TCP_PROXY
![]()
[root@xksmaster1 tcp-front-proxy]# pwd
/root/envoy/servicemesh_in_practise-MageEdu_N66/Envoy-Basics/tcp-front-proxy
[root@xksmaster1 tcp-front-proxy]# ls
docker-compose.yaml envoy.yaml README.md
[root@xksmaster1 tcp-front-proxy]# ll
total 12
-rw-r--r-- 1 root root 934 Aug 5 2022 docker-compose.yaml
-rw-r--r-- 1 root root 853 Aug 5 2022 envoy.yaml
-rw-r--r-- 1 root root 465 Aug 5 2022 README.md
[root@xksmaster1 tcp-front-proxy]# cat envoy.yaml
# Author: MageEdu <mage@magedu.com>
# Site: www.magedu.com
static_resources:
listeners:
name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.tcp_proxy
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
stat_prefix: tcp
cluster: local_cluster
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.1.11, port_value: 8080 }
- endpoint:
address:
socket_address: { address: 172.31.1.12, port_value: 8080 }
[root@xksmaster1 tcp-front-proxy]# cat docker-compose.yaml
# Author: MageEdu <mage@magedu.com>
# Site: www.magedu.com
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.1.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.1.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.1.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.1.0/24
[root@xksmaster1 tcp-front-proxy]# cat README.md
# TCP Proxy
### 环境说明
三个Service:
- envoy:Front Proxy,地址为172.31.1.2
- webserver01:第一个后端服务,地址为172.31.1.11
- webserver02:第二个后端服务,地址为172.31.1.12
### 运行和测试
1. 创建
```
docker-compose up
```
2. 测试
```
curl 172.31.1.2
```
3. 停止后清理
```
docker-compose down
```
#启动
[root@xksmaster1 tcp-front-proxy]# docker-compose up
Creating network "tcp-front-proxy_envoymesh" with driver "bridge"
Pulling webserver01 (ikubernetes/demoapp:v1.0)...
v1.0: Pulling from ikubernetes/demoapp
c9b1b535fdd9: Pull complete
3cbce035cd7c: Pull complete
b83463f478a5: Pull complete
34b1f286d5e2: Pull complete
Digest: sha256:6698b205eb18fb0171398927f3a35fe27676c6bf5757ef57a35a4b055badf2c3
Status: Downloaded newer image for ikubernetes/demoapp:v1.0
Pulling envoy (envoyproxy/envoy:v1.23-latest)...
v1.23-latest: Pulling from envoyproxy/envoy
0c5227665c11: Pull complete
b2fc06fe7799: Pull complete
10e1ef3af403: Pull complete
cce1dc62b541: Pull complete
4a70c9d75c68: Pull complete
96a9eb3cd6a3: Pull complete
d40dc22533a9: Pull complete
6b6cf1c526f1: Pull complete
Digest: sha256:a07889970586538ab8f38a72a5f253acfd999ac017133b4b19f04abcc69f5411
Status: Downloaded newer image for envoyproxy/envoy:v1.23-latest
Creating tcp-front-proxy_webserver01_1 ... done
Creating tcp-front-proxy_webserver02_1 ... done
Creating tcp-front-proxy_envoy_1 ... done
Attaching to tcp-front-proxy_webserver01_1, tcp-front-proxy_webserver02_1, tcp-front-proxy_envoy_1
webserver01_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
webserver02_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
envoy_1 | [2023-05-05 06:25:48.997][1][info][main] [source/server/server.cc:391] initializing epoch 0 (base id=0, hot restart version=11.104)
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:393] statically linked extensions:
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor, envoy.compression.zstd.compressor
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.transports: auto, framed, header, unframed
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.http.stateful_session: envoy.http.stateful_session.cookie
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.formatter: envoy.formatter.metadata, envoy.formatter.req_without_query
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.resolvers: envoy.ip
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.network.input: envoy.matching.inputs.application_protocol, envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.transport_protocol, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.bootstrap: envoy.bootstrap.internal_listener, envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.regex_engines: envoy.regex_engines.google_re2
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.health_checkers: envoy.health_checkers.redis
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.access_loggers.extension_filters: envoy.access_loggers.extension_filters.cel
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.common.key_value: envoy.key_value.file_based
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.route.early_data_policy: envoy.route.early_data_policy.default
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing, envoy.matching.matchers.ip
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.network.dns_resolver: envoy.network.dns_resolver.cares, envoy.network.dns_resolver.getaddrinfo
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.config.validators: envoy.config.validators.minimum_clusters, envoy.config.validators.minimum_clusters_validator
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.opentelemetry, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.quic.server.crypto_stream: envoy.quic.crypto_stream.server.quiche
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.stats_sinks: envoy.dog_statsd, envoy.graphite_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.graphite_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.filters.network: envoy.echo, envoy.ext_authz, envoy.filters.network.connection_limit, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.quic.proof_source: envoy.quic.proof_source.filter_chain
