Questions tagged [istio]

Istio is an open-source platform for managing and securing microservices

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:

Automatic load balancing for HTTP, gRPC, and TCP traffic.
Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
Secure service-to-service authentication with strong identity assertions between services in a cluster.

Getting Started

Books

2612 questions

votes

3 answers

Allow mutating webhooks to work with tls-enabled istio

I have the following MutatingWebhookConfiguration apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: name: example-webhook webhooks: - name: example-webhook.default.svc.cluster.local …

asked Jun 05 '22 at 12:22

pkaramol

16,451
43
149
324

votes

3 answers

Failed calling webhook "namespace.sidecar-injector.istio.io"

I have make my deployment work with istio ingressgateway before. I am not aware of any changes made in istio or k8s side. When I tried to deploy, I see an error in replicaset side that's why it cannot create new pod. Error creating: Internal error…

kubernetes istio

asked Jul 31 '21 at 20:04

letthefireflieslive

11,493
11
37
61

votes

1 answer

Enable http header logging for envoy in istio

I want to be able to capture (log) (at least some of) envoy's HTTP headers on my istio service mesh. I have gone through envoy's docs, and in the log levels' section, it does not mention any header-specific information. Currently, my istio-proxy log…

logging kubernetes http-headers istio envoyproxy

asked Jan 18 '21 at 09:04

pkaramol

16,451
43
149
324

votes

1 answer

EventStore on Kubernetes: Connection refused

I'm developing an open-sourced cloud event gateway in .NET 5.0, backed by an EventStore channel, and am facing problems to connect the ProjectionsManager service. I deployed an EventStore service in its own namespace, and can successfully connect to…

kubernetes istio .net-5 eventstoredb

asked Nov 25 '20 at 15:01

Charles d'Avernas

votes

1 answer

What is the difference VirtualService and Gateway in istio?

I am trying to understand the difference between the VirtualService and the Gateway in istio? As far I could understand, VirutalService is also used for the purpose of routing the traffic same as Gateway

istio envoyproxy

asked Sep 16 '20 at 07:41

Rajesh Kumar

votes

1 answer

Istio authorization policy not applying on child gateway

What I am trying to achieve: block all traffic to a service, containing the code to handle this within the same namespace as the service. Why: this is the first step in "locking down" a specific service to specific IPs/CIDRs I have a primary ingress…

kubernetes istio

asked Aug 29 '20 at 14:18

James Elliott

1,012
9
20

votes

3 answers

How to call the services within a mesh in ISTIO?

I am using service mesh https://istio.io/ installed on top of kubernetes and have installed the example https://istio.io/docs/examples/bookinfo/, that ISTIO provides on their website. Assume, I've created a service FOO and would like to call the…

kubernetes istio

asked Dec 16 '19 at 17:01

softshipper

32,463
51
192
400

votes

2 answers

Istio Kubernetes Ingress with Cert-Manager: no matches for kind "Certificate" in version "certmanager.k8s.io/v1alpha1"

I'm trying to configure HTTPS for my K8s/Istio cluster. I'm following this official tutorial step by step multiple times from scratch and get the same error every time when try to create a Certificate resource. no matches for kind "Certificate" in…

ssl kubernetes lets-encrypt istio cert-manager

asked Nov 07 '19 at 18:19

Max

votes

3 answers

How to add custom port for istio ingress gateway?

I'm new to istio. I have a simple ingress gateway yaml file, and the listenling port is 26931, but after I applied the yaml, the port 26931 does not appear in the set of ports which ingress gateway expose. So am I lack of some necessary step or…

kubernetes kubernetes-helm kubernetes-ingress istio

asked Jun 19 '19 at 06:59

leo

1,045
3
15
27

votes

1 answer

Connecting to Istio ingress gateway gives a 404 error

I installed istio v1.1.1 using the available helm chart. I have $ kubectl get svc istio-ingressgateway -n istio-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) …

google-kubernetes-engine gateway kubernetes-ingress istio

asked Apr 07 '19 at 05:56

kosta

4,302
10
50
104

votes

3 answers

Kubernetes: Route incoming traffic to specific Pod

I want to deploy many Pods in Google Kubernetes Engine and then establish a TCP connection to each specific Pod by Subdomain like pod-name-or-label.mydomain.com or path routing like protocol://mydomain.com:7878/pod-name-or-label. I have looked in…

kubernetes network-programming kubernetes-ingress google-kubernetes-engine istio

asked Nov 08 '18 at 17:05

micha

votes

3 answers

Does Istio support UDP protocol?

Use case, need to loadbalance UDP:69 traffic between network devices and application which is running on k8s. Does Istio support UDP traffic loadbalancing?

udp istio

asked Aug 22 '18 at 10:48

Sudhakar Ambati

votes

1 answer

go gRPC routing without specifying port

New to gRPC: Having a gRPC client, how do you use routing? My gRPC server is at this local path 10.0.1.6/hw. It is running and listening in a Kubernetes pod and it is working internally, if I run it in a pod. But I am now accessing it via url and…

go kubernetes grpc istio

asked Apr 24 '18 at 15:34

Chris G.

23,930
48
177
302

votes

1 answer

How to debug an EnvoyFilter in Istio?

I have the following filter: apiVersion: networking.istio.io/v1alpha3 kind: EnvoyFilter metadata: name: proper-filter-name-here namespace: istio-system spec: workloadSelector: labels: app: istio-ingressgateway configPatches: -…

debugging istio envoyproxy

asked Oct 12 '21 at 09:16

2240

1,547
2
12
30

votes

0 answers

How to configure istio for mesh federation without service discovery

Multi-trust deployment model from istio documentation I want to connect multiple meshes together. I currently manage 3 different AKS clusters Operations (aks-ops-euwest-1) Staging (aks-stg-euwest-1) Production (aks-prod-euwest-1) I have Hashicorp…

kubernetes istio istio-gateway

asked Apr 15 '21 at 12:50

Ludovic C

2,855
20
40

Prev 1 2 3

…

99 100 Next