OSSM-4815: Document HA for a mesh #96010
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@rh-tokeefe: This pull request references OSSM-4815 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
added
the
size/L
|
@rh-tokeefe: This pull request references OSSM-4815 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@rh-tokeefe: This pull request references OSSM-4815 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
|
||
| Running the {istio} control plane in High Availability (HA) mode prevents single points of failure, and ensures continuous mesh operation even if an `istiod` pod fails. By using HA, if one `istiod` pod becomes unavailable, another one continues to manage and configure the {istio} control plane, preventing service outages or disruptions. HA provides scalability by distributing the control plane workload, enables graceful upgrades, supports disaster recovery operations, and protects against zone-wide mesh outages. | ||
|
|
||
| There are two ways for a system administrator to configure HA: by defining replica count or by using autoscaling. |
There was a problem hiding this comment.
| There are two ways for a system administrator to configure HA: by defining replica count or by using autoscaling. | |
| There are two ways for a system administrator to configure HA for the `istiod` deployment: | |
| * Defining a static replica count: This involves setting a fixed number of `istiod` pods, providing a consistent level of redundancy. | |
| * Using autoscaling: This dynamically adjusts the number of `istiod` pods based on observed resource utilization or custom metrics, offering more efficient resource consumption for fluctuating workloads. |
There was a problem hiding this comment.
I think adding a preview here will be better to give the users a first approach to what the configuration types are
| [id="ossm-configuring-istio-ha-autoscaling_{context}"] | ||
| = Configuring Istio HA by using autoscaling | ||
|
|
||
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. Autoscaling defines the minimum and maximum number of {istio} control plane pods that can operate. {ocp-product-title} uses these values to scale the number of control planes in operation in response to the varying number of workloads in the mesh. |
There was a problem hiding this comment.
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. Autoscaling defines the minimum and maximum number of {istio} control plane pods that can operate. {ocp-product-title} uses these values to scale the number of control planes in operation in response to the varying number of workloads in the mesh. | |
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. Autoscaling defines the minimum and maximum number of {istio} control plane pods that can operate. {ocp-product-title} uses these values to scale the number of control planes in operation based on observed resource utilization (such as CPU or memory) or custom metrics, effectively responding to the varying number of workloads and overall traffic patterns within the mesh. |
| <1> Defines the minimum number of {istio} control plane replicas that always run. | ||
| <2> Defines the maximum number of {istio} control plane replicas, allowing for scaling based on load. To support HA, there must be at least two replicas. |
There was a problem hiding this comment.
It would be highly beneficial to add a note here describing the specific metrics that can be used to configure Istiod autoscaling (scale up/down). For example, users can set spec.values.pilot.cpu.targetAverageUtilization and spec.values.pilot.memory.targetAverageUtilization to define CPU and Memory thresholds for triggering scaling actions. Sorry for not adding this also in the upstream docs, but I'll add it there. I think it's good to point the users which configuration is going to trigger this
| istiod-7c7b6564c9-xkmsl 1/1 Running 0 85s | ||
| ---- | ||
| + | ||
| Two `istiod` pods are running, which indicates HA was successfully configured. |
There was a problem hiding this comment.
| Two `istiod` pods are running, which indicates HA was successfully configured. | |
| Two `istiod` pods are running, which is the minimum requirement for a highly available Istio control plane and indicates a basic HA setup is in place. |
| [id="ossm-configuring-istio-ha-replicacount_{context}"] | ||
| = Configuring Istio HA by using replica count | ||
|
|
||
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. The replica count defines a fixed number of {istio} control plane pods that can operate. Use replica count for mesh environments in which the number of workloads does not scale. |
There was a problem hiding this comment.
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. The replica count defines a fixed number of {istio} control plane pods that can operate. Use replica count for mesh environments in which the number of workloads does not scale. | |
| Configure the {istio} control plane in High Availability (HA) mode to prevent a single point of failure, and ensure continuous mesh operation even if one of the `istiod` pods fails. The replica count defines a fixed number of {istio} control plane pods that can operate. Use replica count for mesh environments where the control plane workload is relatively stable or predictable, or when manual scaling of the `istiod` is preferred. |
rh-tokeefe
force-pushed
the
OSSM-4815
branch
2 times, most recently
from
6e0042d to
9062ebe
Compare
| [id="ossm-about-istio-high-availability_{context}"] | ||
| = About Istio High Availability | ||
|
|
||
| Running the {istio} control plane in High Availability (HA) mode prevents single points of failure, and ensures continuous mesh operation even if an `istiod` pod fails. By using HA, if one `istiod` pod becomes unavailable, another one continues to manage and configure the {istio} control plane, preventing service outages or disruptions. HA provides scalability by distributing the control plane workload, enables graceful upgrades, supports disaster recovery operations, and protects against zone-wide mesh outages. |
There was a problem hiding this comment.
"another one continues to manage and configure the Istio control plane"
Should that be "continues to manage and configure the Istio data plane"?
There was a problem hiding this comment.