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.filters: envoy.filters.thrift.header_to_metadata, envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.http_11_proxy, envoy.transport_sockets.internal_upstream, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.http.stateful_header_formatters: envoy.http.stateful_header_formatters.preserve_case, preserve_case
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.serializers: dubbo.hessian2
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.protocols: dubbo
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.action: composite-action, skip
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.http.original_ip_detection: envoy.http.original_ip_detection.custom_header, envoy.http.original_ip_detection.xff
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.filters.http: envoy.bandwidth_limit, envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.alternate_protocols_cache, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.bandwidth_limit, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.file_system_buffer, envoy.filters.http.gcp_authn, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.match_delegate, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.set_metadata, envoy.filters.http.stateful_session, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.health_check, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor, envoy.compression.zstd.decompressor
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] network.connection.client: default, envoy_internal
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.http.input: envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.request_headers, envoy.matching.inputs.request_trailers, envoy.matching.inputs.response_headers, envoy.matching.inputs.response_trailers, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.http.cache: envoy.extensions.http.cache.simple
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.rbac.matchers: envoy.rbac.matchers.upstream_ip_port
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.matching.network.custom_matchers: envoy.matching.custom_matchers.trie_matcher
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.http.header_validators: envoy.http.header_validators.envoy_default
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.request_id: envoy.request_id.uuid
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.udp_packet_writer: envoy.udp_packet_writer.default, envoy.udp_packet_writer.gso
envoy_1 | [2023-05-05 06:25:48.998][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 06:25:49.002][1][info][main] [source/server/server.cc:443] HTTP header map info:
envoy_1 | [2023-05-05 06:25:49.003][1][info][main] [source/server/server.cc:446] request header map: 656 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-headers,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,proxy-status,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-envoy-upstream-stream-duration-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-host,x-forwarded-proto,x-ot-span-context,x-request-id
envoy_1 | [2023-05-05 06:25:49.003][1][info][main] [source/server/server.cc:446] request trailer map: 128 bytes:
envoy_1 | [2023-05-05 06:25:49.003][1][info][main] [source/server/server.cc:446] response header map: 432 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,proxy-status,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
envoy_1 | [2023-05-05 06:25:49.003][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-05 06:25:49.013][1][info][main] [source/server/server.cc:801] runtime: {}
envoy_1 | [2023-05-05 06:25:49.013][1][warning][main] [source/server/server.cc:658] No admin address given, so no admin HTTP server started.
envoy_1 | [2023-05-05 06:25:49.013][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-05 06:25:49.014][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-05 06:25:49.014][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-05 06:25:49.014][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-05 06:25:49.015][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-05 06:25:49.016][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-05 06:25:49.016][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-05 06:25:49.016][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-05 06:25:49.016][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-05 06:25:49.017][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-05 06:25:49.017][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-05 06:25:49.018][1][info][main] [source/server/server.cc:897] starting main dispatch loop
#另外一个终端进行测试
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver02, ServerIP: 172.31.1.12!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver02, ServerIP: 172.31.1.12!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver02, ServerIP: 172.31.1.12!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
[root@xksmaster1 ~]# curl 172.31.1.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver02, ServerIP: 172.31.1.12!
[root@xksmaster1 ~]# curl -v 172.31.1.2
* About to connect() to 172.31.1.2 port 80 (#0)
* Trying 172.31.1.2...
