Istio Automatic sidecar injection¶
Istio Automatic Sidecar Injection is a feature that allows the Istio Service mesh to automatically modify Pod specifications to include the necessary Istio proxy containers (the sidecar) at creation time^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md]. This process eliminates the need for developers to manually modify their deployment definitions to include the sidecar proxy^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md].
Configuration¶
To enable Automatic sidecar injection in a Kubernetes cluster, a specific label must be applied to the target namespace^[400-devops__07-Monitoring-and-Observability__istio.md].
[kubectl](<./kubectl.md>) label namespace default istio-injection=enabled --overwrite
Once this label is applied, the or istioctl kube-inject to modify the YAML before applying it^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md].
Interaction with Autoscaling¶
Automatic sidecar injection plays a critical role in the functionality of Kubernetes Horizontal Pod Autoscalers (HPA)^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md]. For an HPA to function correctly, all containers within a Pod must define CPU resource requests^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md].
The injected istio-proxy containers are configured to include these CPU requests by default^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md]. This ensures that the aggregate resource usage of the Pod is accurately calculated, allowing the autoscaler to scale the deployment based on the total load (application + proxy)^[400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md].
Related Concepts¶
Sources¶
- 400-devops-07-monitoring-and-observability-k8s-istio-samples-helloworld-readme.md
- 400-devops__07-Monitoring-and-Observability__istio.md