gateways and…
Max
  • 404
  • 2
  • 17
  • 39
4
votes
1 answer

Istio 503:s between (Public) Gateway and Service

I've been playing around with my Istio cluster configuration and I've ended up in a state I can't debug my way out of. I have the SDS+Gateway with a public IP configured. I have deployed the Istio HelloWorld app on port 5000. I can: exec into…
Henrik
  • 9,714
  • 5
  • 53
  • 87
4
votes
1 answer

How to set up Istio or Linkerd with namespace-level permissions (without cluster administration permission)?

We are using a K8s cluster but we don't have cluster level permissions, so we can only create Role and ServiceAccount on our namespaces and we need install a service mesh solution (Istio or Linkerd) only in our namespaces. Our operation team will…
Ali Rajabi
  • 45
  • 5
4
votes
3 answers

NLB -> Istio Gateway vs ALB -> Istio Gateway

It is my understanding that you're gonna have an NLB or ALB in front of your Istio Gateway anyway? But I am confused because it seems like Istio Gateway does a lot of things ALB does for Layer 7 and even more? So I read ALB -> Istio Gateway is ok,…
atkayla
  • 8,143
  • 17
  • 72
  • 132
4
votes
2 answers

How can I use custom client certificate for external service with istio?

I need to setup mutual tls communication from kubernetes pod to external service. My system is running with istio system. I found reference about…
chaeyk
  • 491
  • 1
  • 8
  • 20
4
votes
1 answer

istio - using vs service and gw instead loadbalancer not working

I’ve the following application which Im able to run in K8S successfully which using service with type load balancer, very simple app with two routes / - you should see 'hello application` /api/books should provide list of book in json format This…
JME
  • 881
  • 2
  • 11
  • 23
4
votes
1 answer

How to disable istio readiness probe

I want to disable istio readiness probe from doing health check.. on running service. Is there a way to disable http readiness probe and later enable it
pappu_kutty
  • 2,378
  • 8
  • 49
  • 93
1 2 3
99 100