* Connected to 172.31.1.2 (172.31.1.2) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 172.31.1.2
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/html; charset=utf-8
< Content-Length: 98
< Server: Werkzeug/1.0.0 Python/3.8.2
< Date: Fri, 05 May 2023 06:34:44 GMT
<
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver01, ServerIP: 172.31.1.11!
* Closing connection 0
[root@xksmaster1 ~]# curl -v 172.31.1.2
* About to connect() to 172.31.1.2 port 80 (#0)
* Trying 172.31.1.2...
* Connected to 172.31.1.2 (172.31.1.2) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 172.31.1.2
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/html; charset=utf-8
< Content-Length: 98
< Server: Werkzeug/1.0.0 Python/3.8.2
< Date: Fri, 05 May 2023 06:34:48 GMT
<
iKubernetes demoapp v1.0 !! ClientIP: 172.31.1.2, ServerName: webserver02, ServerIP: 172.31.1.12!
#此时 docker-compse 终端显示
webserver01_1 | 172.31.1.2 - - [05/May/2023 06:34:01] "GET / HTTP/1.1" 200 -
webserver02_1 | 172.31.1.2 - - [05/May/2023 06:34:02] "GET / HTTP/1.1" 200 -
webserver02_1 | 172.31.1.2 - - [05/May/2023 06:34:03] "GET / HTTP/1.1" 200 -
webserver01_1 | 172.31.1.2 - - [05/May/2023 06:34:03] "GET / HTTP/1.1" 200 -
webserver01_1 | 172.31.1.2 - - [05/May/2023 06:34:04] "GET / HTTP/1.1" 200 -
webserver02_1 | 172.31.1.2 - - [05/May/2023 06:34:05] "GET / HTTP/1.1" 200 -
webserver01_1 | 172.31.1.2 - - [05/May/2023 06:34:05] "GET / HTTP/1.1" 200 -
webserver02_1 | 172.31.1.2 - - [05/May/2023 06:34:07] "GET / HTTP/1.1" 200 -
webserver01_1 | 172.31.1.2 - - [05/May/2023 06:34:44] "GET / HTTP/1.1" 200 -
webserver02_1 | 172.31.1.2 - - [05/May/2023 06:34:48] "GET / HTTP/1.1" 200 -
HTTP_FRONT_PROXY:实现七层代理
#访问*.ik8s.io会转发给后端两个服务
#访问*.magedu.com会重定向到www.ik8s.io
[root@xksmaster1 http-front-proxy]# cat envoy.yaml
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*.ik8s.io", "ik8s.io"]
routes:
- match: { prefix: "/" }
route: { cluster: local_cluster }
- name: web_service_2
domains: ["*.magedu.com",“magedu.com"]
routes:
- match: { prefix: "/" }
redirect:
host_redirect: "www.ik8s.io"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.2.11, port_value: 8080 }
- endpoint:
address:
socket_address: { address: 172.31.2.12, port_value: 8080 }
[root@xksmaster1 http-front-proxy]# cat docker-compose.yaml
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.2.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.2.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.2.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.2.0/24
[root@xksmaster1 http-front-proxy]# cat README.md
# HTTP Front Proxy demo
### 环境说明
三个Service:
- envoy:Front Proxy,地址为172.31.2.2
- webserver01:第一个后端服务,地址为172.31.2.11
- webserver02:第二个后端服务,地址为172.31.2.12
### 运行和测试
1. 创建
```
docker-compose up
```
2. 测试
```
curl -H "host: www.ik8s.io" 172.31.2.2
curl -I -H "host: www.magedu.com" 172.31.2.2
```
3. 停止后清理
```
docker-compose down
[root@xksmaster1 http-front-proxy]# docker-compose up
Starting http-front-proxy_webserver02_1 ... done
Starting http-front-proxy_webserver01_1 ... done
Recreating http-front-proxy_envoy_1 ... done
Attaching to http-front-proxy_webserver02_1, http-front-proxy_webserver01_1, http-front-proxy_envoy_1
webserver02_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
webserver01_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:391] initializing epoch 0 (base id=0, hot restart version=11.104)
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:393] statically linked extensions:
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.filters: envoy.filters.thrift.header_to_metadata, envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.route.early_data_policy: envoy.route.early_data_policy.default
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.udp_packet_writer: envoy.udp_packet_writer.default, envoy.udp_packet_writer.gso
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.quic.proof_source: envoy.quic.proof_source.filter_chain
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.rbac.matchers: envoy.rbac.matchers.upstream_ip_port
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.health_checkers: envoy.health_checkers.redis
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.protocols: dubbo
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.transports: auto, framed, header, unframed
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.config.validators: envoy.config.validators.minimum_clusters, envoy.config.validators.minimum_clusters_validator
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.resolvers: envoy.ip
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.regex_engines: envoy.regex_engines.google_re2
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.network.input: envoy.matching.inputs.application_protocol, envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.transport_protocol, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.request_id: envoy.request_id.uuid
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.filters.http: envoy.bandwidth_limit, envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.alternate_protocols_cache, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.bandwidth_limit, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.file_system_buffer, envoy.filters.http.gcp_authn, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.match_delegate, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.set_metadata, envoy.filters.http.stateful_session, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.health_check, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.http.stateful_header_formatters: envoy.http.stateful_header_formatters.preserve_case, preserve_case
