We are using Istio 1.17.3 with Datadog for monitoring.
istiod pods have following annotations to send metrics
podAnnotations: {
ad.datadoghq.com/discovery.check_names: '["istio"]',
ad.datadoghq.com/discovery.init_configs: '[{}]',
ad.datadoghq.com/discovery.instances: '[{"istiod_endpoint": "http://%%host%%:15014/metrics","use_openmetrics": "true"}]'
We also have following peerauthentication applied.
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
name: peerauth
spec:
mtls:
mode: PERMISSIVE
Before we enforce mTLS (by changing PERMISSIVE to STRICT), we would like to see applications/pods using HTTP/HTTPS to connect to each other. So this can give us better insights .
Additional Info
istioctl version
client version: 1.18.0
control plane version: 1.17.3
data plane version: 1.18.0 (7 proxies)
kubectl version --short
Client Version: v1.24.4
Kustomize Version: v4.5.4
Server Version: v1.25.11-eks-a5565ad
Any help/pointer that can help us get this working is appreciated
I have tried searching for specific metrics or config that can get us this metrics, but could not find a solution.
Also tried
istioctl dash envoy deployment/productpage-v1 and that launched “http://localhost:15000/stats/prometheus” in a browser. still could not make out how to get data around workload using HTTP/HTTPS