Istio - 通过网关公开虚拟服务

问题描述 投票:1回答:1

我使用舵图设置了Istio,我正在尝试向istio-ingressgateway公开服务。

这是我决定使用的配置:

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: grafana-gateway
  namespace: istio-system
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 31400
      name: http
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: kiali-gateway
  namespace: istio-system
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 15029
      name: http
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: prometheus-gateway
  namespace: istio-system
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 15030
      name: http
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: grafana-vts
  namespace: istio-system
spec:
  hosts:
  - "*"
  gateways:
  - grafana-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        host: grafana.istio-system.svc.cluster.local
        port: 
          number: 3000
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: kiali-vts
  namespace: istio-system
spec:
  hosts:
  - "*"
  gateways:
  - kiali-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        host: kiali.istio-system.svc.cluster.local
        port: 
          number: 20001
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: prometheus-vts
  namespace: istio-system
spec:
  hosts:
  - "*"
  gateways:
  - prometheus-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        host: prometheus.istio-system.svc.cluster.local
        port: 
          number: 9090

然而 - 这只通过端口31400,15029和15030路由grafana,而它应该只为31400这样做。

如果我只使用一个网关并重写uri,则会抛出404错误/告诉我反向代理未正确设置

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: all-gateway
  namespace: istio-system
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: grafana-vts
  namespace: istio-system
spec:
  hosts:
  - "*"
  gateways:
  - all-gateway
  http:
  - match:
    - uri:
        prefix: "/grafana"
      rewrite:
        uri: /
    route:
    - destination:
        host: grafana.istio-system.svc.cluster.local
        port: 
          number: 3000
and etc...

我对istio有点新鲜,我浏览过的例子并没有完全谈论这些。如果你有一个想法,它会膨胀 - 是不是因为我如何通缉主机?

azure kubernetes istio
1个回答
1
投票

您的网关和虚拟服务是混合的,因为所有这些主机使用相同的主机(*),因此它们的行为在Istio中未定义。我会分配假的主机名,例如my-grafana.commy-kiali.com,并在网关和虚拟服务定义中使用它们。我会将这些假主机名添加到/etc/hosts/文件中,并使用它们从我的计算机访问Grafana和Kiali。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.