Admin Interface
![]()
![]()
![]()
Admin Interface中的重要PATH:
/config_dump
/listners
/clusters
/stats
/stats/prometheus
/drain_listeners
/runtime
/runtime_modify:修改运行时参数的接口之一;
/server_info
监听在127.0.0.1地址
进行envoy容器的交互式接口,于本地获取
案例admin-interface
[root@xksmaster1 Envoy-Basics]# cd admin-interface/
[root@xksmaster1 admin-interface]# ll
total 12
-rw-r--r-- 1 root root 875 Aug 5 2022 docker-compose.yaml
-rw-r--r-- 1 root root 1774 Aug 5 2022 envoy.yaml
-rw-r--r-- 1 root root 680 Aug 5 2022 README.md
[root@xksmaster1 admin-interface]# cat docker-compose.yaml
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.5.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.5.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.5.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.5.0/24
#admin:这一段
[root@xksmaster1 admin-interface]# cat envoy.yaml
# Author: MageEdu <mage@magedu.com>
# Version: v1.0.2
# Site: www.magedu.com
#
admin:
profile_path: /tmp/envoy.prof
access_log_path: /tmp/admin_access.log
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*.ik8s.io", "ik8s.io"]
routes:
- match: { prefix: "/" }
route: { cluster: local_cluster }
- name: web_service_2
domains: ["*.magedu.com",“magedu.com"]
routes:
- match: { prefix: "/" }
redirect:
host_redirect: "www.ik8s.io"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.5.11, port_value: 8080 }
- endpoint:
address:
socket_address: { address: 172.31.5.12, port_value: 8080 }
[root@xksmaster1 admin-interface]# cat README.md
# HTTP Front Proxy and Admin Interface demo
### 环境说明
三个Service:
- envoy:Front Proxy,地址为172.31.5.2
- webserver01:第一个后端服务,地址为172.31.5.11
- webserver02:第二个后端服务,地址为172.31.5.12
### 运行和测试
1. 创建
```
docker-compose up
```
2. 测试,于宿主机上运行如下命令
```
# 获取帮助信息
curl 172.31.5.2:9901/help
# 查看完成的配置信息
curl 172.31.5.2:9901/config_dump
# 列出各Listener
curl 172.31.5.2:9901/listeners
```
3. 停止后清理
```
docker-compose down
```
[root@xksmaster1 admin-interface]# docker-compose up
Creating network "admin-interface_envoymesh" with driver "bridge"
Creating admin-interface_webserver01_1 ... done
Creating admin-interface_webserver02_1 ... done
Creating admin-interface_envoy_1 ... done
Attaching to admin-interface_webserver01_1, admin-interface_webserver02_1, admin-interface_envoy_1
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:391] initializing epoch 0 (base id=0, hot restart version=11.104)
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:393] statically linked extensions:
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.serializers: dubbo.hessian2
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor, envoy.compression.zstd.compressor
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.resolvers: envoy.ip
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.route.early_data_policy: envoy.route.early_data_policy.default
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.filters.network: envoy.echo, envoy.ext_authz, envoy.filters.network.connection_limit, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.protocols: dubbo
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.http_11_proxy, envoy.transport_sockets.internal_upstream, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, starttls, tls
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.transports: auto, framed, header, unframed
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.opentelemetry, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tcp_stats, envoy.transport_sockets.tls, raw_buffer, starttls, tls
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.filters: envoy.filters.thrift.header_to_metadata, envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.http.original_ip_detection: envoy.http.original_ip_detection.custom_header, envoy.http.original_ip_detection.xff
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.formatter: envoy.formatter.metadata, envoy.formatter.req_without_query
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.http.input: envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.request_headers, envoy.matching.inputs.request_trailers, envoy.matching.inputs.response_headers, envoy.matching.inputs.response_trailers, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.stats_sinks: envoy.dog_statsd, envoy.graphite_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.graphite_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.health_checkers: envoy.health_checkers.redis
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.udp_packet_writer: envoy.udp_packet_writer.default, envoy.udp_packet_writer.gso
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing, envoy.matching.matchers.ip
