envoy的runtime运行时接口
runtime运行时接口
runtime用于修改个别配置(较轻量),可避免使用xds api(过于繁重)
runtime是虚拟文件系统树,可通过1到n个本地文件系统目录、静态资源、RTDS动态发现和管理接口进行定义和配置,每个配置成为1个layer,因此也成为layered runtime,这些layer最终叠加生效
runtime是与envoy一起部署的外置实时配置系统,用于支持更改配置而无需重启envoy、更改主配置。运行时配置相关的运行时参数也称为:功能标志(feature flags),或决策者
运行时配置的实现:
称为运行时配置供应者
envoy当前支持的运行时配置的实现是由多个层级组成的虚拟文件系统(envoy在配置目录中监视符号链接的交换空间,在发生交换时重载文件树)
默认运行时为null,确保正常运行
配置:
需要在bootstrap文件(初始化配置文件)中启用和配置
一旦定义了layered_runtime,则至少要给出一个layer
layered_runtime: #未指定时使用null供应者
layers:
- name: 名 #运行时的层级名称,后面的层会覆盖先前层上的配置
static_layer: {} #静态运行时层级,遵循protobuf.json编码格式,不同于静态的xds资源,静态运行时层一样可被后面的层覆盖
disk_layer: {} #基于本地磁盘的运行时层级
symlink_root: str #通过符号链接访问的文件系统树
subdirectory: str #指定要在根目录加载的子目录
append_layer: str #是否将服务集群附加到符号链接根目录下的子路径上
admin_layer: {} #管理控制台运行时层级,即通过/runtime api查看,通过/runtime_modify api修改配置
rtds_layer: {} #运行时发现服务层级,通过xds中的rtds api动态发现相关的层级配置
name: str #在rtds_config中为rtds层订阅的资源
rtds_config: {} #rtds的配置
案例
例1:
1)envoy.yaml
admin:
profile_path: /tmp/envoy.prof
access_log_path: /tmp/admin_access.log
address:
socket_address:
address: 0.0.0.0
port_value: 9901
layered_runtime:
layers:
- name: static_layer_0
static_layer:
health_check:
min_interval: 5
- name: admin_layer_0
admin_layer: {}
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*.ik8s.io", "ik8s.io"]
routes:
- match: { prefix: "/" }
route: { cluster: local_cluster }
- name: web_service_2
domains: ["*.magedu.com",“magedu.com"]
routes:
- match: { prefix: "/" }
redirect:
host_redirect: "www.ik8s.io"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: local_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.14.11, port_value: 8080 }
- endpoint:
address:
socket_address: { address: 172.31.14.12, port_value: 8080 }
2)docker-compose.yml
version: '3.3'
services:
envoy:
image: envoyproxy/envoy-alpine:v1.18-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
networks:
envoymesh:
ipv4_address: 172.31.14.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
webserver01:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.14.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
environment:
- PORT=8080
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.14.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.14.0/24
3)测试
IP=`docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' layered-runtime_envoy_1`
#查看
curl $IP:9901/runtime
#修改健康检测间隔
curl -X POST $IP:9901/runtime_modify?health_check.min_interval=10
curl $IP:9901/runtime
浙公网安备 33010602011771号