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.filters.network: envoy.echo, envoy.ext_authz, envoy.filters.network.connection_limit, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.common.key_value: envoy.key_value.file_based
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.network.dns_resolver: envoy.network.dns_resolver.cares, envoy.network.dns_resolver.getaddrinfo
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.bootstrap: envoy.bootstrap.internal_listener, envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor, envoy.compression.zstd.compressor
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.access_loggers.extension_filters: envoy.access_loggers.extension_filters.cel
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.http.input: envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.request_headers, envoy.matching.inputs.request_trailers, envoy.matching.inputs.response_headers, envoy.matching.inputs.response_trailers, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.action: composite-action, skip
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.opentelemetry, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor, envoy.compression.zstd.decompressor
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] network.connection.client: default, envoy_internal
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.http.header_validators: envoy.http.header_validators.envoy_default
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.quic.server.crypto_stream: envoy.quic.crypto_stream.server.quiche
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.http.stateful_session: envoy.http.stateful_session.cookie
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing, envoy.matching.matchers.ip
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.serializers: dubbo.hessian2
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.http_11_proxy, envoy.transport_sockets.internal_upstream, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.http.cache: envoy.extensions.http.cache.simple
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.http.original_ip_detection: envoy.http.original_ip_detection.custom_header, envoy.http.original_ip_detection.xff
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.stats_sinks: envoy.dog_statsd, envoy.graphite_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.graphite_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.formatter: envoy.formatter.metadata, envoy.formatter.req_without_query
envoy_1 | [2023-05-05 07:10:31.971][1][info][main] [source/server/server.cc:395] envoy.matching.network.custom_matchers: envoy.matching.custom_matchers.trie_matcher
envoy_1 | [2023-05-05 07:10:31.978][1][info][main] [source/server/server.cc:443] HTTP header map info:
envoy_1 | [2023-05-05 07:10:31.980][1][info][main] [source/server/server.cc:446] request header map: 656 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-headers,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,proxy-status,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-envoy-upstream-stream-duration-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-host,x-forwarded-proto,x-ot-span-context,x-request-id
envoy_1 | [2023-05-05 07:10:31.980][1][info][main] [source/server/server.cc:446] request trailer map: 128 bytes:
envoy_1 | [2023-05-05 07:10:31.980][1][info][main] [source/server/server.cc:446] response header map: 432 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,proxy-status,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
envoy_1 | [2023-05-05 07:10:31.980][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-05 07:10:31.988][1][info][main] [source/server/server.cc:801] runtime: {}
envoy_1 | [2023-05-05 07:10:31.988][1][warning][main] [source/server/server.cc:658] No admin address given, so no admin HTTP server started.
envoy_1 | [2023-05-05 07:10:31.988][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-05 07:10:31.989][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-05 07:10:31.989][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-05 07:10:31.989][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-05 07:10:31.990][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-05 07:10:31.992][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-05 07:10:31.992][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-05 07:10:31.992][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-05 07:10:31.992][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-05 07:10:31.993][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-05 07:10:31.993][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-05 07:10:31.994][1][info][main] [source/server/server.cc:897] starting main dispatch loop
#测试
#访问*.ik8s.io会转发给后端两个服务
[root@xksmaster1 http-front-proxy]# curl -H "Host: xks.ik8s.io" 172.31.2.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.2.2, ServerName: webserver01, ServerIP: 172.31.2.11!
