DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Last call! Secure your stack and shape the future! Help dev teams across the globe navigate their software supply chain security challenges.

Modernize your data layer. Learn how to design cloud-native database architectures to meet the evolving demands of AI and GenAI workloads.

Releasing software shouldn't be stressful or risky. Learn how to leverage progressive delivery techniques to ensure safer deployments.

Avoid machine learning mistakes and boost model performance! Discover key ML patterns, anti-patterns, data strategies, and more.

Related

  • Resilient Microservice Design – Bulkhead Pattern
  • Solving Four Kubernetes Networking Challenges
  • Introduction to the Circuit Breaker Pattern
  • A New Era Of Spring Cloud

Trending

  • How to Build Scalable Mobile Apps With React Native: A Step-by-Step Guide
  • How to Format Articles for DZone
  • Unlocking Data with Language: Real-World Applications of Text-to-SQL Interfaces
  • Blue Skies Ahead: An AI Case Study on LLM Use for a Graph Theory Related Application
  1. DZone
  2. Software Design and Architecture
  3. Microservices
  4. Istio Circuit Breaker With Outlier Detection

Istio Circuit Breaker With Outlier Detection

The basic intent of outlier detection is to stop sending requests to an unhealthy instance and give it time to recover.

By 
Samir Behara user avatar
Samir Behara
DZone Core CORE ·
Updated Jun. 10, 19 · Tutorial
Likes (5)
Comment
Save
Tweet
Share
23.4K Views

Join the DZone community and get the full member experience.

Join For Free

While architecting distributed cloud applications, you should assume that failures will happen and design your applications for resiliency. A microservices ecosystem is going to fail at some point or the other and hence you need to learn to embrace failures. In short, design your microservices with failure in mind.

Problem Statement

In a K8s environment, services run inside a pod and dynamically autoscale based on load. To make your services highly available, you might be running multiple instances of your service. But how do you handle scenarios where one of your service instances becomes slow or unresponsive? In such a scenario, you should not send traffic to that instance. But how do you automatically identify this issue at runtime and change your routing rules to exclude this service instance?

Outlier Detection

Outlier Detection is an Istio Resiliency strategy to detect unusual host behavior and evict the unhealthy hosts from the set of load balanced healthy hosts inside a cluster. It automatically tracks the status of each individual host and checks metrics like consecutive errors and latency associated with service calls. If it finds outliers, it will automatically evict them.

Ejection/eviction implies that the host is identified as unhealthy and won't be used to cater to user requests as part of the load balancing process. If a request is sent to a service instance and it fails (returns a 50X error code), then Istio ejects the instance from the load balanced pool for a specified duration. This is configured as the sleep window.

This entire process increases the overall availability of the services by making sure that only healthy pods participate in catering user requests.

Outlier detection

Read more about Envoy Outlier Detection here:
https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/outlier

With the below settings, the dependent service is scanned every 10 seconds and if there are any hosts that fail more than 3 times with a 5XX error code it will be ejected from the load balanced pool for 20 seconds.

Outlier detection

Read more about Outlier Detection here.

  • BaseEjectionTime - The maximum ejection duration for a host. For example, the host will be ejected for 20 seconds before it is evaluated again for processing requests.
  • ConsecutiveErrors - Number of errors before a host is ejected from the connection pool. For example, if you have three consecutive errors while interacting with a service, Istio will mark the pod as unhealthy.
  • Interval - The time interval for ejection analysis. For example, the service dependencies are verified every 10 seconds.
  • MaxEjectionPercent - The max percent of hosts that can be ejected from the load balanced pool. For example, setting this field to 100 implies that any unhealthy pods throwing consecutive errors can be ejected and the request will be rerouted to the healthy pods.

Outlier detection will be enabled until the load balancing pool has the minimum number of healthy hosts associated.

While creating a DestinationRule, you can mention the Circuit Breaker fields inside the TrafficPolicy section. Sample DestinationRule below: 

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: serviceB
spec:
  host: serviceB
  subsets:
  - labels:
      version: v1
    name: serviceB-v1
    trafficPolicy:
      connectionPool:
        http: {}
        tcp: {}
      loadBalancer:
        simple: RANDOM
      outlierDetection:
        baseEjectionTime: 20s
        consecutiveErrors: 3
        interval: 10s
        maxEjectionPercent: 100
  - labels:
      version: v2
    name: serviceB-v2
    trafficPolicy:
      connectionPool:
        http: {}
        tcp: {}
      loadBalancer:
        simple: RANDOM
      outlierDetection:
        baseEjectionTime: 20s
        consecutiveErrors: 3
        interval: 10s
        maxEjectionPercent: 100

The below video demonstration from RedHat shows the Istio Outlier Detection functionality in action:

Red Hat Developer Istio Video Series: Number 2 - Istio Pool Ejection

With outlier detection, the application is now self-healing, so if you encounter errors from one service instance you can automatically eject the instance out of the pool so that it doesn't receive any requests. There is no service downtime with this approach and errors are not thrown to consumers.

Conclusion

Istio improves the reliability and availability of services in the mesh. The basic intent of outlier detection is to stop sending requests to the unhealthy instance and give it time to recover. In the meantime, the requests are redirected to the healthy instances such that the consumers are not impacted. The entire implementation of outlier detection is transparent to the application and involves no changes to the application code.

Circuit Breaker Pattern Host (Unix) microservice Requests application Load balancing (computing) pods Error code Design

Published at DZone with permission of Samir Behara, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Related

  • Resilient Microservice Design – Bulkhead Pattern
  • Solving Four Kubernetes Networking Challenges
  • Introduction to the Circuit Breaker Pattern
  • A New Era Of Spring Cloud

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!