要在两个或多个服务具有相同规则的VirtualService文件中指定规则 [英] Want to specify rules in VirtualService file where two or more services have same rules
问题描述
我已经通过Istio sidecar注入在Kubernetes上部署了八项服务. 我想在VirtualService中设置路由规则,其中三个服务具有相同的规则. 规则:-
I have deployed eight services on Kubernetes with Istio sidecar injection. I want to set-up routing rules in VirtualService where three services have same rule. Rules:-
- match:
- headers:
location:
exact: pune
uri:
prefix: /wagholi
route:
- destination:
host: wagholi
port:
number: 8080
uri:
prefix: /yerwada
route:
- destination:
host: yerwada
port:
number: 8080
uri:
prefix: /hadapsar
route:
- destination:
host: hadapsar
port:
number: 8080
- match:
- headers:
location:
exact: mumbai
uri:
prefix: /chatraparishivajiterminal
route:
- destination:
host: chatraparishivajiterminal
port:
number: 8080
uri:
prefix: /kalyan
route:
- destination:
host: kalyan
port:
number: 8080
- match:
- headers:
location:
exact: Pimpari
uri:
prefix: /akurdi
route:
- destination:
host: akurdi
port:
number: 8080
uri:
prefix: /ravet
route:
- destination:
host: ravet
port:
number: 8080
在这种情况下,如果我在标头中设置了位置pune,然后尝试调用名称为wagholi的服务,则应调用wagholi,如果我命中了hadapsar,则可以使用hadapsar. 如果我将位置设置为Pimpri并调用ravet,则它应仅调用ravet. 有什么办法可以做!!!!!
In this scenario, If I set location pune in headers and then try to call service with name wagholi it should call wagholi and if I hit hadapsar then hadapsar. If I set the location as Pimpri and call ravet then it should call ravet only. Is there any scenario to do so !!!!!
推荐答案
我用3个简单的nginx容器复制了您的问题,问题是我不能只用1个标题和3个uri来工作.
I have made a reproduction of your question with 3 simple nginx pods, the problem is I couldn't make it work with just 1 header and 3 uri.
因此,我采用了另一种方法,虚拟服务的每个匹配项都有其自己的标头和uri.
So i made it another way, every match of virtual service has it's own header and uri.
请检查以下示例.
我们有 3个容器-> 3个服务-> 虚拟服务-> 网关->入口网关
We have 3 pods -> 3 services -> virtual service -> gateway -> ingressgateway
部署1
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx1
spec:
selector:
matchLabels:
run: nginx1
replicas: 1
template:
metadata:
labels:
run: nginx1
app: frontend
spec:
containers:
- name: nginx1
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx1 > /usr/share/nginx/html/index.html"]
部署2
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx2
spec:
selector:
matchLabels:
run: nginx2
replicas: 1
template:
metadata:
labels:
run: nginx2
app: frontend2
spec:
containers:
- name: nginx2
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx2 > /usr/share/nginx/html/index.html"]
部署3
piVersion: apps/v1
kind: Deployment
metadata:
name: nginx3
spec:
selector:
matchLabels:
run: nginx3
replicas: 1
template:
metadata:
labels:
run: nginx3
app: frontend3
spec:
containers:
- name: nginx3
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx3 > /usr/share/nginx/html/index.html"]
服务1
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: frontend
spec:
ports:
- name: http
port: 80
protocol: TCP
selector:
app: frontend
服务2
apiVersion: v1
kind: Service
metadata:
name: nginx2
labels:
app: frontend2
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend2
服务3
apiVersion: v1
kind: Service
metadata:
name: nginx3
labels:
app: frontend3
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend3
虚拟服务
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: nginxvirt
spec:
gateways:
- mesh # traffic inside cluster
- comp-ingress-gateway # traffic from outside cluster
hosts:
- nginx.default.svc.cluster.local
- nginx.com # outside cluster
- nginx3.default.svc.cluster.local
- nginx2.default.svc.cluster.local
http:
- name: a
match:
- uri:
prefix: /wagholi
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx.default.svc.cluster.local
port:
number: 80
- name: b
match:
- uri:
prefix: /yerwada
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx2.default.svc.cluster.local
port:
number: 80
- name: c
match:
- uri:
prefix: /hadasapar
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx3.default.svc.cluster.local
port:
number: 80
网关
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: comp-ingress-gateway
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*'
port:
name: https
number: 443
protocol: HTTPS
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
一些Ubuntu吊舱可以测试内部流量
apiVersion: v1
kind: Pod
metadata:
name: ubu1
spec:
containers:
- name: ubu1
image: ubuntu
command: ["/bin/sh"]
args: ["-c", "apt-get update && apt-get install curl -y && sleep 3000"]
结果:
内部:
root@ubu1:/# curl -H "location: pune" nginx/wagholi
Hello nginx1
root@ubu1:/# curl -H "location: pune" nginx/hadasapar
Hello nginx3
root@ubu1:/# curl -H "location: pune" nginx/yerwada
Hello nginx2
外部:
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/hadasapar
Hello nginx3
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/wagholi
Hello nginx1
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/yerwada
Hello nginx2
编辑
如何找到ingress_gateway_ip?
How Can I find ingress_gateway_ip?
您可以使用
kubectl get svc istio-ingressgateway -n istio-system
它是 istio-ingressgateway EXTERNAL-IP
And it's istio-ingressgateway EXTERNAL-IP
如果设置了EXTERNAL-IP值,则您的环境具有可用于入口网关的外部负载平衡器.如果EXTERNAL-IP值为(或永久),则您的环境不为入口网关提供外部负载平衡器.在这种情况下,您可以使用服务的节点端口.
我可以对每个服务进行不同的Ingress,然后映射到VirtualService.
Can I do differently Ingress for each service and then map to VirtualService.
我不确定,但是我认为这是可能的.检查以下链接
I'm not sure about that but i think it's possible. Check below links
I hope it will help You. Let me know if You have any more questions.
这篇关于要在两个或多个服务具有相同规则的VirtualService文件中指定规则的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
