我是istio的新手。我有一个简单的入口网关yaml文件,侦听端口是26931,但是在应用yaml之后,端口26931不会出现在入口网关公开的端口集中。那么我是否缺少一些必要的步骤或其他内容?
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: batman-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 26931
name: http
protocol: HTTP
hosts:
- "*"
答案 0 :(得分:2)
您不是通过Gateway对象而是通过istio-ingressgateway服务公开端口。
kubectl edit svc istio-ingressgateway -n istio-system
因此,如果要公开端口26931,则应使用网关服务
ports:
- name: http
nodePort: 30001
port: 26931
protocol: TCP
targetPort: 80
还评论了您以前的帖子-How to configure ingress gateway in istio?
答案 1 :(得分:2)
从Istio 1.5.1开始,使用istioctl通过以下命令安装(请参见official doc):
istioctl manifest apply -f your-overlay-config.yaml
可以在components.ingressGateways文件的your-overlay-config.yaml部分下指定其他端口。例如:
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
namespace: istio-system
spec:
components:
citadel:
enabled: true
sidecarInjector:
enabled: true
telemetry:
enabled: true
ingressGateways:
- name: istio-ingressgateway
enabled: true
k8s:
service:
ports:
# We have to specify original ports otherwise it will be erased
- port: 15020
targetPort: 15020
name: status-port
- port: 80
targetPort: 80
name: http2
- port: 443
name: https
- port: 15029
targetPort: 15029
name: kiali
- port: 15030
targetPort: 15030
name: prometheus
- port: 15031
targetPort: 15031
name: grafana
- port: 15032
targetPort: 15032
name: tracing
- port: 15443
targetPort: 15443
name: tls
- port: 31400
name: tcp
# Your additional ports
- port: 10000
name: misc
addonComponents:
prometheus:
enabled: false
values:
sidecarInjectorWebhook:
enableNamespacesByDefault: true
global:
proxy:
accessLogFile: "/dev/stdout"
gateways:
istio-egressgateway:
enabled: false
istio-ingressgateway:
sds:
enabled: true
值得注意的是,必须在values.gateways.istio-ingressgateway下指定Istio 1.5和Istio 1.4端口。
答案 2 :(得分:1)
在Helm subchart for gateways中完成了端口设置。您可以声明性地在Istio的values.yaml中定义其他端口,而不是直接编辑服务,如下所示。
注意:从Istio v1.2和v1.3.0开始,原始子图中定义的默认端口列表将被覆盖。为了保持默认状态不变,下面的代码段中有一些值被硬拷贝。
gateways:
istio-ingressgateway:
ports:
# Default port list copied from the original subchart values
# Ref: https://github.com/istio/istio/blob/release-1.2/install/kubernetes/helm/istio/charts/gateways/values.yaml
# (the ports below overrides the default and does not get merged, and thus needs to be copied here)
- port: 15020
targetPort: 15020
name: status-port
- port: 80
targetPort: 80
name: http2
nodePort: 31380
- port: 443
name: https
nodePort: 31390
- port: 15029
targetPort: 15029
name: https-kiali
- port: 15030
targetPort: 15030
name: https-prometheus
- port: 15031
targetPort: 15031
name: https-grafana
- port: 15032
targetPort: 15032
name: https-tracing
# This is the port where sni routing happens
- port: 15443
targetPort: 15443
name: tls
##=== Additional Ports =======================##
- port: 8080
targetPort: 8080
name: http-custom
- port: 8081
targetPort: 8081
name: http-custom-backup
##____________________________________________##