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.filters.http: envoy.bandwidth_limit, envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.alternate_protocols_cache, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.bandwidth_limit, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.file_system_buffer, envoy.filters.http.gcp_authn, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.match_delegate, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.set_metadata, envoy.filters.http.stateful_session, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.health_check, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.http.cache: envoy.extensions.http.cache.simple
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.network.input: envoy.matching.inputs.application_protocol, envoy.matching.inputs.destination_ip, envoy.matching.inputs.destination_port, envoy.matching.inputs.direct_source_ip, envoy.matching.inputs.dns_san, envoy.matching.inputs.server_name, envoy.matching.inputs.source_ip, envoy.matching.inputs.source_port, envoy.matching.inputs.source_type, envoy.matching.inputs.subject, envoy.matching.inputs.transport_protocol, envoy.matching.inputs.uri_san
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.quic.proof_source: envoy.quic.proof_source.filter_chain
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.regex_engines: envoy.regex_engines.google_re2
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] network.connection.client: default, envoy_internal
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.common.key_value: envoy.key_value.file_based
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.access_loggers.extension_filters: envoy.access_loggers.extension_filters.cel
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.http.header_validators: envoy.http.header_validators.envoy_default
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.quic.server.crypto_stream: envoy.quic.crypto_stream.server.quiche
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor, envoy.compression.zstd.decompressor
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.config.validators: envoy.config.validators.minimum_clusters, envoy.config.validators.minimum_clusters_validator
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.http.stateful_session: envoy.http.stateful_session.cookie
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.request_id: envoy.request_id.uuid
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.http.stateful_header_formatters: envoy.http.stateful_header_formatters.preserve_case, preserve_case
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.bootstrap: envoy.bootstrap.internal_listener, envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.network.dns_resolver: envoy.network.dns_resolver.cares, envoy.network.dns_resolver.getaddrinfo
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.rbac.matchers: envoy.rbac.matchers.upstream_ip_port
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.action: composite-action, skip
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
envoy_1 | [2023-05-06 07:48:31.741][1][info][main] [source/server/server.cc:395] envoy.matching.network.custom_matchers: envoy.matching.custom_matchers.trie_matcher
envoy_1 | [2023-05-06 07:48:31.748][1][warning][misc] [source/common/protobuf/message_validator_impl.cc:21] Deprecated field: type envoy.config.bootstrap.v3.Admin Using deprecated option 'envoy.config.bootstrap.v3.Admin.access_log_path' from file bootstrap.proto. This configuration will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details. If continued use of this field is absolutely necessary, see https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features for how to apply a temporary and highly discouraged override.
envoy_1 | [2023-05-06 07:48:31.748][1][info][main] [source/server/server.cc:443] HTTP header map info:
envoy_1 | [2023-05-06 07:48:31.749][1][info][main] [source/server/server.cc:446] request header map: 656 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-headers,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,proxy-status,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-envoy-upstream-stream-duration-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-host,x-forwarded-proto,x-ot-span-context,x-request-id
envoy_1 | [2023-05-06 07:48:31.749][1][info][main] [source/server/server.cc:446] request trailer map: 128 bytes:
envoy_1 | [2023-05-06 07:48:31.749][1][info][main] [source/server/server.cc:446] response header map: 432 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,proxy-status,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
envoy_1 | [2023-05-06 07:48:31.749][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-06 07:48:31.756][1][info][main] [source/server/server.cc:801] runtime: {}
envoy_1 | [2023-05-06 07:48:31.786][1][info][admin] [source/server/admin/admin.cc:67] admin address: 0.0.0.0:9901
