Skip to content

Monitor Istio running on Amazon EKS

v3.0.0 breaking change

The enable_istio and istio_config variables have been removed in v3.0.0. Istio scrape targets are now added via additional_scrape_jobs. See the Upgrading to v3.0.0 guide.

Setup with v3.0.0

Add Istio metrics endpoints as additional scrape jobs:

module "eks_monitoring" {
  source = "github.com/aws-observability/terraform-aws-observability-accelerator//modules/eks-monitoring?ref=v3.0.0"

  providers = { grafana = grafana }

  collector_profile     = "self-managed-amp"  # or "cloudwatch-otlp"
  eks_cluster_id        = var.eks_cluster_id

  additional_scrape_jobs = [
    {
      job_name        = "istiod"
      scrape_interval = "30s"
      static_configs = [
        { targets = ["istiod.istio-system.svc.cluster.local:15014"] }
      ]
    },
    {
      job_name = "envoy-stats"
      metrics_path = "/stats/prometheus"
      kubernetes_sd_configs = [
        { role = "pod" }
      ]
      relabel_configs = [
        {
          source_labels = ["__meta_kubernetes_pod_container_port_name"]
          action        = "keep"
          regex         = ".*-envoy-prom"
        }
      ]
    }
  ]
}

Custom dashboards

To add Istio Grafana dashboards, include them in dashboard_sources:

module "eks_monitoring" {
  # ...
  dashboard_sources = {
    istio-mesh      = "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/v0.3.2/artifacts/grafana-dashboards/eks/istio/istio-mesh-dashboard.json"
    istio-service   = "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/v0.3.2/artifacts/grafana-dashboards/eks/istio/istio-service-dashboard.json"
    istio-workload  = "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/v0.3.2/artifacts/grafana-dashboards/eks/istio/istio-workload-dashboard.json"
    istio-cp        = "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/v0.3.2/artifacts/grafana-dashboards/eks/istio/istio-control-plane-dashboard.json"
  }
}

Prerequisites

  1. aws cli
  2. kubectl
  3. terraform
  4. istioctl

Deploy the Bookinfo sample application

Follow Istio's Getting Started guide to install Istio, then deploy the Bookinfo sample:

kubectl label namespace default istio-injection=enabled
kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
istioctl analyze

Generate traffic:

GATEWAY_URL=$(kubectl get svc istio-ingressgateway -n istio-system -o=jsonpath='{.status.loadBalancer.ingress[0].hostname}')
for i in $(seq 1 100); do curl -s -o /dev/null "http://$GATEWAY_URL/productpage"; done

Open your Amazon Managed Grafana workspace and navigate to the Istio dashboards.

Destroy

kubectl delete -f samples/bookinfo/networking/bookinfo-gateway.yaml
kubectl delete -f samples/bookinfo/platform/kube/bookinfo.yaml
terraform destroy