Add one FAQ - describes ztunnel is not a SPOF. #15306
Conversation
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
istio-testing
added
size/XS
|
Hi @ayushrakesh. Thanks for your PR. I'm waiting for a istio member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
if this PR again fails lint check, please do not close the PR, rather revise it with the fix |
|
/ok-to-test |
istio-testing
added
ok-to-test
| weight: 25 | ||
| --- | ||
|
|
||
| This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. |
There was a problem hiding this comment.
the link to the blog and other details seem to be removed? why?
There was a problem hiding this comment.
First of all link should be of relative path. That's what confusing me little bit, that should I keep or remove it. I just removed it because the description seems enough to me. Should I revise it.
| weight: 25 | ||
| --- | ||
|
|
||
| This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. |
There was a problem hiding this comment.
| This misunderstanding arises primarily from concerns about the Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. | |
| Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. Ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
check the style guide as to if we have ztunnel or Ztunnel, and if there isn't a style guide, we should write one
|
For fast review of a docs PR, please include the link to the changed page in the Netlify deployment preview. |
Updated is-ztunnel-a-SPOF.md
|
Please also note that this doesn't address #15246 at all, which is entitled "Add ambient mode section to FAQ" |
| weight: 25 | ||
| --- | ||
|
|
||
| Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. These ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
These ztunnel failures
Which ztunnel failures?
considered a fallible component in a cluster
[[citation needed]]
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
| @@ -0,0 +1,6 @@ | |||
| --- | |||
| title: Is ztunnel a SPOF? | |||
There was a problem hiding this comment.
| title: Is ztunnel a SPOF? | |
| title: Is ztunnel a single point of failure? |
| weight: 25 | ||
| --- | ||
|
|
||
| Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
| Istio's ztunnel does not introduce a SPOF into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). | |
| Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
| weight: 25 | ||
| --- | ||
|
|
||
| Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
I am not sure if "ztunnel" at the beginning of a line should be "Ztunnel" or not :) Leaving this to @craigbox for merging
|
Perhaps our new contributor could look at style guides for other
projects/companies as an example?
…On Fri, 21 Jun 2024 at 08:14, Faseela K ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In content/en/about/faq/ambient-mode/is-ztunnel-a-SPOF.md
<#15306 (comment)>:
> @@ -0,0 +1,6 @@
+---
+title: Is ztunnel a single point of failure?
+weight: 25
+---
+
+Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/).
I am not sure if "ztunnel" at the beginning of a line should be "Ztunnel"
or not :) Leaving this to @craigbox <https://github.com/craigbox> for
merging
—
Reply to this email directly, view it on GitHub
<#15306 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABALHQNF3DZVKBINBNXGV3ZIMZ3JAVCNFSM6AAAAABJRQWERCVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDCMZRGI3TENRYGA>
.
You are receiving this because you were mentioned.Message ID: <istio/istio
.***@***.***>
|
Yeah, will check. |
|
@craigbox @kfaseela I have checked following official websites and projects. These have "ztunnel" normally and "Ztunnel" at beginning of a line. Any suggestions? https://www.solo.io/blog/understanding-istio-ambient-ztunnel-and-secure-overlay/ |
|
@craigbox https://developers.google.com/style/product-names#capitalize shows that if a product's name officially starts from lowercase letter then it must be taken care everywhere in beginning of a line. I will suggest change phrase slightly like this - |
| weight: 25 | ||
| --- | ||
|
|
||
| Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
There was a problem hiding this comment.
| Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. ztunnel failures are scoped to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). | |
| Istio's ztunnel does not introduce a single point of failure (SPOF) into a Kubernetes cluster. Failures of ztunnel are confined to a single node, which is considered a fallible component in a cluster. It behaves the same as other node-critical infrastructure running on every cluster such as the Linux kernel, container runtime, etc. In a properly designed system, node outages do not lead to cluster outages. [Learn more](https://blog.howardjohn.info/posts/ambient-spof/). |
Signed-off-by: ayushrakesh <ayushrakesh.05@gmail.com>
|
Please see error introduced by this PR in #15331. |
Description
Clears misconception that ztunnel is not a Single Point of Failure.
Fixes #15246
Reviewers