5.请求首部条件路由
正常情况下从客户端请求的流量会发送到sidecar-proxy(eneoy),请求发送到上游的pod,而后响应到envoy,并从envoy响应给客户端。
在这个过程中,客户端到envoy是不能够被修改的,只有从envoy到上游serrvice中才是可以被操作的,因为这段报文是由envoy发起的。而从serrvice响应到envoy的也是不能够被修改的。并且从envoy响应到客户端的报文由envoy发起响应也是可以被修改的。
总共可配置的只有发送到上游service的请求和发给下游客户端的响应。而另外两端并不是envoy生成的,因此没用办法去操作标头的。
- request: 发送给上游请求service
- response: 响应给下游客户端
1.如果请求的首部有x-for-canary等于true则路由到v10,如果浏览器是Mozilla就路由给v11,并且修改发送给上游的请求标头的 User-Agent: Mozilla,其次,在响应给客户端的标头添加一个 x-canary: "true"
- name: canary
match:
- headers:
x-for-canary:
exact: "true"
route:
- destination:
host: dpment
subset: v11
headers:
request: # 修改发送给上游的请求标头的 User-Agent: Mozilla
set:
User-Agent: Mozilla
response: # 响应给客户端的标头添加一个 x-canary: "true"
add:
x-canary: "true"
没有匹配到这些规则,就给默认规则匹配,就路由给v10,并且添加一个下游的响应报文: 全局标头X-Envoy: linuxea
- name: default
headers:
response:
add:
X-Envoy: linuxea
route:
- destination:
host: dpment
subset: v10
yaml如下
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: dpment
namespace: java-demo
spec:
hosts:
- dpment
http:
- name: canary
match:
- headers:
x-for-canary:
exact: "true"
route:
- destination:
host: dpment
subset: v11
headers:
request: # 修改发送给上游的请求标头的 User-Agent: Mozilla
set:
User-Agent: Mozilla
response: # 响应给客户端的标头添加一个 x-canary: "true"
add:
x-canary: "marksugar"
- name: default
headers:
response:
add:
X-Envoy: linuxea
route:
- destination:
host: dpment
subset: v10
我们添加上gateway部分
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: dpment
namespace: java-demo
spec:
hosts:
- "dpment.linuxea.com" # 对应于gateways/proxy-gateway
- "dpment"
gateways:
- istio-system/dpment-gateway # 相关定义仅应用于Ingress Gateway上
- mesh
http:
- name: canary
match:
- headers:
x-for-canary:
exact: "true"
route:
- destination:
host: dpment
subset: v11
headers:
request:
set:
User-Agent: Mozilla
response:
add:
x-canary: "marksugar"
- name: default
headers:
response:
add:
X-Envoy: linuxea
route:
- destination:
host: dpment
subset: v10
5.1 测试
此时可以使用curl来模拟访问请求
# curl dpment.linuxea.com
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
添加头部, -H "x-for-canary: true"
# curl -H "x-for-canary: true" dpment.linuxea.com
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
而后查看日志的user-agent ,这里是Mozilla,默认是curl
130.130.0.0, 127.0.0.6 - [07/Aug/2022:08:18:33 +0000] "GET / HTTP/1.1" dpment.linuxea.com94 "-" "Mozilla" - -0.000 [200] [-] [-] "-"
我们使用curl发起请求,模拟的是Mozilla
此时使用-I,查看标头的添加信息x-canary: marksugar
PS C:\Users\Administrator> curl -H "x-for-canary: true" dpment.linuxea.com -I
HTTP/1.1 200 OK
server: istio-envoy
date: Sun, 07 Aug 2022 09:47:45 GMT
content-type: text/html
content-length: 94
last-modified: Wed, 03 Aug 2022 07:58:30 GMT
etag: "62ea2aa6-5e"
accept-ranges: bytes
x-envoy-upstream-service-time: 4
x-canary: marksugar
如果不加头部-H "x-for-canary: true"
则响应报文的是x-envoy: linuxea
PS C:\Users\Administrator> curl dpment.linuxea.com -I
HTTP/1.1 200 OK
server: istio-envoy
date: Sun, 07 Aug 2022 09:51:53 GMT
content-type: text/html
content-length: 93
last-modified: Wed, 03 Aug 2022 07:59:37 GMT
etag: "62ea2ae9-5d"
accept-ranges: bytes
x-envoy-upstream-service-time: 7
x-envoy: linuxea