一、Httproute-simple-match
1.README.md
#README.md
[root@k8s-master01 httproute-simple-match]# cat README.md
# HTTP Route Simple Match Demo
### 环境说明
##### 八个Service:
- envoy:Front Proxy,地址为172.31.50.10
- 7个后端服务
- light_blue和dark_blue:对应于Envoy中的blue集群
- light_red和dark_red:对应于Envoy中的red集群
- light_green和dark_green:对应Envoy中的green集群
- gray:对应于Envoy中的gray集群
##### 使用的路由配置
```
virtual_hosts:
- name: vh_001
domains: ["ilinux.io", "*.ilinux.io", "ilinux.*"]
routes:
- match:
path: "/service/blue"
route:
cluster: blue
- match:
safe_regex:
google_re2: {}
regex: "^/service/.*blue$"
redirect:
path_redirect: "/service/blue"
- match:
prefix: "/service/yellow"
direct_response:
status: 200
body:
inline_string: "This page will be provided soon later.\n"
- match:
prefix: "/"
route:
cluster: red
- name: vh_002
domains: ["*"]
routes:
- match:
prefix: "/"
route:
cluster: gray
```
### 运行和测试
1. 创建并运行容器
```
docker-compose up
```
2. 测试domain的匹配机制
```
# 首先访问无法匹配到vh_001的域名
curl -H "Host: www.magedu.com" http://172.31.50.10/service/a
<body bgcolor="gray"><span style="color:white;font-size:4em;">
Hello from gray (hostname: 91a424fbb509 resolvedhostname:172.31.50.5)
</span></body>
# 接着访问可以匹配vh_001的域名
curl -H "Host: www.ilinux.io" http://172.31.50.10/service/a
<body bgcolor="light_red"><span style="color:white;font-size:4em;">
Hello from light_red (hostname: 4b6793c1f445 resolvedhostname:172.31.50.7)
</span></body>
```
3. 测试路由匹配机制
```
# 首先访问“/service/blue”
curl -H "Host: www.ilinux.io" http://172.31.50.10/service/blue
<body bgcolor="dark_blue"><span style="color:white;font-size:4em;">
Hello from dark_blue (hostname: 96edc379cac7 resolvedhostname:172.31.50.8)
</span></body>
# 接着访问“/service/dark_blue”
curl -I -H "Host: www.ilinux.io" http://172.31.50.10/service/dark_blue
HTTP/1.1 301 Moved Permanently
location: http://www.ilinux.io/service/blue
date: Fri, 29 Oct 2021 03:02:59 GMT
server: envoy
transfer-encoding: chunked
# 然后访问“/serevice/yellow”
curl -H "Host: www.ilinux.io" http://172.31.50.10/service/yellow
This page will be provided soon later.
```
4. 停止后清理
```
docker-compose down
```
2.docker-compose.yaml
#docker-compose.yaml
[root@k8s-master01 httproute-simple-match]# cat docker-compose.yaml
version: '3'
services:
front-envoy:
#image: envoyproxy/envoy-alpine:v1.21-latest
image: envoyproxy/envoy:v1.23-latest
environment:
- ENVOY_UID=0
- ENVOY_GID=0
volumes:
- ./front-envoy.yaml:/etc/envoy/envoy.yaml
networks:
envoymesh:
ipv4_address: 172.31.50.10
expose:
# Expose ports 80 (for general traffic) and 9901 (for the admin server)
- "80"
- "9901"
light_blue:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- light_blue
- blue
environment:
- SERVICE_NAME=light_blue
expose:
- "80"
dark_blue:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- dark_blue
- blue
environment:
- SERVICE_NAME=dark_blue
expose:
- "80"
light_green:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- light_green
- green
environment:
- SERVICE_NAME=light_green
expose:
- "80"
dark_green:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- dark_green
- green
environment:
- SERVICE_NAME=dark_green
expose:
- "80"
light_red:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- light_red
- red
environment:
- SERVICE_NAME=light_red
expose:
- "80"
dark_red:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- dark_red
- red
environment:
- SERVICE_NAME=dark_red
expose:
- "80"
gray:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- gray
- grey
environment:
- SERVICE_NAME=gray
expose:
- "80"
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.50.0/24
3. front-envoy.yaml