envoy_1 | [2023-05-06 07:48:31.786][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-06 07:48:31.833][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-06 07:48:31.833][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-06 07:48:31.834][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-06 07:48:31.835][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-06 07:48:31.837][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-06 07:48:31.837][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-06 07:48:31.837][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-06 07:48:31.837][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-06 07:48:31.837][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-06 07:48:31.837][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-06 07:48:31.838][1][info][main] [source/server/server.cc:897] starting main dispatch loop
webserver02_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
webserver01_1 | * Running on http://0.0.0.0:8080/ (Press CTRL+C to quit)
#验证
[root@xksmaster1 ~]# curl 172.31.5.2:9901/help
admin commands are:
/: Admin home page
/certs: print certs on machine
/clusters: upstream cluster status
/config_dump: dump current Envoy configs (experimental)
/contention: dump current Envoy mutex contention stats (if enabled)
/cpuprofiler: enable/disable the CPU profiler
/drain_listeners: drain listeners
/healthcheck/fail: cause the server to fail health checks
/healthcheck/ok: cause the server to pass health checks
/heapprofiler: enable/disable the heap profiler
/help: print out list of admin commands
/hot_restart_version: print the hot restart compatibility version
/init_dump: dump current Envoy init manager information (experimental)
/listeners: print listener info
/logging: query/change logging levels
/memory: print current allocation/heap usage
/quitquitquit: exit the server
/ready: print server state, return 200 if LIVE, otherwise return 503
/reopen_logs: reopen access logs
/reset_counters: reset all counters to zero
/runtime: print runtime values
/runtime_modify: modify runtime values
/server_info: print server version/status information
/stats: print server stats
/stats/prometheus: print server stats in prometheus format
/stats/recentlookups: Show recent stat-name lookups
/stats/recentlookups/clear: clear list of stat-name lookups and counter
/stats/recentlookups/disable: disable recording of reset stat-name lookup names
/stats/recentlookups/enable: enable recording of reset stat-name lookup names
#后面上下文可以自己测试
[root@xksmaster1 ~]# curl 172.31.5.2:9901/clusters
[root@xksmaster1 ~]# curl 172.31.5.2:9901/clusters
local_cluster::observability_name::local_cluster
local_cluster::default_priority::max_connections::1024
local_cluster::default_priority::max_pending_requests::1024
local_cluster::default_priority::max_requests::1024
local_cluster::default_priority::max_retries::3
local_cluster::high_priority::max_connections::1024
local_cluster::high_priority::max_pending_requests::1024
local_cluster::high_priority::max_requests::1024
local_cluster::high_priority::max_retries::3
local_cluster::added_via_api::false
local_cluster::172.31.5.11:8080::cx_active::0
local_cluster::172.31.5.11:8080::cx_connect_fail::0
local_cluster::172.31.5.11:8080::cx_total::0
local_cluster::172.31.5.11:8080::rq_active::0
local_cluster::172.31.5.11:8080::rq_error::0
local_cluster::172.31.5.11:8080::rq_success::0
local_cluster::172.31.5.11:8080::rq_timeout::0
local_cluster::172.31.5.11:8080::rq_total::0
local_cluster::172.31.5.11:8080::hostname::
local_cluster::172.31.5.11:8080::health_flags::healthy
local_cluster::172.31.5.11:8080::weight::1
local_cluster::172.31.5.11:8080::region::
local_cluster::172.31.5.11:8080::zone::
local_cluster::172.31.5.11:8080::sub_zone::
local_cluster::172.31.5.11:8080::canary::false
local_cluster::172.31.5.11:8080::priority::0
local_cluster::172.31.5.11:8080::success_rate::-1
local_cluster::172.31.5.11:8080::local_origin_success_rate::-1
local_cluster::172.31.5.12:8080::cx_active::0
local_cluster::172.31.5.12:8080::cx_connect_fail::0
local_cluster::172.31.5.12:8080::cx_total::0
local_cluster::172.31.5.12:8080::rq_active::0
local_cluster::172.31.5.12:8080::rq_error::0
local_cluster::172.31.5.12:8080::rq_success::0
local_cluster::172.31.5.12:8080::rq_timeout::0
local_cluster::172.31.5.12:8080::rq_total::0
local_cluster::172.31.5.12:8080::hostname::
local_cluster::172.31.5.12:8080::health_flags::healthy
local_cluster::172.31.5.12:8080::weight::1
local_cluster::172.31.5.12:8080::region::
local_cluster::172.31.5.12:8080::zone::
local_cluster::172.31.5.12:8080::sub_zone::
local_cluster::172.31.5.12:8080::canary::false
local_cluster::172.31.5.12:8080::priority::0
local_cluster::172.31.5.12:8080::success_rate::-1
local_cluster::172.31.5.12:8080::local_origin_success_rate::-1
Runtime![]()
![]()
runtime配置格式
layered_runtime: # 配置运行配置供应者,未指定时则使用null供应者,即所有参数均加载其默认值;
layers: # 运行时的层级列表,后面的层将覆盖先前层上的配置;
- name: ... # 运行时的层级名称,仅用于“GET /runtime”时的输出;
