How istio works in k8s?

Jinhua_Luo · April 12, 2021, 2:02pm

Considering a traffic request towards one specific service in k8s:

Resolve DNS destination host via Core-DNS (the dns server is specified in /etc/resolv.conf on each container)
The DNS would be resolved to service IP
The tcp request towards the service IP would be handled by IPVS

When we turn to use istio, I have two questions:

Does istio bypass the IPVS?
Since the application is independent of sidecar, then how the sidecar (envoy) associate the outgoing traffic with the destination service? For example, the app sends a tcp packet with dest host “foobar”, the “foobar” would be resolved first before hijacked by sidecar, how the sidecar figure out which dest send to? Use inverse DNS resolve?

Topic		Replies	Views
Accessing a service via localhost Networking	1	1604	June 17, 2020
Istio-proxy sidecar - redirect request to external upstream on different port Networking	0	601	May 10, 2022
Issues with configuring VM mesh expansion	1	1158	May 20, 2019
Istio on Mesos with Consul	0	708	April 13, 2019
DNS and ServiceEntry	3	1036	November 6, 2020