[root@xksmaster1 http-front-proxy]# curl -H "Host: xks.ik8s.io" 172.31.2.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.2.2, ServerName: webserver02, ServerIP: 172.31.2.12!
[root@xksmaster1 http-front-proxy]# curl -H "Host: xks.ik8s.io" 172.31.2.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.2.2, ServerName: webserver01, ServerIP: 172.31.2.11!
[root@xksmaster1 http-front-proxy]# curl -H "Host: xks.ik8s.io" 172.31.2.2
iKubernetes demoapp v1.0 !! ClientIP: 172.31.2.2, ServerName: webserver02, ServerIP: 172.31.2.12!
#访问*.magedu.com会重定向到www.ik8s.io
[root@xksmaster1 http-front-proxy]# curl -H "Host: xks.magedu.com" 172.31.2.2
You have mail in /var/spool/mail/root
[root@xksmaster1 http-front-proxy]# curl -V -H "Host: xks.magedu.com" 172.31.2.2
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.36 zlib/1.2.7 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz unix-sockets
[root@xksmaster1 http-front-proxy]# curl -v -H "Host: xks.magedu.com" 172.31.2.2
* About to connect() to 172.31.2.2 port 80 (#0)
* Trying 172.31.2.2...
* Connected to 172.31.2.2 (172.31.2.2) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Accept: */*
> Host: xks.magedu.com
>
< HTTP/1.1 301 Moved Permanently
< location: http://www.ik8s.io/
< date: Fri, 05 May 2023 07:16:46 GMT
< server: envoy
< content-length: 0
<
* Connection #0 to host 172.31.2.2 left intact
HTTP_INGRESS:作为边缘代理-Sidecar Proxy
*实际代理后端本地服务127.0.0.1:8080
![]()
#webserver1 需要和127.0.0.1通信 需要共享加入到service:envoy 网络当中 conf:network_mode: "service:envoy"
[root@xksmaster1 Envoy-Basics]# cd http-ingress/
[root@xksmaster1 http-ingress]# ll
total 12
-rw-r--r-- 1 root root 555 Aug 5 2022 docker-compose.yaml
-rw-r--r-- 1 root root 1177 Aug 5 2022 envoy.yaml
-rw-r--r-- 1 root root 400 Aug 5 2022 README.md
#webserver1 需要和127.0.0.1通信 需要共享加入到service:envoy 网络当中 network_mode: "service:envoy"
[root@xksmaster1 http-ingress]# cat docker-compose.yaml
version: '3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.3.2
aliases:
- ingress
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
- HOST=127.0.0.1
network_mode: "service:envoy"
depends_on:
- envoy
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.3.0/24
[root@xksmaster1 http-ingress]# cat envoy.yaml
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*"]
routes:
- match: { prefix: "/" }
route: { cluster: local_cluster }
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 127.0.0.1, port_value: 8080 }
[root@xksmaster1 http-ingress]# cat README.md
# HTTP Ingress Proxy demo
### 环境说明
两个Service:
- envoy:Sidecar Proxy
- webserver01:第一个后端服务,地址为127.0.0.1
### 运行和测试
1. 创建
```
docker-compose up
```
2. 测试
```
curl 172.33.0.2
```
3. 停止后清理
```
docker-compose down
[root@xksmaster1 http-ingress]# docker-compose up
Creating network "http-ingress_envoymesh" with driver "bridge"
Creating http-ingress_envoy_1 ... done
Creating http-ingress_webserver01_1 ... done
Attaching to http-ingress_envoy_1, http-ingress_webserver01_1
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:391] initializing epoch 0 (base id=0, hot restart version=11.104)
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:393] statically linked extensions:
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.network.dns_resolver: envoy.network.dns_resolver.cares, envoy.network.dns_resolver.getaddrinfo
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.udp_packet_writer: envoy.udp_packet_writer.default, envoy.udp_packet_writer.gso
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.route.early_data_policy: envoy.route.early_data_policy.default
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.quic.server.crypto_stream: envoy.quic.crypto_stream.server.quiche
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.transports: auto, framed, header, unframed
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.config.validators: envoy.config.validators.minimum_clusters, envoy.config.validators.minimum_clusters_validator
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.filters.network: envoy.echo, envoy.ext_authz, envoy.filters.network.connection_limit, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.http.header_validators: envoy.http.header_validators.envoy_default
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.protocols: dubbo
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor, envoy.compression.zstd.compressor
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.http_11_proxy, envoy.transport_sockets.internal_upstream, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.opentelemetry, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.http.stateful_header_formatters: envoy.http.stateful_header_formatters.preserve_case, preserve_case
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.http.original_ip_detection: envoy.http.original_ip_detection.custom_header, envoy.http.original_ip_detection.xff
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.formatter: envoy.formatter.metadata, envoy.formatter.req_without_query
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.http.cache: envoy.extensions.http.cache.simple
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.network.input: envoy.matching.inputs.application_protocol, envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.transport_protocol, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.serializers: dubbo.hessian2
