Istio-连接到外部IP [英] Istio - Connect to an external ip
问题描述
我安装了Istio,
gateways.istio-egressgateway.enabled = true
当我尝试连接到外部数据库时,出现错误. 我没有域(只有ip和port),所以我定义了以下规则:
When I try to connect to external database I receive an error. I do not have a domain (only ip and port), so I define the following rules:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: external-db
spec:
hosts:
- external-db.tcp.svc
addresses:
- 190.64.31.232/32
ports:
- number: 3306
name: tcp
protocol: TCP
location: MESH_EXTERNAL
resolution: STATIC
endpoints:
- address: 190.64.31.232
然后我在系统中打开一个Shell(在服务网格中部署) 而且它无法解析名称
then I open a Shell in my system (deployed in my service mesh) And it can't resolve the name
$ ping external-db.tcp.svc
ping: ceip-db.tcp.svc: Name or service not known
但是我可以使用IP地址进行连接
But i can connect using the ip address
$ ping 190.64.31.232
PING 190.64.31.232 (190.64.31.232) 56(84) bytes of data.
64 bytes from 190.64.31.232: icmp_seq=1 ttl=249 time=1.35 ms
64 bytes from 190.64.31.232: icmp_seq=2 ttl=249 time=1.42 ms
发生了什么事?我必须使用域或IP进行连接吗? 我可以为外部IP定义内部域吗?
What is happening? Do I have to connect using the domain or the ip? Can I define a internal domain for my external ip?
推荐答案
问题是解决了与您的ServiceEntry中resolution的配置基本上有关的DNS.
The problem is resolving the DNS which basically relates to the configuration of resolution in your ServiceEntry.
基于istio的文档 :
解决方案确定代理如何解决与服务关联的网络终结点的IP地址,以便它可以路由到其中之一.
Resolution determines how the proxy will resolve the IP addresses of the network endpoints associated with the service, so that it can route to one of them.
由于您已将其配置为STATIC,因此您要告诉istio-proxy/envoy寻找Endpoint来解析该DNS名称;因此,您需要将Endpoint定义为建议使用.
Since you have configured it as STATIC, you are telling istio-proxy/envoy to look for an Endpoint for resolving that DNS name; hence you need to define an Endpoint as Vasily suggested.
如果该DNS名称是在网格之外定义的,另一种简便方法是将resolution更改为DNS,这将迫使istio-proxy在请求处理期间查询DNS服务器.
Another easy way, if that DNS name is defined outside of your mesh, is just changing the resolution to DNS which will force istio-proxy to query DNS server during request processing.
这篇关于Istio-连接到外部IP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
