3.开放到外网
我们通过域名通过外网来访问集群内的这两个pod,就需定义gateway和vs,vs也是定义在网关
-
gateway打开侦听器
- gateway必须在网格部署的所在名称空间内,否则有可能注入失败
-
VirtualService定义路由信息等
- 此前定义的VirtualService并没有指定网关,如果没有指定,就只会在网格内的各sidecar内使用
- 如果只是这样,那么网格内部是不能访问的,如果需要让网格内部访问,就需要加上
- mesh -
- 通常,集群内部使用的是service名称访问
配置Gateway接受ingress入网的hosts流量
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: dpment-gateway
namespace: istio-system # 要指定为ingress gateway pod所在名称空间
spec:
selector:
app: istio-ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "dpment.linuxea.com"
- "dpment1.linuxea.com" 配置VirtualService并且关联istio-system/dpment-gateway ,对应之上的gateway的hosts,前后呼应
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: dpment
namespace: java-demo
spec:
hosts:
- "dpment.linuxea.com" # 对应于gateways/proxy-gateway
- "dpment1.linuxea.com"
gateways:
- istio-system/dpment-gateway # 相关定义仅应用于Ingress Gateway上
#- mesh
http:
- name: dpment
route:
- destination:
host: dpment
---配置一个service
apiVersion: v1
kind: Service
metadata:
name: dpment
namespace: java-demo
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: linuxea_app
type: ClusterIP
---此时可以通过浏览器访问
但是这样的方式是会将流量轮询到app: linuxea_app标签的pod,因此,我们添加一个path url路径,允许通过外部网络访问。
我们希望,如果请求没有附带/version/就发送到v11,如果附带了/version/重写为/发送到v10
http:
- name: version
match:
- uri:
prefix: /version/
rewrite:
uri: /
route:
- destination:
host: dpment
subset: v10
- name: default
route:
- destination:
host: dpment
subset: v11我们修改VirtualService,使用subset,因此额外添加一个DestinationRule
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: dpment
namespace: java-demo
spec:
# hosts:
# - dpment
hosts:
- "dpment.linuxea.com" # 对应于gateways/proxy-gateway
gateways:
- istio-system/dpment-gateway # 相关定义仅应用于Ingress Gateway上
http:
- name: version
match:
- uri:
prefix: /version/
rewrite:
uri: /
route:
- destination:
host: dpment
subset: v10
- name: default
route:
- destination:
host: dpment
subset: v11
---
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: dpment
namespace: java-demo
spec:
host: dpment
subsets:
- name: v11
labels:
version: v1.1
- name: v10
labels:
version: v1.0配置本地hosts进行测试
PS C:Usersusert> while ("true"){ curl http://dpment.linuxea.com/ http://dpment.linuxea.com/version/ ;sleep 1}
linuxea-dpment-linuxea-b-55694cb7f5-576qs.com-127.0.0.1/8 130.130.0.15/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-576qs.com-127.0.0.1/8 130.130.0.15/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-576qs.com-127.0.0.1/8 130.130.0.15/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-576qs.com-127.0.0.1/8 130.130.0.15/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
linuxea-dpment-linuxea-a-777847fd74-fsnsv.com-127.0.0.1/8 130.130.0.19/24 version number 1.0
linuxea-dpment-linuxea-b-55694cb7f5-lhkrb.com-127.0.0.1/8 130.130.1.122/24 version number 2.0
而在kiali中,绘制的图片已经发生了变化
