Question

我正在尝试按照https://istio.io/blog/2019/custom-ingress-gateway

上的说明使用Istio Gateway和VirtualService公开服务

$ kubectl run -it --rm --image=busybox --restart=Never foobar -- ash -c 'exit 10'; echo rc=$?
pod "foobar" deleted
pod default/foobar terminated (Error)
rc=10

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:47:41Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:39:24Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}

$ kubectl get nodes -o wide
NAME         STATUS   ROLES    AGE    VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
10.10.0.21   Ready    master   2d1h   v1.18.5   10.10.0.21    <none>        Ubuntu 16.04.6 LTS   4.4.0-184-generic   docker://18.9.7
10.10.0.22   Ready    <none>   2d1h   v1.18.5   10.10.0.22    <none>        Ubuntu 16.04.6 LTS   4.4.0-184-generic   docker://18.9.7

我正在使用apiVersion: apps/v1 kind: Deployment metadata: labels: app: demo name: demo namespace: demo spec: replicas: 1 selector: matchLabels: app: demo template: metadata: labels: app: demo spec: containers: - image: nginx name: nginx --- apiVersion: v1 kind: Service metadata: creationTimestamp: null labels: app: demo name: demo namespace: demo spec: ports: - name: http port: 80 protocol: TCP targetPort: 80 selector: app: demo type: ClusterIP --- apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: demo-gw namespace: demo spec: selector: app: demo servers: - port: number: 80 name: http protocol: HTTP hosts: - "example.com" --- apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: demo-vs namespace: demo spec: hosts: - "example.com" gateways: - demo-gw http: - route: - destination: host: demo运行minikube集群，以便minikube tunnel具有istio-ingressgateway IP。我已经将LoadBalancer修改为将/etc/hosts指向example.com服务IP

istio-ingressgateway

请求似乎到达了Envoy代理。 10.111.251.46 example.com返回

curl -v -X TRACE http://example.com

Answer 1

@Piotr Malec在评论中提到

您链接的博客文章已过时。撰写此博文时假设使用的是Istio 1，因此其中某些内容现在可能已过时。

我建议使用istio operator，因为istio 1.5是添加自定义入口网关的最佳选择。

对此有一个开放的github issue，安装方法很少。

例如，使用来自comment的yaml，您可以使用默认的入口网关安装istio默认配置文件，此外，它将在名称空间dev中创建第二个入口网关。

希望您觉得这有用。

名称空间中的Istio自定义网关

1 个答案: