Continental Innovates with Rancher and Kubernetes
Available as of v2.3.0
This section describes the minimum recommended computing resources for the Istio components in a cluster.
The CPU and memory allocations for each component are configurable.
Before enabling Istio, we recommend that you confirm that your Rancher worker nodes have enough CPU and memory to run all of the components of Istio.
Tip: In larger deployments, it is strongly advised that the infrastructure be placed on dedicated nodes in the cluster by adding a node selector for each Istio component.
The table below shows a summary of the minimum recommended resource requests and limits for the CPU and memory of each central Istio component.
In Kubernetes, the resource request indicates that the workload will not deployed on a node unless the node has at least the specified amount of memory and CPU available. If the workload surpasses the limit for CPU or memory, it can be terminated or evicted from the node. For more information on managing resource limits for containers, refer to the Kubernetes documentation.
You can individually configure the resource allocation for each type of Istio component. This section includes the default resource allocations for each component.
To make it easier to schedule the workloads to a node, a cluster administrator can reduce the CPU and memory resource requests for the component. However, the default CPU and memory allocations are the minimum that we recommend.
You can find more information about Istio configuration in the official Istio documentation.
To configure the resources allocated to an Istio component,
Result: The resource allocations for the Istio components are updated.
Pilot provides the following:
For more information on Pilot, refer to the documentation.
Mixer enforces access control and usage policies across the service mesh. It also integrates with plugins for monitoring tools such as Prometheus. The Envoy sidecar proxy passes telemetry data and monitoring data to Mixer, and Mixer passes the monitoring data to Prometheus.
For more information on Mixer, policies and telemetry, refer to the documentation.
Distributed tracing enables users to track a request through a service mesh. This makes it easier to troubleshoot problems with latency, parallelism and serialization.
The Istio gateway allows Istio features such as monitoring and route rules to be applied to traffic entering the cluster. This gateway is a prerequisite for outside traffic to make requests to Istio.
For more information, refer to the documentation.
You can query for Istio metrics using Prometheus. Prometheus is an open-source systems monitoring and alerting toolkit.
You can visualize metrics with Grafana. Grafana lets you visualize Istio traffic data scraped by Prometheus.