Applications FAQ

Can I run Casandra inside an Istio mesh?

By default, Cassandra broadcasts the address it uses for binding (accepting connections) to other Cassandra nodes as its address. This is usually the pod IP address and works fine without a service mesh. However, with a service mesh this configuration does not work. Istio and other service meshes require localhost (127.0.0.1) to be the address for binding.

There are two configuration parameters to pay attention to: listen_address and broadcast_address. For running Cassandra in an Istio mesh, the listen_address parameter should be set to 127.0.0.1 and the broadcast_address parameter should be set to the pod IP address.

These configuration parameters are defined in cassandra.yaml in the Cassandra configuration directory (e.g. /etc/cassandra). There are various startup scripts (and yaml files) used for starting Cassandra and care should be given to how these parameters are set by these scripts. For example, some scripts used to configure and start Cassandra use the value of the environment variable CASSANDRA_LISTEN_ADDRESS for setting listen_address.

Can I run Elasticsearch inside an Istio mesh?

There are two Elasticsearch configuration parameters that need to be set appropriately to run Elasticsearch with Istio: network.bind_host and network.publish_host. By default, these parameters are set to the network.host parameter. If network.host is set to 0.0.0.0, Elasticsearch will most likely pick up the pod IP as the publishing address and no further configuration will be needed.

If the default configuration does not work, you can set the network.bind_host to 0.0.0.0 or localhost (127.0.0.1) and network.publish_host to the pod IP. For example:

...
containers:
- name: elasticsearch
  image: docker.elastic.co/elasticsearch/elasticsearch:7.2.0
  env:
    - name: network.bind_host
      value: 127.0.0.1
    - name: network.publish_host
      valueFrom:
        fieldRef:
          fieldPath: status.podIP
   ...

Refer to Network Settings for Elasticsearch for more information.

Can I run Redis inside an Istio mesh?

Similar to other services deployed in an Istio service mesh, Redis instances need to listen on localhost (127.0.0.1). However, each Redis slave instance should announce an address that can be used by master to reach it, which cannot also be localhost (127.0.0.1).

Use the Redis configuration parameter replica-announce-ip to announce the correct address. For example, set replica-announce-ip to the IP address of each Redis slave instance using these steps:

Pass the pod IP address through an environment variable in the env subsection of the slave StatefulSet definition:

- name: "POD_IP"
  valueFrom:
    fieldRef:
      fieldPath: status.podIP

Also, add the following under the command subsection:

echo "" >> /opt/bitnami/redis/etc/replica.conf
echo "replica-announce-ip $POD_IP" >> /opt/bitna
Can I run Zookeeper inside an Istio mesh?

By default, Zookeeper listens on the pod IP address for communication between servers. Istio and other service meshes require localhost (127.0.0.1) to be the address to listen on.

There is a configuration parameter that can be used to change this default behavior: quorumListenOnAllIPs. This option allows Zookeeper to listen on all addresses including the localhost. Set this parameter to true by using the following command where $ZK_CONFIG_FILE is your Zookeeper configuration file.

$ echo "quorumListenOnAllIPs=true" >> $ZK_CONFIG_FILE