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.network.custom_matchers: envoy.matching.custom_matchers.trie_matcher
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.filters.http: envoy.bandwidth_limit, envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.alternate_protocols_cache, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.bandwidth_limit, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.file_system_buffer, envoy.filters.http.gcp_authn, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.match_delegate, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.set_metadata, envoy.filters.http.stateful_session, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.health_check, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.resolvers: envoy.ip
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.quic.proof_source: envoy.quic.proof_source.filter_chain
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.action: composite-action, skip
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.request_id: envoy.request_id.uuid
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.regex_engines: envoy.regex_engines.google_re2
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor, envoy.compression.zstd.decompressor
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.filters: envoy.filters.thrift.header_to_metadata, envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.health_checkers: envoy.health_checkers.redis
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.common.key_value: envoy.key_value.file_based
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.http.stateful_session: envoy.http.stateful_session.cookie
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.rbac.matchers: envoy.rbac.matchers.upstream_ip_port
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.bootstrap: envoy.bootstrap.internal_listener, envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.access_loggers.extension_filters: envoy.access_loggers.extension_filters.cel
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.http.input: envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.request_headers, envoy.matching.inputs.request_trailers, envoy.matching.inputs.response_headers, envoy.matching.inputs.response_trailers, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] network.connection.client: default, envoy_internal
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing, envoy.matching.matchers.ip
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.stats_sinks: envoy.dog_statsd, envoy.graphite_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.graphite_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
envoy_1 | [2023-05-05 07:29:24.551][1][info][main] [source/server/server.cc:395] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
envoy_1 | [2023-05-05 07:29:24.555][1][info][main] [source/server/server.cc:443] HTTP header map info:
envoy_1 | [2023-05-05 07:29:24.557][1][info][main] [source/server/server.cc:446] request header map: 656 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-headers,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,proxy-status,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-envoy-upstream-stream-duration-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-host,x-forwarded-proto,x-ot-span-context,x-request-id
envoy_1 | [2023-05-05 07:29:24.557][1][info][main] [source/server/server.cc:446] request trailer map: 128 bytes:
envoy_1 | [2023-05-05 07:29:24.557][1][info][main] [source/server/server.cc:446] response header map: 432 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,proxy-status,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
envoy_1 | [2023-05-05 07:29:24.557][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-05 07:29:24.566][1][info][main] [source/server/server.cc:801] runtime: {}
envoy_1 | [2023-05-05 07:29:24.567][1][warning][main] [source/server/server.cc:658] No admin address given, so no admin HTTP server started.
envoy_1 | [2023-05-05 07:29:24.567][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-05 07:29:24.567][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-05 07:29:24.567][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-05 07:29:24.567][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-05 07:29:24.568][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-05 07:29:24.570][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-05 07:29:24.570][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-05 07:29:24.570][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-05 07:29:24.570][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-05 07:29:24.571][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-05 07:29:24.571][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-05 07:29:24.572][1][info][main] [source/server/server.cc:897] starting main dispatch loop
webserver01_1 | * Running on http://127.0.0.1:8080/ (Press CTRL+C to quit)
#验证
[root@xksmaster1 ~]# curl 172.31.3.2
iKubernetes demoapp v1.0 !! ClientIP: 127.0.0.1, ServerName: 1b1ca9cc883c, ServerIP: 172.31.3.2!
