I have issue apply a DR for an external host created by the VirtualService.
The VirtualService creates a host of “example-app.mycompany.com” and other internal services will be using this host to be called.
I am have success creating DesintationRule with circuit breaker behavior for local host name such as “example-app.ns1.svc.cluster.local”.
But I am not having success when using “example-app.mycompany.com” to see circuit breaker behavior.
We have a global DR like so
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: global-dr
namespace: istio-system
spec:
host: '*'
trafficPolicy:
loadBalancer:
simple: LEAST_REQUEST
outlierDetection:
consecutive5xxErrors: 15
interval: 2m
baseEjectionTime: 10m
These are my VS and DR
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: example-app-vs
namespace: ns1
spec:
gateways:
- istio-ingress/ingress-gateway1
hosts:
- example-app.mycompany.com
http:
- route:
- destination:
host: example-app.ns1.svc.cluster.local
port:
number: 8080
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: example-app-dr
spec:
host: example-app.ns1.svc.cluster.local
trafficPolicy:
outlierDetection:
consecutive5xxErrors: 2
interval: 5s
baseEjectionTime: 2m
When calling the host “example-app.mycompany.com” inside the mesh and outside the mesh, none of the outlier detection settings work correctly. I am seeing 50% fail and 50% success when the service hit 2x 504 calls.
What am I doing wrong here? I tried defining an extra DestinationRule and ServiceEntry for “example-app.mycompany.com” as MESH_INTERNAL or MESH_EXTERNAL but that doesn’t work either.
Is my understanding incorrect to assume that circuit breaking logic should work on the virtual host name when we define the outlier settings for the *.svc.cluster.local address?