我是istio的新手,我想通过istio入口网关访问我的应用程序,但是我不知道为什么它不起作用。
这是我的kubenetes_deploy.yaml文件内容:
apiVersion: v1
kind: Service
metadata:
name: batman
labels:
run: batman
spec:
#type: NodePort
ports:
- port: 8000
#nodePort: 32000
targetPort: 7000
#protocol: TCP
name: batman
selector:
run: batman
#version: v1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: batman-v1
spec:
replicas: 1
selector:
matchLabels:
run: batman
template:
metadata:
labels:
run: batman
version: v1
spec:
containers:
- name: batman
image: leowu/batman:v1
ports:
- containerPort: 7000
env:
- name: MONGODB_URL
value: mongodb://localhost:27017/articles_demo_dev
- name: mongo
image: mongo
这是我的istio ingress_gateway.yaml配置文件:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: batman-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 15000
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: batman
spec:
hosts:
- "*"
gateways:
- batman-gateway
http:
- match:
route:
- destination:
host: batman
port:
number: 7000
我通过示例创建了入口网关,看起来不错,但是当我运行kubectl get svc istio-ingressgateway -n istio-system时,在输出中看不到侦听端口15000。我不知道。
有人可以帮助我吗?谢谢。
答案 0 :(得分:1)
您的蝙蝠侠服务侦听端口8000,并将流量转发到容器的端口7000。
istio流量的工作方式如下:
ingress-gateway -> virtual-service -> destination-rule [optional] -> service
因此您的虚拟服务应类似于:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: batman
spec:
hosts:
- "*"
gateways:
- batman-gateway
http:
- match:
route:
- destination:
host: batman
port:
number: 8000 <--- change
答案 1 :(得分:1)
首先,正如@Abhyudit Jain提到的那样,您需要将VirtualService中的端口更正为8000
然后您只需将另一个端口添加到 istio-ingressgateway 服务
kubectl edit svc istio-ingressgateway -n istio-system
添加部分:
ports:
- name: http
nodePort: 30001
port: 15000
protocol: TCP
targetPort: 80
这将接受端口 15000 上的HTTP流量,并将其路由到端口 8000
上的目标服务简单模式如下:
incoming traffic --> istio-gateway service --> istio-gateway --> virtual service --> service --> pod