Questions tagged [istio]

Istio is an open-source platform for managing and securing microservices

Istio is an open platform that provides a uniform way to connect, manage, and secure microservices. Istio supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code. Istio gives you:

Automatic load balancing for HTTP, gRPC, and TCP traffic.
Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection.
A pluggable policy layer and configuration API supporting access controls, rate limits and quotas.
Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress.
Secure service-to-service authentication with strong identity assertions between services in a cluster.

Getting Started

Books

2612 questions

votes

0 answers

istio_response_bytes_sum and istio_request_bytes_sum show different value for a service ..why?

I am looking for the metrics emitted by istio , but I find it weird that value returned by the metric istio_response_bytes_sum is almost double the value returned by…

asked Jul 15 '23 at 04:06

LKK

votes

1 answer

Disable Observability and telemetry in istio 1.14

We have upgraded from istio 1.10 to 1.14 and observe that headers like x-envoy-peer-metadata, x-b3-traceid are being added by the istio ingress gateway when send http requests to the upstreams. Has there been some change in versions 1.10+ that is…

istio

asked Jul 13 '23 at 21:57

Dattaram Porob

votes

1 answer

Referencing values in a values.yaml file inside a range or with loop within a Helm template

I've read the Helm documentation on flow control but I'm struggling to understand the best way to reference a top-level value within my values.yaml when I've restricted the scope in a template using a range or with loop. For example, I'm creating…

kubernetes-helm istio

asked Jul 13 '23 at 12:30

user3372090

votes

0 answers

Timeout while installing istio-ingress helm chart

I am trying to install istio-ingress helm chart but the command times out after 5 minutes with Error: INSTALLATION FAILED: timed out waiting for the condition. This is a bare-metal k8s installation with the following initial configuration: #…

kubernetes istio

asked Jul 11 '23 at 16:52

sm0ke21

votes

2 answers

Configuring Istio to use new HTTPS connection to external service

I have a VirtualService that splits traffic between an internal Service and an external ServiceEntry, based on HTTP route prefix. The external service requires HTTPS traffic. I test routes using curl like below: curl…

kubernetes istio

asked Jul 10 '23 at 23:19

GreenGiant

4,930
1
46
76

votes

0 answers

Istio error: invalid host header when trying to access using a FQDN

When I'm accessing istio endpoint using a FQDN it's showing this error whilst accessing just using IP is working fine. I tried to see if there's any issues with gateway or virtual service but they look fine otherwise SSL termination wouldn't have…

istio istio-gateway

asked Jul 09 '23 at 17:04

Kumar

votes

1 answer

Istio mTLS Clarification

I am a newbie with Istion. Recently I read from other Stack overflow Posts that communication between Istio Side car and the main container is not encrypted. However in a scenario where, I am performing a TLS passthrough in Istio at the…

kubernetes amazon-eks istio istio-gateway istio-sidecar

asked Jul 08 '23 at 21:40

santosh2000

votes

1 answer

Include X-Forwarded-Port header on requests through an Istio proxy

I'm looking at enabling Istio across a cluster. Inside the cluster are several services that generate links for clients to follow. Since enabling the istio sidecars the links are being generated incorrectly. A request will be made to service a at…

istio envoyproxy servicemesh

asked Jul 07 '23 at 08:40

Scottm

7,004
8
32
33

votes

0 answers

How to redirect all outgoing request from my cluster for host "*.mydomain.com" to the ingress IP of the istio installed on the same cluster?

I want to redirect all outgoing request from my cluster for host "*.mydomain.com" to the ingress IP of the istio installed on the same cluster. CAn anybody help me with how that can be done ? I am trying service entry like this apiVersion:…

kubernetes istio istio-gateway

asked Jul 05 '23 at 11:06

Bikash M

votes

0 answers

failed to call webhook: Post[https://istiod.istio-system.svc:443/validate?timeout=30s] validate?timeout=30s

I am unable to create virtual service or a serviceaccount in my GKE environment. My current istio version is istio-1.16.2. kubectl apply -f vs.yml Error from server (InternalError): error when creating “vs.yml”: Internal error occurred: failed…

webhooks istio istio-gateway istio-sidecar

asked Jul 04 '23 at 09:18

Dharun K

votes

0 answers

Istio not recognizing Postgres Traffic

I am using postgres installed from a bitnami helm chart in my istio service mesh. I am trying to access this database from outside of the cluster. When I hit the istio gateway that I have configured to allow TCP traffic to postgres in (using the go…

postgresql istio

asked Jun 29 '23 at 17:58

Paul Hansen

votes

0 answers

Unable to access HTTPS URL with istio gateway setup

unable to access apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: gateway namespace: istio-config spec: selector: istio: ingressgateway servers: - port: number: 443 name: https protocol: HTTPS …

kubernetes istio istio-gateway servicemesh

asked Jun 29 '23 at 16:51

Venu Reddy

votes

0 answers

Why Istio does not generate the following metrics for HTTP, HTTP/2, and GRPC traffic?

Why Istio does not generate the following metrics for HTTP, HTTP/2, and GRPC traffic? My Istio installation: helm repo add istio https://istio-release.storage.googleapis.com/charts helm repo update kubectl create namespace istio-system helm install…

istio istio-prometheus

asked Jun 29 '23 at 12:59

Maksim

votes

1 answer

istio send custom dynamic header to application by either using uuid or refer value from another already exiting header

Is there way in istio to set a custom request header (x-custom-header) with value as dynamic value (uuid) or setting value of the custom header from an already existing header? I am using gateway + virtualservice + envoy(sidecar) Example…

kubernetes http-headers amazon-eks istio

asked Jun 26 '23 at 12:59

aayush kumar

votes

0 answers

How to Enforce outbound traffic of istio-enabled namespace over a consistent IP in IKS?

I've my application deployed in istio-enabled namespace in IKS. I've egress-gateway service available in 'istio-system' namespace with external IP.how to enforce egress traffic over this external IP of egress-gateway for a istio-enabled namespace?…

istio istio-gateway istio-sidecar iks

asked Jun 26 '23 at 12:43

developer_here

Prev 1 2 3

…

99 100 Next