Traffic Management FAQ
How can I view the current route rules I have configured with Istio?
Rules can be viewed using
kubectl get virtualservice -o yaml
On what ports does a sidecar proxy capture inbound traffic?
Istio captures inbound traffic on all ports by default.
You can override this behavior using the
traffic.sidecar.istio.io/includeInboundPorts pod annotation
to specify an explicit list of ports to capture, or using
to specify a list of ports to bypass.
What is the difference between MUTUAL and ISTIO_MUTUAL TLS modes?
Both of these
DestinationRule settings will send mutual TLS traffic.
ISTIO_MUTUAL, Istio certificates will automatically be used.
MUTUAL, the key, certificate, and trusted CA must be configured.
This allows initiating mutual TLS with non-Istio applications.
Can I use standard Ingress specification without any route rules?
Simple ingress specifications, with host, TLS, and exact path based
matches will work out of the box without the need for route
rules. However, note that the path used in the ingress resource should
not have any
For example, the following ingress resource matches requests for the example.com host, with /helloworld as the URL.
$ kubectl create -f - <<EOF apiVersion: extensions/v1beta1 kind: Ingress metadata: name: simple-ingress annotations: kubernetes.io/ingress.class: istio spec: rules: - host: example.com http: paths: - path: /helloworld backend: serviceName: myservice servicePort: grpc EOF
However, the following rules will not work because they use regular
expressions in the path and
$ kubectl create -f - <<EOF apiVersion: extensions/v1beta1 kind: Ingress metadata: name: this-will-not-work annotations: kubernetes.io/ingress.class: istio # Ingress annotations other than ingress class will not be honored ingress.kubernetes.io/rewrite-target: / spec: rules: - host: example.com http: paths: - path: /hello(.*?)world/ backend: serviceName: myservice servicePort: grpc EOF
What protocols does Istio support?
Currently, Istio supports TCP based protocols. Additionally, Istio provides functionality such as routing and metrics for other protocols such as
For a list of all protocols, and information on how to configure protocols, view the Protocol Selection documentation.