我一直在尝试测试Istio网格内两个服务之间的速率限制。
服务A是一个负载生成器,它与服务B(一个简单的http服务器)通信。我正在尝试让Istio限制发送到服务B(服务器)的请求的数量。
我已经按照Istio文档中的概述定义了必需的memquota,quota,rule,quotaSpec和quotaSpecBinding资源,并将它们应用于集群。
由于重点是测试无法从群集外部(未定义ingress和ingressgateway)访问服务“网格内部”两个服务之间的速率限制。我想知道的是,在这种情况下,是否需要gateway,destinationRule和virtualservice来进行速率限制?
到目前为止,我通过应用以下配置没有运气:
apiVersion: "config.istio.io/v1alpha2"
kind: memquota
metadata:
name: handler
namespace: istio-system
spec:
quotas:
- name: requestcount.quota.istio-system
maxAmount: 500
validDuration: 1s
overrides:
- dimensions:
destination: server
source: loadgen
maxAmount: 1
validDuration: 5s
---
apiVersion: "config.istio.io/v1alpha2"
kind: quota
metadata:
name: requestcount
namespace: istio-system
spec:
dimensions:
source: source.labels["app"] | source.service | "unknown"
destination: destination.labels["app"] | destination.service | "unknown"
---
apiVersion: config.istio.io/v1alpha2
kind: rule
metadata:
name: quota
namespace: istio-system
spec:
actions:
- handler: handler.memquota
instances:
- requestcount.quota
---
apiVersion: config.istio.io/v1alpha2
kind: QuotaSpec
metadata:
name: request-count
namespace: default
spec:
rules:
- quotas:
- charge: 1
quota: requestcount.quota.istio-system
---
apiVersion: config.istio.io/v1alpha2
kind: QuotaSpecBinding
metadata:
name: request-count
namespace: default
spec:
quotaSpecs:
- name: request-count
namespace: default
services:
- name: server
namespace: default
我一直在观察http请求指标,并在进行限速配置时寻找速率变化,但是在此之前和之后都没有明显的区别。
任何建议或帮助使该工作正常进行,将不胜感激!