我在GKE集群上运行了以下routing.yaml文件和两个服务
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: frontend
namespace: prefix
spec:
hosts:
- frontend
http:
- route:
- destination:
host: frontend
subset: prod
weight: 100
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: backend
namespace: prefix
spec:
hosts:
- backend
http:
- route:
- destination:
host: backend
subset: prod
weight: 100
现在,每当我命中http请求时,我都希望我的前端产品应该获得所有请求,并且响应应该相同。但事实证明这是不同的,最糟糕的是其他服务器随机受到攻击 以下是输出
http GET xx.xx.xx.xx:6756/get_prefix class==d 'Authorization: Token 95cd418693b14ddc87220430e7225ab5'
HTTP/1.1 403 Forbidden
content-length: 159
content-type: text/html
date: Thu, 24 Oct 2019 09:32:25 GMT
server: istio-envoy
x-envoy-decorator-operation: frontend.prefix.svc.cluster.local:6756/*
x-envoy-upstream-service-time: 4
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>403 Forbidden</title>
<h1>Forbidden</h1>
<p>YOUR TOKEN IS INVALID, YOU CAN'T ASK FOR PREFIX</p>
但又有一段时间我得到关注
http GET xx.xx.xx.xx:6756/get_prefix class==d 'Authorization: Token 95cd418693b14ddc87220430e7225ab5'
HTTP/1.1 400 Bad Request
content-length: 143
content-type: text/html
date: Thu, 24 Oct 2019 09:32:26 GMT
server: istio-envoy
x-envoy-decorator-operation: frontend.prefix.svc.cluster.local:6756/*
x-envoy-upstream-service-time: 12
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>400 Bad Request</title>
<h1>Bad Request</h1>
<p>Could not parse the request</p>
这并不意味着所有流量都应该流向产品前端而不是金丝雀。我可以在两个容器中看到日志,以确认请求是否到达那里。
如果有帮助,下面是我的service.yaml
apiVersion: v1
kind: Service
metadata:
name: frontend
labels:
app: frontend
namespace: prefix
spec:
selector:
app: frontend
type: LoadBalancer
ports:
- port: 6756
targetPort: 6756
name: http
后端服务文件与端口6757类似。 如何确保流量仅到达一个吊舱?
kubectl get pods --namespace prefix
NAME READY STATUS RESTARTS AGE
backend-canary-7978f77b58-7qzh6 2/2 Running 0 126m
backend-prod-5ff66456f9-zwxxn 2/2 Running 0 126m
frontend-canary-7dd5c45dfc-lcfh6 2/2 Running 0 126m
frontend-prod-7f6d9b5ddc-bkk5h 2/2 Running 0 126m