Yes, my bad we should said here:
Running the {istio} control plane in High Availability (HA) mode prevents single points of failure, and ensures continuous mesh operation even if an `istiod` pod fails. By using HA, if one `istiod` pod becomes unavailable, another one continues to manage and configure the {istio} data plane, preventing service outages or disruptions. HA provides scalability by distributing the control plane workload, enables graceful upgrades, supports disaster recovery operations, and protects against zone-wide mesh outages.
There was a problem hiding this comment.
"HA provides scalability by distributing the control plane workload..." part is correct. There is multiple istiod instasnces and istiod == control plane. Istiod (control plane) is managing data plane.
|
|
||
| |`autoScaleMin` | Defines the minimum number of `istiod` pods for an istio deployment. Each pod contains one instance of the Istio control plane. | ||
|
|
||
| {ocp-short-name} only uses this parameter when the {istio} deployment uses the Horizontal Pod Autoscaler (HPA) configuration. |
There was a problem hiding this comment.
This note is a bit confusing. Creation of HPA is controlled by Values.autoscaleEnabled
There was a problem hiding this comment.
Yeah, and this is a table that shows all the parameters available to configure for HA deployment. Maybe we should say:
{ocp-short-name} only uses this parameter when Horizontal Pod Autoscaler (HPA) is enabled for the {istio} deployment, which is the default behavior (Values.autoscaleEnabled: true).
|
|
||
| |`autoScaleMin` | Defines the minimum number of `istiod` pods for an istio deployment. Each pod contains one instance of the Istio control plane. | ||
|
|
||
| {ocp-short-name} only uses this parameter when the {istio} deployment uses the Horizontal Pod Autoscaler (HPA) configuration. |
There was a problem hiding this comment.
Yeah, and this is a table that shows all the parameters available to configure for HA deployment. Maybe we should say:
{ocp-short-name} only uses this parameter when Horizontal Pod Autoscaler (HPA) is enabled for the {istio} deployment, which is the default behavior (Values.autoscaleEnabled: true).
|
|
||
| You must also configure metrics for autoscaling to work properly. If no metrics are configured, the autoscaler does not scale up or down. | ||
|
|
||
| {ocp-short-name} only uses this parameter when the {istio} deployment uses the HPA configuration. |
There was a problem hiding this comment.
Same here then:
{ocp-short-name} only uses this parameter when Horizontal Pod Autoscaler (HPA) is enabled for the {istio} deployment, which is the default behavior (Values.autoscaleEnabled: true).
| [id="ossm-about-istio-high-availability_{context}"] | ||
| = About Istio High Availability | ||
|
|
||
| Running the {istio} control plane in High Availability (HA) mode prevents single points of failure, and ensures continuous mesh operation even if an `istiod` pod fails. By using HA, if one `istiod` pod becomes unavailable, another one continues to manage and configure the {istio} data plane, preventing service outages or disruptions. HA provides scalability by distributing the control plane workload, enables graceful upgrades, supports disaster recovery operations, and protects against zone-wide mesh outages. |
There was a problem hiding this comment.
"By using HA, if one istiod pod becomes unavailable, another one continues..."
@rh-tokeefe does this make sense or it should be rephrased?
There was a problem hiding this comment.
@FilipB "By using" conforms to the style guide.
All I'm trying to say here is "When using HA, if one istiod pod becomes unavailable, another one continues to manage and configure the {istio} data plane, preventing service outages or disruptions."
There was a problem hiding this comment.
We can sync and chat if you'd like.
There was a problem hiding this comment.
It's fine I was just not sure if it is good English grammar.
There was a problem hiding this comment.
Hi @rh-tokeefe!
I only have a few comments related to the OCP guidelines. Overall. LGTM.
Please reach out to me if you have any questions. :)
|
|
||
| [role="_additional-resources-pod-scaling"] | ||
| .Additional resources | ||
| * link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/[Horizontal Pod Autoscaling] |
There was a problem hiding this comment.
| * link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/[Horizontal Pod Autoscaling] | |
| * link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/[Horizontal Pod Autoscaling (Kubernetes documentation)] | |
| * link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#configurable-scaling-behavior[Configurable Scaling Behavior (Kubernetes documentation)] |
Suggestion to provide the source of external links, if the link is not from our product docs.
I also added a suggestion to adda link here from another instance where a link was used in the module ossm-api-settings-mesh-ha-autoscaling.adoc.
| |=== | ||
| |Parameter |Description | ||
|
|
||
| |`autoScaleMin` | Defines the minimum number of `istiod` pods for an istio deployment. Each pod contains one instance of the Istio control plane. |
There was a problem hiding this comment.
| |`autoScaleMin` | Defines the minimum number of `istiod` pods for an istio deployment. Each pod contains one instance of the Istio control plane. | |
| |`autoScaleMin` | Defines the minimum number of `istiod` pods for an {istio} deployment. Each pod contains one instance of the {istio} control plane. |
Suggestion to use the {istio} attribute here.
