Problem: The client, a FinTech company, managing thousands of microservices using Istio in sidecar proxy mode, faced high CPU and memory utilization. This was caused by the overhead from Istio sidecars, which were handling: Traffic encryption and decryption with mTLS. Traffic routing (rate limiting, retries) and policy management. Telemetry generation for monitoring and tracing tools. […]
Communication 30 Dec 2024 Resolving Timeout Issues for Internal Services in Istio-Managed EKS ClustersProblem: The client used Istio to manage service communication in a distributed microservices architecture. Centralized services, including Gitlab, Keycloak, Vault, and others, were hosted in an Amazon EKS cluster and accessed via a WireGuard-based VPN mesh (Netbird) from 10 external Kubernetes clusters. Despite having all services exposed through Istio ingress gateways, external clusters experienced frequent […]
Communication 27 Dec 2024 Optimizing DNS Resolution and Resolving Readiness Delays in Kubernetes with Istio and CrossplaneProblem: The client reported delays in the readiness of ingress virtual services and difficulty accessing services through DNS names. Despite using Istio for service-to-service communication and centralized services like Keycloak, Gitlab, Vault, and others, the setup was taking too long, especially when resolving DNS names for these services. The delay was primarily due to Crossplane […]
Communication