InternalTrafficPolicy on Cilium – Mini Demo

Transcript

In this mini demo, we’re looking at Cilium with internal traffic policy. So, what we’ve got here is two services that have different settings. Echo-1 has a default internal traffic policy of ‘Cluster’, and Echo-2 has an internal traffic policy of ‘local’. Both of these services have two Pods that are based in two different nodes, kind-worker and kind-worker2.

When I first run a curl to the service from the pod Worker, which is based in Kind-Worker node, we see replies coming from both parts. By default, services are randomly distributed across all endpoints. So, when we do a curl and compare and count how many queries are sent to kind-worker node and how many to kind-worker2 node, it’s pretty evenly randomly distributed.

Now, when we use the internal traffic policy local, the traffic will be only forwarded if there is an available endpoint that is local to the same node. So, pod-worker is in kind-worker, we’ll see that the queries coming back only are from the pod in kind-worker itself, there won’t be replies from kind-worker2. And that’s it. Thanks for watching.”