| |`memory.targetAverageUtilization` | Defines the target memory utilization for the `istiod` pod. If the average memory usage exceeds the threshold that this parameter defines, the HPA automatically increases the number of replica pods. | ||
| |`behavior` | You can use the `behavior` field to define additional policies that {ocp-short-name} uses to scale {istio} resources up or down. | ||
|
|
||
| For more information, see link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#configurable-scaling-behavior[Configurable Scaling Behavior]. |
There was a problem hiding this comment.
| For more information, see link:https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#configurable-scaling-behavior[Configurable Scaling Behavior]. | |
| For more information, see "Configurable Scaling Behavior". |
Just a suggestion to provide the link in the "Additional resources" section rather than the module. I will update the suggestion in the assembly file as well.
| |=== | ||
| |Parameter |Description | ||
|
|
||
| |`replicaCount` | Defines the number of `istiod` pods for an istio deployment. Each pod contains one instance of the `istio` control plane. The default setting is `1`. |
There was a problem hiding this comment.
| |`replicaCount` | Defines the number of `istiod` pods for an istio deployment. Each pod contains one instance of the `istio` control plane. The default setting is `1`. | |
| |`replicaCount` | Defines the number of `istiod` pods for an {istio} deployment. Each pod contains one instance of the {istio} control plane. The default setting is `1`. |
I have a confusion regarding the usage of the following:
- Istio control plane or
Istiocontrol plane - Istio deployment or
Istiodeployment
I will leave it up to you to decide. My only suggestion is to make it consistent throughout and also the usage of {istio} attribute.
|
|
||
| * You installed the {SMProductName} Operator. | ||
|
|
||
| * You deployed the {istio} resource. |
There was a problem hiding this comment.
| * You deployed the {istio} resource. | |
| * You have deployed the `{istio}` resource. |
Suggestion to add code blocks here.
| default 1 1 0 default Healthy v1.24.6 24m | ||
| ---- | ||
| + | ||
| The name of the {istio} resource is `default`. |
There was a problem hiding this comment.
| The name of the {istio} resource is `default`. | |
| The name of the `{istio}` resource is `default`. |
| + | ||
| The name of the {istio} resource is `default`. | ||
|
|
||
| . Update the {istio} custom resource by adding the `autoscaleEnabled` and `replicaCount` parameters by running the following command: |
There was a problem hiding this comment.
| . Update the {istio} custom resource by adding the `autoscaleEnabled` and `replicaCount` parameters by running the following command: | |
| . Update the `{istio}` custom resource (CR) by adding the `autoscaleEnabled` and `replicaCount` parameters by running the following command: |
| <1> Disables autoscaling and ensures that the number of replicas remains fixed. | ||
| <2> Defines the number of {istio} control plane replicas. To support HA, there must be at least two replicas. |
There was a problem hiding this comment.
| <1> Disables autoscaling and ensures that the number of replicas remains fixed. | |
| <2> Defines the number of {istio} control plane replicas. To support HA, there must be at least two replicas. | |
| <1> Specifies a setting that disables autoscaling and ensures a fixed number of replicas. | |
| <2> Specifies the number of {istio} control plane replicas. To support HA, there must be at least two replicas. |
|
|
||
| .Verification | ||
|
|
||
| . Verify the status of the {istio} control pods by running the following command: |
There was a problem hiding this comment.
| . Verify the status of the {istio} control pods by running the following command: | |
| * Verify the status of the {istio} control pods by running the following command: |
Since this is a single step procedure, I think it is okay to not make it a numbered-list. Here's the guideline.
|
|
||
| .Verification | ||
|
|
||
| . Verify the status of the {Istio} control pods by running the following command: |
There was a problem hiding this comment.
| . Verify the status of the {Istio} control pods by running the following command: | |
| * Verify the status of the {Istio} control pods by running the following command: |
rh-tokeefe
force-pushed
the
OSSM-4815
branch
2 times, most recently
from
285c65c to
7fa34f0
Compare
|
@rh-tokeefe: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/cherrypick service-mesh-docs-3.1 |
|
/cherrypick service-mesh-docs-3.0 |
|
@rh-tokeefe: new pull request created: #97438 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@rh-tokeefe: new pull request created: #97439 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherrypick service-mesh-docs-3.1 |
|
@rh-tokeefe: new pull request could not be created: failed to create pull request against openshift/openshift-docs#service-mesh-docs-3.1 from head openshift-cherrypick-robot:cherry-pick-96010-to-service-mesh-docs-3.1: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"A pull request already exists for openshift-cherrypick-robot:cherry-pick-96010-to-service-mesh-docs-3.1."}],"documentation_url":"https://docs.github.com/rest/pulls/pulls#create-a-pull-request","status":"422"} In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Affects:
service-mesh-docs-main
service-mesh-docs-3.0
service-mesh-docs-3.1
PR must be merged to service docs main and CP'd back to the 3.0 and 3.1 branches.
Version(s): 3.1
Issue: https://issues.redhat.com/browse/OSSM-4815
Link to docs preview:
https://96010--ocpdocs-pr.netlify.app/openshift-service-mesh/latest/install/ossm-installing-openshift-service-mesh.html#ossm-about-istio-high-availability_ossm-customizing-istio-configuration
QE review:
Additional information: