Questions tagged [istio]

Istio is an open-source platform for managing and securing microservices

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:

Automatic load balancing for HTTP, gRPC, and TCP traffic.
Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
Secure service-to-service authentication with strong identity assertions between services in a cluster.

Getting Started

Books

2612 questions

votes

0 answers

How to filter traffic by Client IP with istio on GKE

I'm trying to make a traffic management in my k8s cluster with istio My goal to achieve is looking like this: I have 2 versions of my application running, V1 and V2. I want to make sure that all traffic that comes to the domain - istio-ingress…

asked Aug 03 '23 at 11:21

Semen Kolesnikov

votes

1 answer

In istio, route outgoing https traffic to internal http service

I have a pod with container X and container Y, plus istio sidecars. I would like that whenever container Y makes a request to a specific external https url https://www.example.com/* this gets routed to the internal container X on port 8080…

istio

asked Aug 03 '23 at 05:28

wollow

votes

0 answers

How can I redirect traffic based on the user's identity?

I'm working on a solution to redirect traffic to specific workloads based on a user's identity. However, I have some doubts about my initial approach and whether there might be a more efficient method for achieving my goal. My current approach is as…

istio

asked Aug 02 '23 at 11:36

Kemical

votes

0 answers

Noticeable increase in Surgequeuelength and SpilloverCount metrics for Classic Load Balancer

I am using istio and I have karpenter setup. for node autoscalilng. I have couple of services running and Im using isito gateway. istio creates a classic load balancer in aws when setting up gateway-controller. but now I am facing this issue. in the…

amazon-web-services amazon-elb istio istio-gateway

asked Jul 28 '23 at 01:48

kicinixav

votes

1 answer

Can istio circuit breaker stop traffic for only one upstream server?

I have been tested OutlierDetection for one upstream pod. I expected that istio prevents request goes to target upstream pod. My test environment: Tested on docker-desktop, k8s, istio, github + argocd Target upstream pod always returns 500 http…

kubernetes istio circuit-breaker

asked Jul 26 '23 at 05:06

Youngrok Ko

votes

2 answers

Istio gateway, connection refused

I have a bare-metal kubernetes cluster, which use metallb as ELB. I am tring to expose a service with istio gateway, but facing connection refused problem. I am new to istio, please help to check my manifests. versions: Kubernetes clsuter version:…

kubernetes istio

asked Jul 25 '23 at 03:27

WestFarmer

votes

0 answers

With istio circuit breaker (OutlierDetection), can default error response be configured?

I'm using k8s, rest apis, and istio system. And I try to attach DestinationRule OutlierDetection infront of services as circuit breaker. My Quetion is this. If every upstream of host goes down, can make istio return some configured status and…

kubernetes istio circuit-breaker

asked Jul 24 '23 at 05:50

Youngrok Ko

votes

1 answer

SSR using internal api calls in kubernetes

I have a nextjs fronted application and a api hosted inside a kubernetes cluster. I am using istio for this implementation. So what I want to do now is whenever I do ssr I want to be able to get data from internal network without reaching out to my…

kubernetes istio istio-gateway

asked Jul 22 '23 at 11:12

z9fr

votes

0 answers

Connection pool in Istio

Currently working on Istio configuration. Below are the configuration connectionPool: tcp: maxConnection:1 connectTimeout: 1000ms http: httpMaxPendingRequest:128 maxRequestPerConnection:256 With above configuration we are running jmeter script with…

connection-pooling istio traffic circuit-breaker istio-gateway

asked Jul 21 '23 at 15:57

Suki

votes

1 answer

Istio egress routing with multiple external hosts through egress gateway not working

We have an use case where we need to create egress gateways to communicate with multiple external hosts. We followed the documentation given in…

kubernetes google-cloud-platform istio istio-gateway

asked Jul 20 '23 at 11:08

kmukherjee2005

votes

0 answers

Running Harbor with Istio and Cert Manager

I have been trying to pull images from Harbor for a few days now but no luck yet. I'm using harbor bitnami chart, Version v2.8.2, istio 1.16.1, cert manager v1.12.0 and argocd 2.7.6. Pushing images to harbor works with DroneCI an the ui works well…

docker kubernetes istio cert-manager harbor

asked Jul 19 '23 at 15:19

i23132178

votes

0 answers

istio sidecar proxy pass header from service a to service b

I have a service-A that receives a header "Authorization" I want to pass this header for outbound calls to service-B. I set up an EnvoyFilter but the header is never added. apiVersion: networking.istio.io/v1alpha3 kind: EnvoyFilter metadata: name:…

istio envoyproxy istio-gateway istio-sidecar

asked Jul 19 '23 at 14:55

slik

5,001
6
34
40

votes

0 answers

Services Inside GKE Cluster not Visible in Anthos Service Mesh Dashboard

I have been trying to apply Managed Anthos Service Mesh on top of an autopilot GKE cluster and view the services in the topology section of the Anthos Service Mesh dashboard, but only one of roughly 10 services contained within said GKE cluster is…

google-cloud-platform devops google-kubernetes-engine istio google-anthos-service-mesh

asked Jul 18 '23 at 20:35

Anas Belmokhtar

votes

1 answer

Can istio exclude POD from the load balancing by latency?

I have two services (A and B for example) that communicate with each other via GRPC and work in an OpenShift cluster. I want to exclude sick pods from balancing by response time. For example, if the response time of service B is set to more than…

openshift istio envoyproxy istio-sidecar

asked Jul 18 '23 at 09:00

Genrih Frank

votes

0 answers

"UO" outliner detection flag in istio_requests_total metric is missing ,but see a flag with "-"

I have a weird issue when trying to check circuit breaker metric . The query I used is sum(istio_requests_total{response_code="503",response_flags="-",reporter="destination"}) by (pod_name,source_app, response_flags,…

istio envoyproxy istio-sidecar istio-operator istio-prometheus

asked Jul 17 '23 at 03:00

LKK

Prev 1 2 3

…

99 100 Next