HTTP_EGRESS
![]()
[root@xksmaster1 Envoy-Basics]# cd http-egress/
[root@xksmaster1 http-egress]# ll
total 12
-rw-r--r-- 1 root root 979 Aug 5 2022 docker-compose.yaml
-rw-r--r-- 1 root root 1344 Aug 5 2022 envoy.yaml
-rw-r--r-- 1 root root 566 Aug 5 2022 README.md
[root@xksmaster1 http-egress]# clear
[root@xksmaster1 http-egress]# cat docker-compose.yaml
# Author: MageEdu <mage@magedu.com>
# Site: www.magedu.com
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.4.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
client:
image: ikubernetes/admin-toolbox:v1.0
network_mode: "service:envoy"
depends_on:
- envoy
webserver01:
image: ikubernetes/demoapp:v1.0
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.4.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.4.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.4.0/24
[root@xksmaster1 http-egress]# cat envoy.yaml
# Author: MageEdu <mage@magedu.com>
# Site: www.magedu.com
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 127.0.0.1, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*"]
routes:
- match: { prefix: "/" }
route: { cluster: web_cluster }
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: web_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: web_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.4.11, port_value: 80 }
- endpoint:
address:
socket_address: { address: 172.31.4.12, port_value: 80 }
[root@xksmaster1 http-egress]# cat README.md
# HTTP Egress Proxy demo
### 环境说明
三个Service:
- envoy:Front Proxy,地址为172.31.4.2
- webserver01:第一个外部服务,地址为172.31.4.11
- webserver02:第二个外部服务,地址为172.31.4.12
### 运行和测试
1. 创建
```
docker-compose up
```
2. 于容器client的交互式接口中进行测试
```
docker exec -it http-egress-client-1 /bin/bash
curl 127.0.0.1
```
3. 停止后清理
```
docker-compose down
[root@xksmaster1 http-egress]# docker-compose up
Pulling client (ikubernetes/admin-toolbox:v1.0)...
v1.0: Pulling from ikubernetes/admin-toolbox
c9b1b535fdd9: Already exists
1de2c4c6c672: Pull complete
Digest: sha256:620435ec75aee84cfaf40e75c7466d5a4d10e71f5884ccc5cf7a475538fdc937
Status: Downloaded newer image for ikubernetes/admin-toolbox:v1.0
Creating http-egress_webserver01_1 ... done
Creating http-egress_webserver02_1 ... done
Creating http-egress_envoy_1 ... done
Creating http-egress_client_1 ... done
Attaching to http-egress_webserver01_1, http-egress_webserver02_1, http-egress_envoy_1, http-egress_client_1
webserver01_1 | * Running on http://0.0.0.0:80/ (Press CTRL+C to quit)
webserver02_1 | * Running on http://0.0.0.0:80/ (Press CTRL+C to quit)
envoy_1 | [2023-05-05 07:47:44.547][1][info][main] [source/server/server.cc:391] initializing epoch 0 (base id=0, hot restart version=11.104)
envoy_1 | [2023-05-05 07:47:44.547][1][info][main] [source/server/server.cc:393] statically linked extensions:
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.config.validators: envoy.config.validators.minimum_clusters, envoy.config.validators.minimum_clusters_validator
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.network.dns_resolver: envoy.network.dns_resolver.cares, envoy.network.dns_resolver.getaddrinfo
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.quic.server.crypto_stream: envoy.quic.crypto_stream.server.quiche
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.http.input: envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.request_headers, envoy.matching.inputs.request_trailers, envoy.matching.inputs.response_headers, envoy.matching.inputs.response_trailers, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.filters: envoy.filters.thrift.header_to_metadata, envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.bootstrap: envoy.bootstrap.internal_listener, envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.transports: auto, framed, header, unframed
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] network.connection.client: default, envoy_internal
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.http.original_ip_detection: envoy.http.original_ip_detection.custom_header, envoy.http.original_ip_detection.xff
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.network.custom_matchers: envoy.matching.custom_matchers.trie_matcher
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.filters.http: envoy.bandwidth_limit, envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.alternate_protocols_cache, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.bandwidth_limit, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.file_system_buffer, envoy.filters.http.gcp_authn, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.match_delegate, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.set_metadata, envoy.filters.http.stateful_session, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.health_check, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.opentelemetry, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing, envoy.matching.matchers.ip
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.filters.network: envoy.echo, envoy.ext_authz, envoy.filters.network.connection_limit, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.route.early_data_policy: envoy.route.early_data_policy.default
