-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add one FAQ - describes ztunnel is not a SPOF. #15306
Conversation
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Hi @ayushrakesh. Thanks for your PR. I'm waiting for a istio member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
if this PR again fails lint check, please do not close the PR, rather revise it with the fix |
/ok-to-test |
weight: 25 | ||
--- | ||
|
||
This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the link to the blog and other details seem to be removed? why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
First of all link should be of relative path. That's what confusing me little bit, that should I keep or remove it. I just removed it because the description seems enough to me. Should I revise it.
weight: 25 | ||
--- | ||
|
||
This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. | |
Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
check the style guide as to if we have ztunnel or Ztunnel, and if there isn't a style guide, we should write one
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For fast review of a docs PR, please include the link to the changed page in the Netlify deployment preview. |
Updated is-ztunnel-a-SPOF.md
Please also note that this doesn't address #15246 at all, which is entitled "Add ambient mode section to FAQ" |
weight: 25 | ||
--- | ||
|
||
Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. These ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These ztunnel failures
Which ztunnel failures?
considered a fallible component in a cluster
[[citation needed]]
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For clarity, try to define acronyms on their first use, especially ones that are not common.
@@ -0,0 +1,6 @@ | |||
--- | |||
title: Is ztunnel a SPOF? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
title: Is ztunnel a SPOF? | |
title: Is ztunnel a single point of failure? |
weight: 25 | ||
--- | ||
|
||
Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). | |
Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
weight: 25 | ||
--- | ||
|
||
Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure if "ztunnel" at the beginning of a line should be "Ztunnel" or not :) Leaving this to @craigbox for merging
Perhaps our new contributor could look at style guides for other
projects/companies as an example?
…On Fri, 21 Jun 2024 at 08:14, Faseela K ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In content/en/about/faq/ambient-mode/is-ztunnel-a-SPOF.md
<#15306 (comment)>:
> @@ -0,0 +1,6 @@
+---
+title: Is ztunnel a single point of failure?
+weight: 25
+---
+
+Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/).
I am not sure if "ztunnel" at the beginning of a line should be "Ztunnel"
or not :) Leaving this to @craigbox <https://github.com/craigbox> for
merging
—
Reply to this email directly, view it on GitHub
<#15306 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABALHQNF3DZVKBINBNXGV3ZIMZ3JAVCNFSM6AAAAABJRQWERCVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDCMZRGI3TENRYGA>
.
You are receiving this because you were mentioned.Message ID: <istio/istio
.***@***.***>
|
Yeah, will check. |
@craigbox @kfaseela I have checked following official websites and projects. These have "ztunnel" normally and "Ztunnel" at beginning of a line. Any suggestions? https://www.solo.io/blog/understanding-istio-ambient-ztunnel-and-secure-overlay/ |
@craigbox https://developers.google.com/style/product-names#capitalize shows that if a product's name officially starts from lowercase letter then it must be taken care everywhere in beginning of a line. I will suggest change phrase slightly like this - |
weight: 25 | ||
--- | ||
|
||
Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). | |
Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. Failures of ztunnel are confined to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Please see error introduced by this PR in #15331. |
Description
Clears misconception that ztunnel is not a Single Point of Failure.
Fixes #15246
Reviewers