如何解决Istio EnvoyFilter HTTP_ROUTE 示例
我尝试为 istio-ingressgateway
路由编写 EnvoyFilter:
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: retry
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: HTTP_ROUTE
match:
context: GATEWAY
routeConfiguration:
vhost:
name: '*.example.net:8000'
route:
name: 'cfs'
patch:
operation: MERGE
value:
typed_config:
'@type': type.googleapis.com/envoy.config.route.v3.Route
route:
cluster_not_found_response_code: NOT_FOUND
这个过滤器不起作用,我哪里弄错了?
Istio v1.9.3
我希望 cluster_not_found_response_code: NOT_FOUND
出现在此配置中:
$ istioctl proxy-config route istio-ingressgateway-5abc45c5cb-44l47.istio-system -o json
[
{
"name": "http.8000","virtualHosts": [
{
"name": "*.example.net:8000","domains": [
"*.example.net","*.example.net:8000"
],"routes": [
{
"name": "cfs","match": {
"prefix": "/upload","caseSensitive": true
},"route": {
"cluster": "outbound|8000||cfs.default.svc.cluster.local","timeout": "0s","retryPolicy": {
"retryOn": "retriable-status-codes,connect-failure,reset","numRetries": 4,"retryPriority": {
"name": "envoy.retry_priorities.previous_priorities","typedConfig": {
"@type": "type.googleapis.com/envoy.config.retry.previous_priorities.PreviousPrioritiesConfig","updateFrequency": 2
}
},"retryHostPredicate": [
{
"name": "envoy.retry_host_predicates.previous_hosts"
}
],"hostSelectionRetryMaxAttempts": "5","retriableStatusCodes": [
404
]
},"cors": {
"allowOriginStringMatch": [
{
"exact": "*"
}
],"allowMethods": "GET,POST,DELETE,OPTIONS","allowHeaders": "Content-Type,Content-Disposition,Origin,Accept","maxAge": "86400","allowCredentials": false,"filterEnabled": {
"defaultValue": {
"numerator": 100
}
}
},"maxStreamDuration": {
"maxStreamDuration": "0s"
}
},"metadata": {
"filterMetadata": {
"istio": {
"config": "/apis/networking.istio.io/v1alpha3/namespaces/default/virtual-service/cara"
}
}
},"decorator": {
"operation": "cfs.default.svc.cluster.local:8000/upload*"
},"responseHeadersToRemove": [
"x-envoy-upstream-service-time"
]
},...
],"includeRequestAttemptCount": true
},...
],"validateClusters": false
},...
]
无法更改任何路由配置值 cluster_not_found_response_code
只是一个示例。
解决方法
在我的环境中,给定的 EnvoyFilter 定义没有通过 CRD 级别的模式验证:
CRD validation error while creating EnvoyFilter resource:
Warning: Envoy filter: unknown field "typed_config" in envoy.config.route.v3.Route
envoyfilter.networking.istio.io/retry-faulty created
V3 api 中好像没有 Route 这样的 Envoy 类型。
解决方法: 您可以尝试在 VirtualService 级别指定直接响应,例如 this github issue: 这对我来说很好用:
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: retry-faulty
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: HTTP_ROUTE
match:
context: GATEWAY
routeConfiguration:
vhost:
name: 'productpage.com:80'
route:
name: 'http.80'
patch:
operation: MERGE
value:
typed_config:
"@type": type.googleapis.com/envoy.config.route.v3.RouteConfiguration
route:
cluster_not_found_response_code: NOT_FOUND
来自 istio 的响应头:
HTTP/1.1 404 Not Found
content-length: 9
content-type: text/plain
date: Fri,11 Jun 2021 12:46:01 GMT
server: istio-envoy
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。