# front-envoy.yaml
[root@k8s-master01 httproute-simple-match]# cat front-envoy.yaml
admin:
profile_path: /tmp/envoy.prof
access_log_path: /tmp/admin_access.log
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: vh_001
domains: ["ilinux.io", "*.ilinux.io", "ilinux.*"]
routes:
- match:
path: "/service/blue"
route:
cluster: blue
- match:
safe_regex:
google_re2: {}
regex: "^/service/.*blue$"
redirect:
path_redirect: "/service/blue"
- match:
prefix: "/service/yellow"
direct_response:
status: 200
body:
inline_string: "This page will be provided soon later.\n"
- match:
prefix: "/"
route:
cluster: red
- name: vh_002
domains: ["*"]
routes:
- match:
prefix: "/"
route:
cluster: gray
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: blue
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options: {}
load_assignment:
cluster_name: blue
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: blue
port_value: 80
- name: red
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options: {}
load_assignment:
cluster_name: red
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: red
port_value: 80
- name: green
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options: {}
load_assignment:
cluster_name: green
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: green
port_value: 80
- name: gray
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
http2_protocol_options: {}
load_assignment:
cluster_name: gray
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: gray
port_value: 80
4.测试
# 首先访问无法匹配到vh_001的域名
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.magedu.com" http://172.31.50.10/service/a
Hello from App behind Envoy (service gray)! hostname: 96fdba8dead0 resolved hostname: 172.31.50.5
# 接着访问可以匹配vh_001的域名
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/a
Hello from App behind Envoy (service dark_red)! hostname: ef48e0564e77 resolved hostname: 172.31.50.3
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/a
Hello from App behind Envoy (service light_red)! hostname: 4b6d80475a8a resolved hostname: 172.31.50.8
#3. 测试路由匹配机制
# 首先访问“/service/blue”
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/blue
Hello from App behind Envoy (service dark_blue)! hostname: 0f954a55e467 resolved hostname: 172.31.50.4
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/blue
Hello from App behind Envoy (service light_blue)! hostname: 8eb6d015887f resolved hostname: 172.31.50.2
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/blue
Hello from App behind Envoy (service dark_blue)! hostname: 0f954a55e467 resolved hostname: 172.31.50.4
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/blue
Hello from App behind Envoy (service light_blue)! hostname: 8eb6d015887f resolved hostname: 172.31.50.2
# 接着访问“/service/dark_blue”
[root@k8s-master01 httproute-simple-match]# curl -I -H "Host: www.ilinux.io" http://172.31.50.10/service/dark_blue
HTTP/1.1 301 Moved Permanently
location: http://www.ilinux.io/service/blue
date: Wed, 21 Feb 2024 08:14:55 GMT
server: envoy
transfer-encoding: chunked
[root@k8s-master01 httproute-simple-match]# curl -I -H "Host: www.ilinux.io" http://172.31.50.10/service/dark_blue
HTTP/1.1 301 Moved Permanently
location: http://www.ilinux.io/service/blue
date: Wed, 21 Feb 2024 08:14:56 GMT
server: envoy
transfer-encoding: chunked
# 然后访问“/serevice/yellow”
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/yellow
This page will be provided soon later.
[root@k8s-master01 httproute-simple-match]# curl -H "Host: www.ilinux.io" http://172.31.50.10/service/yellow
This page will be provided soon later.
