[FEATURE] Add workload selector for generated SEs for better load balancing across pods

Question

[FEATURE] Add workload selector for generated SEs for better load balancing across pods

Opened this issue 4 years ago · 2 comments

Context
Currently, admiral generated SEs point to K8s service names which causes:
i) Istio subset routing to not work
ii) The load balancing doesn't work which impacts protocols like gRPC since the source pods do not directly connect to the destination pods but the clusterIps of the servic as admiral generated SE points to k8s service endpoint.

Proposed solution
Istio 1.6 and higher provides:
i) A new CR called WorkloadEntry
ii) WorkloadSelector on SE to reference the WorkloadEntry

Using these constructs, the SE generated with the local k8s service name can be replaced with a WorkloadEntry and a WorkloadSelector with appropriate labels to deliver the right EDS.

Answer 1 · 2020-09-02T17:13:36.000Z

istio/istio#25898

Answer 2 · 2020-11-03T19:45:33.000Z

We found that using headless services (clusterIp: None) will solve the problem of load balancing across pods. We will be deferring the support for workload entry until it graduates with all the bug fixes resolved. Refer to this comment for more information.