Interview › Istio & Service Mesh
What is a circuit breaker in Istio, and how is it configured (outlier detection, connection pool)?
Istio & Service Mesh · Basic level
Answer
In Istio, circuit breaking is configured through DestinationRule trafficPolicy, mainly connectionPool and outlierDetection. It protects services by limiting connections, pending requests, and by ejecting unhealthy endpoints from load balancing temporarily.
Technical explanation
Connection-pool settings prevent a caller from overwhelming a downstream service with too many concurrent connections or queued requests.
Outlier detection removes endpoints that repeatedly fail, which reduces traffic to bad pods while they recover.
Circuit breaking must be tuned with realistic traffic tests because too-aggressive limits can create artificial outages.
Hands-on example
DestinationRule sketch:
trafficPolicy:
connectionPool:
tcp:
maxConnections: 100
http:
http1MaxPendingRequests: 50
maxRequestsPerConnection: 10
outlierDetection:
consecutive5xxErrors: 5
interval: 10s
baseEjectionTime: 30s
maxEjectionPercent: 50
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Istio & Service Mesh interview questions
- What is Istio, and what are the core capabilities it provides?
- What is the difference between the Istio control plane and data plane?
- What is istiod, and what does it do?
- What is Envoy, and what role does it play in Istio?
- What is the sidecar pattern, and how does Istio inject the proxy?
- How does automatic sidecar injection work (namespace label, webhook)?
- What is the Istio ambient (sidecarless) mode, and how does it differ from sidecar mode?
- What is the difference between ztunnel and a waypoint proxy in ambient mode?