Questions tagged [istio]

Istio is an open-source platform for managing and securing microservices

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:

Automatic load balancing for HTTP, gRPC, and TCP traffic.
Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
Secure service-to-service authentication with strong identity assertions between services in a cluster.

Getting Started

Books

2612 questions

votes

2 answers

Istio Virtual Service Relationship to Normal Kubernetes Service

I am watching a Pluralsight video on the Istio service mesh. One part of the presentation says this: The VirtualService uses the Kubernetes service to find the IP addresses of all the pods. The VirtualService doesn't route any traffic through the…

kubernetes istio

asked Mar 11 '21 at 17:27

Vaccano

78,325
149
468
850

votes

1 answer

Azure Kubernetes - prometheus is deployed as a part of ISTIO not showing the deployments?

I have used the following configuration to setup the Istio cat << EOF | kubectl apply -f - apiVersion: install.istio.io/v1alpha1 kind: IstioOperator metadata: namespace: istio-system name: istio-control-plane spec: # Use the default profile as…

kubernetes istio istio-kiali istio-prometheus

asked Oct 22 '20 at 14:28

One Developer

votes

1 answer

How Istio DestinationRule related to Kubernetes Service?

I trying to understand how to work load balancing in Istio. Istio DestinationRule define rules for traffic balancing between pods. K8s Service similar manages traffic load balancing between pods. DestinationRule define host and k8s service define…

load-balancing istio

asked Oct 22 '20 at 08:41

Pavel Serebryakov

votes

1 answer

Can I define subdomains for a classic AWS ELB that was provisioned by Istio?

I deployed Istio in a Kubernetes cluster hosted in AWS EKS. That created a Kubernetes service of type LoadBalancer named istio-ingressgateway with an external hostname of [redacted]-redacted.us-west-2.elb.amazonaws.com, and automatically provisioned…

amazon-web-services grpc kubernetes-ingress amazon-elb istio

asked Sep 23 '20 at 23:33

mipnw

2,135
2
20
46

votes

1 answer

Envoy filter for outbound https traffic

I am trying to intercept all outbound http/s traffic from a pod and add a custom header to the request. After reading some documentation I came to the understanding that an envoy filter on SIDECAR_OUTBOUND with some custom lua code would do the…

kubernetes istio

asked Jul 27 '20 at 10:39

Stefan Todorov

votes

0 answers

Apply envoyfilter ext_authz per virtual hosts

I have ext_authz filter as this: kind: EnvoyFilter metadata: name: authn-filter namespace: istio-system spec: workloadSelector: labels: istio: ingressgateway configPatches: - applyTo: HTTP_FILTER match: context:…

kubernetes filter istio envoyproxy

asked Jun 08 '20 at 20:22

abdul salama

votes

1 answer

Average request duration using Prometheus

I have deployed the Istio Bookinfo application in a Kubernetes cluster. Following the documentation, I'm trying to measure the average request duration using the following query: rate(istio_request_duration_milliseconds_sum[1m]) /…

kubernetes prometheus istio duration latency

asked Jun 01 '20 at 17:07

Jackie

votes

0 answers

Istio Circuit Breaker Fallback

I'm exploring Istio's circuit breaker and wan't to setup fallback methods if the circuit trips. I have a few Spring boot applications that are deployed on kubernetes and with Istio's circuit breaking defined in DestinationRule. I can see that my…

spring-boot istio hystrix circuit-breaker

asked Mar 30 '20 at 17:45

ViV

1,998
8
27
54

votes

2 answers

In Istio Envoy access log, what is upstream and downstream remote, local

Scenario I'm using Istio 1.5 From this question I know the default envoy access log format that Istio uses, which is \[%{TIMESTAMP_ISO8601:timestamp}\] \"%{DATA:method} (?:%{URIPATH:uri_path}(?:%{URIPARAM:uri_param})?|%{DATA:}) %{DATA:protocol}\"…

istio envoyproxy

asked Mar 26 '20 at 23:54

Tran Triet

1,257
2
16
34

votes

1 answer

Setting up Istio with Terraform, not using Helm

So for background, I am trying to deploy a containerized webapp inside a kubernetes cluster, which is secured and monitored by istio ft kiali. As I do not want to configure everything by hand I am using Terraform to deploy and update any…

terraform istio

asked Mar 04 '20 at 11:00

A7exSchin

votes

3 answers

The external IP of istio ingress gateway stay pending

I deployed a istio to k8s and it works well at first, but after one day, I can't access the app via ingress gateway. Then checked the istio svc status. It shows the external ip of the istio ingress gateway is pending. I checked logs and events of…

kubernetes istio

asked Mar 02 '20 at 07:10

zzg

votes

1 answer

How to integrate OpenIdconnect with istio?

I want to authenticate end users using JWT provided by OpenId connect providers like keycloak or auth0..etc in a istio service mesh.But I am not able to successfully integrate it proboably because I am new to JWT auth and istio. Can someone provide…

openid-connect keycloak istio jwt

asked Mar 02 '20 at 06:11

sachin

1,220
1
14
24

votes

2 answers

How do I create an internal gateway using Istio?

Currently, we successfully setup Istio to create a couple ingress-gateways like api.example.com and app.example.com, that route traffic to a variety of services with destination rules, etc. In addition to this, we would love to use Istio's features…

kubernetes istio

asked Jan 05 '20 at 21:35

cjspook

votes

3 answers

How to configure TLS origination in ISTIO?

Istio does not route to external HTTPs service via TLS origination. I have a pod containing two containers: - Application - ISTIO Proxy Application makes a call to external third party API which resides on…

kubernetes istio envoyproxy mtls

asked May 09 '19 at 08:38

vikp

votes

3 answers

Service Meshes (like Istio) vs. Event-Driven architecture for Microservices

Hi Microservices Gurus, I had a question on service to service communication architecture of Microservices. Istio or any service mesh can make the routing, discovery and resilience of Microservices' communication easy to manage. However, it does not…

docker kubernetes containers microservices istio

asked Apr 05 '19 at 07:49

Pramod Sharma

Prev 1 2 3

…

99 100 Next