How can envoy know destination.uid when report/check with mixer?

#1

When envoy communicates with mixer, mixer needs sourceUID and DestionationUID to get source pod/destination pod’s attributes. And those attributes are necessary for other adapters like reporting to prometheus. Envoy can know sourceUID from its own metadata. But how can the envoy knows the destinationUID of its upstreams?
I have dump the config of a bookinfo’s envoy and cannot find upstreams’ metadata:

"mixer_attributes": {
             "attributes": {
              "destination.service.host": {
               "string_value": "reviews.default.svc.cluster.local"
              },
              "destination.service.uid": {
               "string_value": "istio://default/services/reviews"
              },
              "destination.service.name": {
               "string_value": "reviews"
              },
              "destination.service.namespace": {
               "string_value": "default"
              },
              "destination.service": {
               "string_value": "reviews.default.svc.cluster.local"
              }
             }
            },

The destination.service.uid:istio://default/services/reviews is different than the one mixer got, like reviews-v1-b4c984bdc-br9pz.default. And with destination.service.uid:istio://default/services/reviews, we can not distinguish different pods of the same service…

0 Likes

#2

This works because of EDS supplied metadata on endpoints. Basically, there is an extra annotation on each endpoint xDS object that Mixer can pick up and supply as destination.uid. I’m happy to show you where the code is if you’re interested. Look at EDS dump for starters to see the metadata.

0 Likes

#3

Thanks for the reply. How can I dump EDS?
From proxy:

  /: Admin home page
  /certs: print certs on machine
  /clusters: upstream cluster status
  /config_dump: dump current Envoy configs (experimental)
  /cpuprofiler: enable/disable the CPU profiler
  /healthcheck/fail: cause the server to fail health checks
  /healthcheck/ok: cause the server to pass health checks
  /help: print out list of admin commands
  /hot_restart_version: print the hot restart compatibility version
  /listeners: print listener addresses
  /logging: query/change logging levels
  /quitquitquit: exit the server
  /reset_counters: reset all counters to zero
  /runtime: print runtime values
  /runtime_modify: modify runtime values
  /server_info: print server version/status information
  /stats: print server stats
  /stats/prometheus: print server stats in prometheus format

From pilot-discovery debug/edsz, only endpoints with IP and ports…

0 Likes

#4

That’s right, Envoy does not support EDS dump yet, unfortunately…

There might be a way to simulate EDS request to Pilot. The code that inserts the metadata is this https://github.com/istio/istio/blob/bdfa2a157df8d0fdb84c0c8b6775d06256899752/pilot/pkg/proxy/envoy/v2/eds.go#L152:6

1 Like