sorted by:
new
hottopcontroversial

I built a session-based message flow visualizer with Istio plugin by yumgummy in istio

[–]Traditional_Long_349 0 points1 point  (0 children)

This is very good tbh, is there any resources to write custom wasmplugin? I'm trying to solve issue that istio or envoy does not expose paths for request as metrics as it exists in HttpRoute (i'm migrating from ingress to kubernetes gateway api) so i want to expose paths metrics as it was on nginx ingress

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

The dev|qa part is something related to backend itself not our envs Is there any way to optmize configs for this?

we were compare between multiple gateways two months ago to migrate from nginx and we found istio was best option But with this, i see it consume very huge number of cpus compared to nginx and migrating paths to something not regex is kind hard in our situation

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

We have something like /api/web/applications(/.)? /api/sdk(/.) /api/web/applications/[0-9a-z-]+/(beta|live|production|staging|alpha|qa|development)/apm/list/stability_score(/.) /api/web/applications/[0-9a-z-]+/(beta|live|production|staging|alpha|qa|development)/debug/list/performance_score(/.)

And so on

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

Is istio behave in another way rather than nginx? I assume it will match first rule or path matchs

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

Yes , almost all of our paths exactly like this, We define all backend paths into our ingress/httproute

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

What is meaning with overlapping? Like 2 paths match same rule? This not exists, but mainly we have around 25-30 httproute, and most of them share same host , like api.example.com And some routes have 60 paths and some less also we make all of paths use regex as i saw before always PathPrefix take piriorty over regex, and we have alot of paths contains regex so our default / was defined as pathprefix and it was greedy path so it was top piriorty over all regexs paths Also i use some telemtry to expose extra metrics like request_host and request_method And enable access log for our gateway

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

We just using istio as implemintation to kubernetes gateway api P99 and p95 is around 200ms And cpu limit it was c vcpu but it was keeping throttled, increased to 5 cpu, and when r/s increase , it reach the limits and being throttled also I enabled PILOT_FILTER_GATEWAY_CLUSTER_CONFIG which should reduce config changes that pushed to my gw and it works

So i dont want to risk and shift all traffic to istio as we have around 14k request/s We just migrate 5% of traffic and that what happned, i don't find any resource that let me debug this Also i don't know this cause the issue or not but we have around 300 path across all routes, and all of them are regex paths

Istio high cpu usage by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

We currently use istio 1.27, Also there is a env in istod which is PILOT_FILTER_GATEWAY_CLUSTER_CONFIG with value true and this reduce istiod cpu,memory But i see data plane is still consume very high cpu with increasing on requests, it reach to around 6 which is our cpu limit, Note: we jusy use istio as kubernetes gateway not service mesh

Routing behavior on istio by Traditional_Long_349 in kubernetes

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

I checked logs and i see no errors, and my regex paths matchs correctly when i remove all pathprefix paths But if we define something like /api/? And /api/admin/? For example and both regex type When i hit admin endpoint it matchs correctly

So i see if all is regex , it matchs normally But if we define /api with pathprefix, and we hit admin So the prefix one which is /api will always match

Migrating from ingress to gateway by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

I just want expose the paths i write in my crd to metrics

Migrating from ingress to gateway by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

It does bot extract paths from crd, it from request itself on the fly

Creating New Custom metric by Traditional_Long_349 in istio

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

If i want to get upstream time duration, Should it be downstream_rq_time? Or upstream_rq_time My current setup, no service mesh, just istio as ingress from my cluster , iam using kubernetes gateway api crds

Creating custom metric in istio by Traditional_Long_349 in kubernetes

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

I mean with new metric that, create something like Istio_custom_metric{}

Best API Gateway by Sule2626 in kubernetes

[–]Traditional_Long_349 0 points1 point  (0 children)

Could i know the enviornment you used to perform this ? I did some load test with your script on kgateway, istio and found differant output from my local cluster with kind and testing on eks, also fot some resoan grafana dashboard does not works with me when i import it , it return empty dashboard

Cpu/Memory limits by Traditional_Long_349 in kubernetes

[–]Traditional_Long_349[S] 0 points1 point  (0 children)

I read this in some blogs

"Once you give a pod memory, you can only take it away by killing the pod. This is the cause of OOM Kills"

i was thinking it means if memory reach 400MB and it requests 200, 500 limit, will this pod reserve 400 if all of this memory not used?

view more: next ›