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.http_11_proxy, envoy.transport_sockets.internal_upstream, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.access_loggers.extension_filters: envoy.access_loggers.extension_filters.cel
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.formatter: envoy.formatter.metadata, envoy.formatter.req_without_query
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.common.key_value: envoy.key_value.file_based
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.quic.proof_source: envoy.quic.proof_source.filter_chain
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.protocols: dubbo
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor, envoy.compression.zstd.compressor
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.http.stateful_session: envoy.http.stateful_session.cookie
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.request_id: envoy.request_id.uuid
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.http.header_validators: envoy.http.header_validators.envoy_default
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.action: composite-action, skip
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, raw_buffer, starttls, tls
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.http.stateful_header_formatters: envoy.http.stateful_header_formatters.preserve_case, preserve_case
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.resolvers: envoy.ip
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.serializers: dubbo.hessian2
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor, envoy.compression.zstd.decompressor
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.stats_sinks: envoy.dog_statsd, envoy.graphite_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.graphite_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.http.cache: envoy.extensions.http.cache.simple
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.matching.network.input: envoy.matching.inputs.application_protocol, envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.transport_protocol, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.regex_engines: envoy.regex_engines.google_re2
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.health_checkers: envoy.health_checkers.redis
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.rbac.matchers: envoy.rbac.matchers.upstream_ip_port
envoy_1 | [2023-05-05 07:47:44.548][1][info][main] [source/server/server.cc:395] envoy.udp_packet_writer: envoy.udp_packet_writer.default, envoy.udp_packet_writer.gso
envoy_1 | [2023-05-05 07:47:44.554][1][info][main] [source/server/server.cc:443] HTTP header map info:
envoy_1 | [2023-05-05 07:47:44.558][1][info][main] [source/server/server.cc:446] request header map: 656 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-headers,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,proxy-status,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-envoy-upstream-stream-duration-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-host,x-forwarded-proto,x-ot-span-context,x-request-id
envoy_1 | [2023-05-05 07:47:44.558][1][info][main] [source/server/server.cc:446] request trailer map: 128 bytes:
envoy_1 | [2023-05-05 07:47:44.558][1][info][main] [source/server/server.cc:446] response header map: 432 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,proxy-status,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
envoy_1 | [2023-05-05 07:47:44.558][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-05 07:47:44.567][1][info][main] [source/server/server.cc:801] runtime: {}
envoy_1 | [2023-05-05 07:47:44.567][1][warning][main] [source/server/server.cc:658] No admin address given, so no admin HTTP server started.
envoy_1 | [2023-05-05 07:47:44.567][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-05 07:47:44.567][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-05 07:47:44.567][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-05 07:47:44.567][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-05 07:47:44.572][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-05 07:47:44.577][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-05 07:47:44.577][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-05 07:47:44.577][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-05 07:47:44.577][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-05 07:47:44.581][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-05 07:47:44.581][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-05 07:47:44.582][1][info][main] [source/server/server.cc:897] starting main dispatch loop
#验证
[root@xksmaster1 http-ingress]# docker exec -it http-egress-client-1 /bin/bash
[root@6e569c94107f /]# curl 127.0.0.1
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver01, ServerIP: 172.31.4.11!
[root@6e569c94107f /]# curl 127.0.0.1
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver01, ServerIP: 172.31.4.11!
[root@6e569c94107f /]# curl 127.0.0.1
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver02, ServerIP: 172.31.4.12!
[root@6e569c94107f /]# curl 127.0.0.1
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver02, ServerIP: 172.31.4.12!
浙公网安备 33010602011771号