Managing Ingress traffic patterns

At the beginning of this chapter, we introduced the Istio primitive gateway and created a bookinfo-gateway, which allowed http traffic from all external hosts on port 80. Let's get started:

  1. Review the definition of mygateway that we created at the beginning of this chapter:
$ cat 00-create-gateway.yaml

We also created the Istio bookinfo virtual service, which uses mygateway.

  1. Review the bookinfo virtual service:
$ cat 01-create-virtual-service.yaml

As shown by the output of the gateway and virtual service, we are routing any external host http request on route /productpage to the internal Kubernetes productpage service at port 9080.

Let's take an example where we want to route http://bookinfo.istio.io to the Kubernetes productpage service on port 9080. For this to happen, we need to have a DNS entry for bookinfo.istio.io mapped to the external IP address of the Istio Ingress gateway service in our istio-system namespace. For example, the external IP address in our VM is mapped to 192.168.142.249. Note that this could be a different IP address in your VM.

  1. Check the external IP address of the Ingress gateway:
$ kubectl -n istio-system get svc istio-ingressgateway -o custom-columns=Name:.metadata.name,EXTERNAL_IP:.status.loadBalancer.ingress[0].ip
Name                   EXTERNAL_IP
istio-ingressgateway   192.168.142.249

We will pretend that our IP address of 192.168.142.249 is mapped to bookinfo.istio.io by creating an entry in our VM's /etc/hosts file.

  1. Create an entry in the /etc/hosts file:
$ export INGRESS_IP=$(kubectl -n istio-system get svc istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}') ; echo $INGRESS_IP
192.168.142.249

$ if ! grep -q bookinfo.istio.io /etc/hosts ; then echo "$INGRESS_IP bookinfo.istio.io" | sudo tee -a /etc/hosts; fi

Create a separate Istio virtual service that will use our existing bookinfo-gateway and route http://bookinfo.istio.io to our internal Kubernetes productpage service at port 9080.

  1. Review the following script for the definition of the virtual service:
# Script : 14-create-bookinfo-virtual-service.yaml 

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: bookinfo.istio.io
spec:
  hosts:
  - "bookinfo.istio.io"
  gateways:
  - mygateway
  http:
  - match:
    - uri:
        exact: /
    - uri:
        exact: /productpage
    - uri:
        prefix: /static
    - uri:
        exact: /login
    - uri:
        exact: /logout
    - uri:
        prefix: /api/v1/products
    route:
    - destination:
        host: productpage.istio-lab.svc.cluster.local
        port:
          number: 9080
  1. Create the bookinfo.istio.io virtual service:
$ kubectl -n istio-system apply -f 14-create-bookinfo-virtual-service.yaml
virtualservice.networking.istio.io/bookinfo.istio.io created
  1. Test http://bookinfo.istio.io within the virtual machine:
$ curl -s http://bookinfo.istio.io | grep title
<title>Simple Bookstore App</title>

This demonstrates how an Istio Ingress gateway can be used using Istio's primitive of the gateway and virtual service. The advantage of using an Istio gateway is that we can leverage the routing capabilities of Istio for traffic management.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.38.117