二、Httproute-headers-match
1.README.md
[root@k8s-master01 httproute-headers-match]# cat README.md
# HTTP Route Headers Match Demo
### 环境说明
#### 六个Service:
- envoy:Front Proxy,地址为172.31.52.10
- 5个后端服务
- demoapp-v1.0-1和demoapp-v1.0-2:对应于Envoy中的demoappv10集群
- demoapp-v1.1-1和demoapp-v1.1-2:对应于Envoy中的demoappv11集群
- demoapp-v1.2-1:对应于Envoy中的demoappv12集群
#### 使用的路由配置
```
virtual_hosts:
- name: vh_001
domains: ["*"]
routes:
- match:
prefix: "/"
headers:
- name: X-Canary
exact_match: "true"
route:
cluster: demoappv12
- match:
prefix: "/"
query_parameters:
- name: "username"
string_match:
prefix: "vip_"
route:
cluster: demoappv11
- match:
prefix: "/"
route:
cluster: demoappv10
```
### 运行和测试
1. 创建并运行容器
```
docker-compose up
```
2. 发起无附加条件的请求
```
# 不使用任何独特的访问条件
curl 172.31.52.10/hostname
ServerName: demoapp-v1.0-1
curl 172.31.52.10/hostname
ServerName: demoapp-v1.0-2
```
3. 测试使用“X-Canary: true”村头的请求
```
# 使用特定的标头发起请求
curl -H "X-Canary: true" 172.31.52.10/hostname
ServerName: demoapp-v1.2-1
```
4. 测试使用特定的查询条件
```
# 在请求中使用特定的查询条件
curl 172.31.52.10/hostname?username=vip_mageedu
ServerName: demoapp-v1.1-1
curl 172.31.52.10/hostname?username=vip_ilinux
ServerName: demoapp-v1.1-2
```
5. 停止后清理
```
docker-compose down
```
2.docker-compose.yaml
[root@k8s-master01 httproute-headers-match]# cat docker-compose.yaml
version: '3'
services:
front-envoy:
image: envoyproxy/envoy-alpine:v1.21-latest
environment:
- ENVOY_UID=0
- ENVOY_GID=0
volumes:
- ./front-envoy.yaml:/etc/envoy/envoy.yaml
networks:
envoymesh:
ipv4_address: 172.31.52.10
expose:
# Expose ports 80 (for general traffic) and 9901 (for the admin server)
- "80"
- "9901"
demoapp-v1.0-1:
image: ikubernetes/demoapp:v1.0
hostname: demoapp-v1.0-1
networks:
envoymesh:
aliases:
- demoappv10
expose:
- "80"
demoapp-v1.0-2:
image: ikubernetes/demoapp:v1.0
hostname: demoapp-v1.0-2
networks:
envoymesh:
aliases:
- demoappv10
expose:
- "80"
demoapp-v1.1-1:
image: ikubernetes/demoapp:v1.1
hostname: demoapp-v1.1-1
networks:
envoymesh:
aliases:
- demoappv11
expose:
- "80"
demoapp-v1.1-2:
image: ikubernetes/demoapp:v1.1
hostname: demoapp-v1.1-2
networks:
envoymesh:
aliases:
- demoappv11
expose:
- "80"
demoapp-v1.2-1:
image: ikubernetes/demoapp:v1.2
hostname: demoapp-v1.2-1
networks:
envoymesh:
aliases:
- demoappv12
expose:
- "80"
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.52.0/24
3. front-envoy.yaml
[root@k8s-master01 httproute-headers-match]# cat front-envoy.yaml
admin:
profile_path: /tmp/envoy.prof
access_log_path: /tmp/admin_access.log
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: vh_001
domains: ["*"]
routes:
- match:
prefix: "/"
headers:
- name: X-Canary
exact_match: "true"
route:
cluster: demoappv12
- match:
prefix: "/"
query_parameters:
- name: "username"
string_match:
prefix: "vip_"
route:
cluster: demoappv11
- match:
prefix: "/"
route:
cluster: demoappv10
http_filters:
- name: envoy.filters.http.router
clusters:
- name: demoappv10
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: demoappv10
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: demoappv10
port_value: 80
- name: demoappv11
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: demoappv11
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: demoappv11
port_value: 80
- name: demoappv12
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: demoappv12
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: demoappv12
port_value: 80
4.测试
#发起无附加条件的请求
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname
ServerName: demoapp-v1.0-1
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname
ServerName: demoapp-v1.0-2
#测试使用“X-Canary: true”村头的请求
# 使用特定的标头发起请求
[root@k8s-master01 httproute-headers-match]# curl -H "X-Canary: true" 172.31.52.10/hostname
ServerName: demoapp-v1.2-1
[root@k8s-master01 httproute-headers-match]# curl -H "X-Canary: true" 172.31.52.10/hostname
ServerName: demoapp-v1.2-1
[root@k8s-master01 httproute-headers-match]# curl -H "X-Canary: true" 172.31.52.10/hostname
#测试使用特定的查询条件
# 在请求中使用特定的查询条件
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname?username=vip_mageedu
ServerName: demoapp-v1.1-1
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname?username=vip_mageedu
ServerName: demoapp-v1.1-2
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname?username=vip_mageedu
ServerName: demoapp-v1.1-2
[root@k8s-master01 httproute-headers-match]# curl 172.31.52.10/hostname?username=vip_mageedu
ServerName: demoapp-v1.1-1
浙公网安备 33010602011771号