Istio Performance
Istio performance is measured in several different ways.
-
IBM Regpatrol measures performance of a realistic application. It runs nightly in ingress-only, full-istio and mixer-disabled modes. The throughput and response times can be compared between builds to detect trends and regressions.
-
Synthetic service graph measures performance of a deeply nested synthetic micro-services application. It creates 20 services per name space and typically runs with 20 - 40 namespaces in large a cluster. Here is a v1.1 Performance dashboard and the corresponding Mesh dashboard using
release-1.1-20190110-09-15build. -
Two pods benchmark test runs a focused benchmark for data path performance only, which is available at: https://perf.dashboard.istio.io/
sidecars - 0.75 vCPU / 1k rps @1KB response size
istio-telemetry - 0.7 vCPU / 1k rps
istio-policy - 0.002 vCPU / 1k rps @ > 95% cache hit rate
twopod test baseline: {p90 1.2ms, p99 2.1ms}, full istio: {p90 9.6ms, p99 13.8ms} Istio adds 8ms at p90 and 11ms at p99.
| Var | experiment 1 | experiment 2 | experiment 3 | experiment 4 |
|---|---|---|---|---|
| Pilots | 1 | 1 | 2 | 2 |
| Sidecars | 1600 | 2000 | 3000 | 1600 |
| Services | 800 | 1000 | 1500 | 800 |
| VirtualServices | 80 | 100 | 150 | 80 |
| Gateways | 44 | 54 | 81 | 44 |
| Namespaces | 40 | 50 | 75 | 40 |
| Config Change Rate | 10/m | 12/m | 18/m | 10 /m |
| Pilot VCPU peak | 1 | 1 | 1.5 | 5 |
| Pilot Mem | 1.4GB | 1.4GB | 1.8GB | 4GB |
| Sidecar Mem | 70MB | 80MB | 85MB | 170MB |
| Namespace Isolation | True | True | True | False |
- Pilot: 1
- Sidecars: 1600
- Services: 800
- VirtualServices: 80
- Gateways: 44
- Namespaces: 40
- Config Change rate: 10 per minute {galley.sourceEventRate}
Namespace Isolation: On, Sidecar resource
-
1 VCPU peak
-
1.4GB Memory
-
Proxy Memory: 70Mi
Namespace Isolation: off
- 5 VCPU peak
- 4GB Memory
- Proxy memory: 170Mi
When NS isolation is off
- Pilot needs to broadcast changes to all pods and namespaces
- Every proxy gets more configuration. All clusters and all listeners are delivered to all sidecars. That explains the difference between memory consumption.
Time to get ready. < 5s
Visit istio.io to learn how to use Istio.
- Preparing for Development Mac
- Preparing for Development Linux
- Troubleshooting Development Environment
- Repository Map
- GitHub Workflow
- Github Gmail Filters
- Using the Code Base
- Developing with Minikube
- Remote Debugging
- Verify your Docker Environment
- Istio Test Framework
- Working with Prow
- Test Grid
- Code Coverage FAQ
- Writing Good Integration Tests
- Test Flakes
- Release Manager Expectations
- Preparing Istio Releases
- 1.5 Release Information
- 1.6 Release Information
- 1.7 Release Information
- 1.8 Release Information
- 1.9 Release Information
- 1.10 Release Information
- 1.11 Release Information
- 1.12 Release Information
- 1.13 Release Information
- 1.14 Release Information
- 1.15 Release Information
- 1.16 Release Information
- 1.17 Release Information
- 1.18 Release Information
- 1.19 Release Information
- 1.20 Release Information
- 1.21 Release Information
- 1.22 Release Information
- Collecting Logs and Debug Info
- Dependency FAQ
- Working with discuss.istio.io
- Developing with and hosting upon OpenShift
- Adapter Dev Guide
- Adapter Walkthrough
- Attribute Generating Adapter Walkthrough
- Route Directive Adapter Development Guide
- Out of Tree Adapter Walkthrough
- Running a Local Instance
- Template Dev Guide
- Using a Custom Adapter
- Publishing Adapters and Templates to istio.io
- Enabling Envoy Authorization Service and gRPC Access Log Service With Mixer