When load testing a kubernetes service where routing is done via istio, all the services in the cluster become unresponsive. This happens when there is 100% failure from the service that is being load tested.
Is there a way to prevent this? Should we apply istio circuit breaking?
In short, yes. Circuit Breaker pattern was designed for detecting when the endpoint is responding slowly or not responding at all.
Slow responding endpoints are especially troublesome because as you already find out it may cause your system lag. The circuit breaker is a proxy that controls flow to an endpoint. If the endpoint fails or is too slow (based on your configuration), the proxy will open the circuit to the container.
With connectionPool
parameters you can set how many requests you want to be pending over the one that's being established. If you set http1MaxPendingRequests
to 1 and maxRequestsPerConnection
to 1
any additional requests than that will by denied until the pending request is being processed.
Another useful option is OutlierDetection. It detects faulty instances and then make it unavailable for a pre-configured time (sometimes called sleep window). While the container is in that period of time its excluded from routing and loadbalancing and has time to recover while not being overloaded with more requests.
outlierDetection:
consecutive5xxErrors: 7
interval: 5m
baseEjectionTime: 15m
Above configuration asks the system to scan host every 5 mins and in case of 7 consecutive fails it will be ejected for 15 minutes.