Istio management - Design discussion #4084
Replies: 6 comments 13 replies
-
can you elaborate on what is Istio registry? I can't find anywhere |
Beta Was this translation helpful? Give feedback.
-
Better support of canary upgrades Canary upgrades are done in three steps:
Kiali can definitely ease some of the jobs of managing an upgrade. For example in the step 2:
At some point kiali would visualize three different items: non-mesh items, items belonging to a Control Plane 1, items belonging to a Control Plane 2. We should be able to help users to navigate the mesh through the whole versions. If there is only one Control Plane, probably don't show any sign of help. Not to confuse people. I believe that in step 1 and 3, kiali can't do much because is more istio installation/removing. |
Beta Was this translation helpful? Give feedback.
-
+1 to the idea of wizards being invoked from everywhere, especially in the graph where you are getting a lot of insights of your mesh, we can offer things to do depending on what workload/edge you're looking at. Another interesting concept is to introduce "quick actions" in the graph, for example: If I'm seeing a connection from service A to service B and that it's not supposed to happen, a quick action could be "block this connection" generating all the configuration automatically. |
Beta Was this translation helpful? Give feedback.
-
Has anyone taking a poll of our users to see who uses the wizards? I don't know, but I would think they are only used by Developers and people going through demos and tutorials. I highly doubt these wizards are going to be used in production for true "management" of an Istio mesh - most mesh deployments are going to be pushed out using things like CI automation tools or Ansible or something like that. People aren't going to be messing with production systems by clicking buttons in a Kiali wizard (especially when Kiali gives no indication of what the resources are that it is going to create). So these wizards may provide "management" of Istio in a development or tutorial environment, I doubt it is used that way in a production (or even QE) environment. In other words, I don't think we should spend a lot of time and manpower building out these wizards - I don't think they impact our users much (but, again, since we don't have any data, I may be wrong even though I think I'm right :-) |
Beta Was this translation helpful? Give feedback.
-
I like the idea of applying more transparency to the wizards. The idea of having a preview step before committing the changes where users can either check the integrity of the generated config, modify them to better approach their solution or even download it to commit it to their CI/CD pipeline. I envision this like:
This idea is aligned with the fact of that industry is using GitOps approach for managing all the configs of infrastructure. Some people might have a pre-production environment with the same exact config as prod which might use the wizard there. Otherwise, it seems a bit dangerous for production. |
Beta Was this translation helpful? Give feedback.
-
I am adding this comment in the hope it is useful. It's the first time I'm giving feedback, so please forgive me if such topics have already been discussed. First, Kiali is excellent. It has a lot of killer features, thank you so much to the community for creating it!!! :) I have been using Kiali mainly for learning and demo purposes for a while now and I can confirm 100% that Kiali's very useful to help with this and esp. generating yaml content, which I can later edit and refine. The wizards are great for this, although it took me a while to understand them. Tooltips in the wizards might help here or even a "new user" mode with some popups to give guidance/examples. My biggest problem with Kiali so far was that, whilst I knew they were available, the wizards were very hard to find. When a new user has finally got to the point where the graph is visible and had that wonderful "ah-ha" moment, it then takes 4-5 exact clicks to find the wizards (via the Services Menu). Honestly, I never found the wizards until I went through the tutorial probably because I was always fixated on the excellent Graph. I would suggest adding a simple way to get directly to the wizards from the nodes in the graph. I would prefer to have the graph "always in view", front and centre. I want to make config changes, view metrics etc, but never leave the graph view. The graph view can be temporarily covered by a popup, but still, I know the graph view is always there and I can see any changes to it. Going back and forth between different views/menu items is something I'd like to do less of. Not sure how feasible this is, but It would be great if, along with viewing tracing information, I could also view & compare all the service logs of all traced services at the exact time window of the requests, as they flow through each service. That would be very useful to debug issues with a specific request flowing through the mesh. Lastly, if a user is running Istio/Kiali in production AND they are not using some form of GitOps, the ability to make quick changes to a production mesh might be very useful. If there is a problem with a prod workload, it might be necessary to temporarily add (or modify) e.g. a CB into the Istio config and NOT have to wait for a developer to do this. I would not assume that all users have a super sophisticated ci/cd/gitops etc in place, or even have the insight to add the CB in advance! And to add on, the people I've spoken to who have seen Istio/Kiali say that they expect the Graph and all the observability features to provide them with the biggest value, be it in non-prod or in prod. |
Beta Was this translation helpful? Give feedback.
-
Hi everyone,
A goal of Kiali is to simplify the management of Istio Service Mesh. Kiali helps users to configure, update and validate Istio configuration.
Users can create and edit individual Istio configuration resources [1] or generate full end-to-end scenarios based on wizards [2] (scenarios that may be implemented using several traffic and security resources - VirtualServices, DestinationRules, Gateways, PeerRequests -).
This area needs to improve to cover more scenarios requested by community like:
Please, join us in these discussions :)
[1] https://kiali.io/documentation/latest/features/#_configuration_and_validation_features
[2] https://kiali.io/documentation/latest/tutorial/
Beta Was this translation helpful? Give feedback.
All reactions