Kubernetes 要在VirtualService文件中指定两个或多个服务具有相同规则的规则吗
我已经在Kubernetes上部署了八项服务,其中包括Istio sidecar注入。 我想在VirtualService中设置路由规则,其中三个服务具有相同的规则。 规则:-Kubernetes 要在VirtualService文件中指定两个或多个服务具有相同规则的规则吗,kubernetes,routing,kubernetes-ingress,istio,gateway,Kubernetes,Routing,Kubernetes Ingress,Istio,Gateway,我已经在Kubernetes上部署了八项服务,其中包括Istio sidecar注入。 我想在VirtualService中设置路由规则,其中三个服务具有相同的规则。 规则:- - match: - headers: location: exact: pune uri: prefix: /wagholi route: - destination: host: wagholi
- match:
- headers:
location:
exact: pune
uri:
prefix: /wagholi
route:
- destination:
host: wagholi
port:
number: 8080
uri:
prefix: /yerwada
route:
- destination:
host: yerwada
port:
number: 8080
uri:
prefix: /hadapsar
route:
- destination:
host: hadapsar
port:
number: 8080
- match:
- headers:
location:
exact: mumbai
uri:
prefix: /chatraparishivajiterminal
route:
- destination:
host: chatraparishivajiterminal
port:
number: 8080
uri:
prefix: /kalyan
route:
- destination:
host: kalyan
port:
number: 8080
- match:
- headers:
location:
exact: Pimpari
uri:
prefix: /akurdi
route:
- destination:
host: akurdi
port:
number: 8080
uri:
prefix: /ravet
route:
- destination:
host: ravet
port:
number: 8080
在这个场景中,若我在标题中设置位置pune,然后尝试调用名为wagholi的服务,它应该调用wagholi,若我点击hadapsar,那个么hadapsar。
如果我将位置设置为Pimpri并调用ravet,那么它应该只调用ravet。
有没有这样的场景 我用3个简单的nginx pod复制了您的问题,问题是我无法仅用1个头和3个uri来实现 所以我换了一种方式,每个匹配的虚拟服务都有自己的头和uri 检查下面的示例 我们有3个吊舱->3个服务->->->ingressgateway
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: comp-ingress-gateway
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*'
port:
name: https
number: 443
protocol: HTTPS
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
部署1
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx1
spec:
selector:
matchLabels:
run: nginx1
replicas: 1
template:
metadata:
labels:
run: nginx1
app: frontend
spec:
containers:
- name: nginx1
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx1 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: frontend
spec:
ports:
- name: http
port: 80
protocol: TCP
selector:
app: frontend
部署2
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx2
spec:
selector:
matchLabels:
run: nginx2
replicas: 1
template:
metadata:
labels:
run: nginx2
app: frontend2
spec:
containers:
- name: nginx2
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx2 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx2
labels:
app: frontend2
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend2
部署3
piVersion: apps/v1
kind: Deployment
metadata:
name: nginx3
spec:
selector:
matchLabels:
run: nginx3
replicas: 1
template:
metadata:
labels:
run: nginx3
app: frontend3
spec:
containers:
- name: nginx3
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx3 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx3
labels:
app: frontend3
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend3
服务1
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx1
spec:
selector:
matchLabels:
run: nginx1
replicas: 1
template:
metadata:
labels:
run: nginx1
app: frontend
spec:
containers:
- name: nginx1
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx1 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: frontend
spec:
ports:
- name: http
port: 80
protocol: TCP
selector:
app: frontend
服务2
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx2
spec:
selector:
matchLabels:
run: nginx2
replicas: 1
template:
metadata:
labels:
run: nginx2
app: frontend2
spec:
containers:
- name: nginx2
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx2 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx2
labels:
app: frontend2
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend2
服务3
piVersion: apps/v1
kind: Deployment
metadata:
name: nginx3
spec:
selector:
matchLabels:
run: nginx3
replicas: 1
template:
metadata:
labels:
run: nginx3
app: frontend3
spec:
containers:
- name: nginx3
image: nginx
ports:
- containerPort: 80
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "echo Hello nginx3 > /usr/share/nginx/html/index.html"]
apiVersion: v1
kind: Service
metadata:
name: nginx3
labels:
app: frontend3
spec:
ports:
- port: 80
protocol: TCP
selector:
app: frontend3
虚拟服务
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: nginxvirt
spec:
gateways:
- mesh # traffic inside cluster
- comp-ingress-gateway # traffic from outside cluster
hosts:
- nginx.default.svc.cluster.local
- nginx.com # outside cluster
- nginx3.default.svc.cluster.local
- nginx2.default.svc.cluster.local
http:
- name: a
match:
- uri:
prefix: /wagholi
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx.default.svc.cluster.local
port:
number: 80
- name: b
match:
- uri:
prefix: /yerwada
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx2.default.svc.cluster.local
port:
number: 80
- name: c
match:
- uri:
prefix: /hadasapar
headers:
location:
exact: pune
rewrite:
uri: /
route:
- destination:
host: nginx3.default.svc.cluster.local
port:
number: 80
网关
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: comp-ingress-gateway
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*'
port:
name: https
number: 443
protocol: HTTPS
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
一些ubuntu pod测试内部流量
apiVersion: v1
kind: Pod
metadata:
name: ubu1
spec:
containers:
- name: ubu1
image: ubuntu
command: ["/bin/sh"]
args: ["-c", "apt-get update && apt-get install curl -y && sleep 3000"]
结果是:
内部:
root@ubu1:/# curl -H "location: pune" nginx/wagholi
Hello nginx1
root@ubu1:/# curl -H "location: pune" nginx/hadasapar
Hello nginx3
root@ubu1:/# curl -H "location: pune" nginx/yerwada
Hello nginx2
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/hadasapar
Hello nginx3
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/wagholi
Hello nginx1
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/yerwada
Hello nginx2
外部:
root@ubu1:/# curl -H "location: pune" nginx/wagholi
Hello nginx1
root@ubu1:/# curl -H "location: pune" nginx/hadasapar
Hello nginx3
root@ubu1:/# curl -H "location: pune" nginx/yerwada
Hello nginx2
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/hadasapar
Hello nginx3
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/wagholi
Hello nginx1
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/yerwada
Hello nginx2
编辑 如何找到入口\网关\ ip 你可以用
kubectl get svc istio-ingressgateway -n istio-system
而且是外部IP
如果设置了EXTERNAL-IP值,则您的环境具有可用于入口网关的外部负载平衡器。如果EXTERNAL-IP值为(或永久),则您的环境不会为入口网关提供外部负载平衡器。在这种情况下,您可以使用服务的
我可以为每个服务执行不同的入口,然后映射到VirtualService吗 我不确定,但我认为这是可能的。查看下面的链接
我希望它能帮助你。如果您还有任何问题,请告诉我。我如何找到
ingress\u gateway\u ip
?我可以为每个服务执行不同的入口,然后映射到VirtualService。我如何从浏览器访问此服务