static_layer: {...} # 静态运行时层级,遵循运行时probobuf JSON表示编码格式;不同于静态的xDS资源,静态运行时层一样可被后面的层所覆盖;
# 此项配置,以及后面三个层级类型彼此互斥,因此一个列表项中仅可定义一层;
disk_layer: {...} # 基于本地磁盘的运行时层级;
symlink_root: ... # 通过符号链接访问的文件系统树;
subdirectory: ... # 指定要在根目录中加载的子目录;
append_service_cluster: ... # 是否将服务集群附加至符号链接根目录下的子路径上;
admin_layer: {...} # 管理控制台运行时层级,即通过/runtime管理端点查看,通过/runtime_modify管理端点修改的配置方式;
rtds_layer: {...} # 运行时发现服务(runtime discovery service)层级,即通过xDS API中的RTDS API动态发现相关的层级配置;
name: ... # 在rtds_config上为RTDS层订阅的资源;
rtds_config: {...} # RTDS的ConfigSource;
![]()
分层,每一都可以为参数提供配置
static layer
disk layer
admin layer
rtds
案例layered-runtime
[root@xksmaster1 Envoy-Basics]# cd layered-runtime/
[root@xksmaster1 layered-runtime]# ll
total 12
-rw-r--r-- 1 root root 879 Aug 5 2022 docker-compose.yaml
-rw-r--r-- 1 root root 1935 Aug 5 2022 envoy.yaml
-rw-r--r-- 1 root root 550 Aug 5 2022 README.md
[root@xksmaster1 layered-runtime]# cat docker-compose.yaml
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.14.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.14.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.14.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.14.0/24
#layered_runtime:这段
[root@xksmaster1 layered-runtime]# cat envoy.yaml
# Author: MageEdu <mage@magedu.com>
# Version: v1.0.2
# Site: www.magedu.com
#
admin:
profile_path: /tmp/envoy.prof
access_log_path: /tmp/admin_access.log
address:
socket_address:
address: 0.0.0.0
port_value: 9901
layered_runtime:
layers:
- name: static_layer_0
static_layer:
health_check:
min_interval: 5
- name: admin_layer_0
admin_layer: {}
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*.ik8s.io", "ik8s.io"]
routes:
- match: { prefix: "/" }
route: { cluster: local_cluster }
- name: web_service_2
domains: ["*.magedu.com",“magedu.com"]
routes:
- match: { prefix: "/" }
redirect:
host_redirect: "www.ik8s.io"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.14.11, port_value: 8080 }
- endpoint:
address:
socket_address: { address: 172.31.14.12, port_value: 8080 }
[root@xksmaster1 layered-runtime]# cat README.md
# HTTP Front Proxy and Admin Interface demo
### 环境说明
三个Service:
- envoy:Front Proxy,地址为172.31.14.2
- webserver01:第一个后端服务,地址为172.31.14.11
- webserver02:第二个后端服务,地址为172.31.14.12
### 运行和测试
1. 创建
```
docker-compose up
```
2. 测试,于宿主机上运行如下命令
```
curl 172.31.14.2:9901/runtime
```
3. 停止后清理
```
docker-compose down
```
#显示
docker-compose up
envoy_1 | [2023-05-06 08:16:49.496][1][info][main] [source/server/server.cc:446] response trailer map: 152 bytes: grpc-message,grpc-status
envoy_1 | [2023-05-06 08:16:49.504][1][info][main] [source/server/server.cc:801] runtime: layers:
envoy_1 | - name: static_layer_0
envoy_1 | static_layer:
envoy_1 | health_check:
envoy_1 | min_interval: 5
envoy_1 | - name: admin_layer_0
envoy_1 | admin_layer:
envoy_1 | {}
envoy_1 | [2023-05-06 08:16:49.504][1][info][admin] [source/server/admin/admin.cc:67] admin address: 0.0.0.0:9901
envoy_1 | [2023-05-06 08:16:49.505][1][info][dns] [source/extensions/network/dns_resolver/cares/dns_impl.cc:531] c-ares library initialized.
envoy_1 | [2023-05-06 08:16:49.505][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
envoy_1 | [2023-05-06 08:16:49.505][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
envoy_1 | [2023-05-06 08:16:49.505][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
envoy_1 | [2023-05-06 08:16:49.506][1][info][config] [source/server/configuration_impl.cc:101] loading 1 listener(s)
envoy_1 | [2023-05-06 08:16:49.509][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
envoy_1 | [2023-05-06 08:16:49.509][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
envoy_1 | [2023-05-06 08:16:49.509][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:225] cm init: all clusters initialized
envoy_1 | [2023-05-06 08:16:49.509][1][warning][main] [source/server/server.cc:776] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
envoy_1 | [2023-05-06 08:16:49.510][1][info][main] [source/server/server.cc:878] all clusters initialized. initializing init manager
envoy_1 | [2023-05-06 08:16:49.510][1][info][config] [source/server/listener_manager_impl.cc:841] all dependencies initialized. starting workers
envoy_1 | [2023-05-06 08:16:49.511][1][info][main] [source/server/server.cc:897] starting main dispatch loop
#验证
curl 172.31.14.2:9901/runtime
[root@xksmaster1 admin-interface]# curl 172.31.14.2:9901/runtime
{
"entries": {
"health_check.min_interval": {
"final_value": "5",
"layer_values": [
"5",
""
]
}
},
"layers": [
"static_layer_0",
"admin_layer_0"
]
}
[root@xksmaster1 admin-interface]# curl -XPOST 172.31.14.2:9901/runtime_modify?health_check.min_interval=19
OK
[root@xksmaster1 admin-interface]# curl -XPOST 172.31.14.2:9901/runtime
{
"layers": [
"static_layer_0",
"admin_layer_0"
],
"entries": {
"health_check.min_interval": {
"layer_values": [
"5",
"19"
],
"final_value": "19"
}
}
}
浙公网安备 33010602011771号