Intel Distribution of Istio
The Intel Distribution of Istio Grafana Dashboard includes visualization for CryptoMb private key provider feature. The dashboard represents CryptoMb TLS acceleration and how it works in action.
Istio uses Envoy as sidecar to handle secure connections and intercept traffic. Depending on use cases, when an Istio Ingress Gateway must handle a large number of incoming TLS and secure service-to-service connections through sidecar proxies, the load on Envoy increases. The potential performance depends on many factors, such as size of the cpuset on which Envoy is running, incoming traffic patterns, and key size. These factors can impact Envoy serving many new incoming TLS requests. To achieve performance improvements and accelerated handshakes, a new CryptoMb feature was introduced in Envoy 1.20 and Istio 1.14.
Prometheus data source includes Istiod and Envoy metric to visualize CryptoMb features. Grafana visualizes all important data of CryptoMb such as buckets utilization, envoy listener requests, envoy listener handshakes, current envoy TLS connections. In addition, the dashboard includes cpu and memory utilization graphs for Istio Ingress Gateway and Kubernetes Nodes. More info about cryptomb is in Istio documentation: https://istio.io/latest/docs/reference/config/istio.mesh.v1alpha1/#PrivateKeyProvider-CryptoMb
Data source config
Collector config:
Dashboard revisions
Upload an updated version of an exported dashboard.json file from Grafana
| Revision | Decscription | Created | |
|---|---|---|---|
| Download |
Get this dashboard
Data source:
Dependencies: