Istiod sends configuration to each sidecar using a long-lived gRPC stream. It has several characteristics that affect scaling:
- The size of the configuration to generate
- Total number of services/pods & Istio resources
- For large scale, adjust settings for the Sidecar to reduce the configuration size.
- The rate of change in the environment
- When a new service is created or the Istio configuration is changed, full updates are sent to proxies.
- Adding new endpoints is inexpensive for performance, because only incremental updates are sent.
- The number of proxies for which configuration is generated
- Affected by the number of gateways and pods with a sidecar.
Scalability concerns
Approaches
- Reduce APIServer calls
- eliminate unnecessary get & list
- Processing time, less processing steps, optimize loops
- Push to Envoy
- eliminate unnecessary push
- reduce config size