Envoy http-egress配置
环境说明
envoy:Front Proxy, 地址为 172.31.4.2
webserver01:后端服务,地址为 172.31.4.11
webserver01:后端服务,地址为 172.31.4.12
envoy配置文件
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 80 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: web_service_1
domains: ["*"]
routes:
- match: { prefix: "/" }
route: { cluster: web_cluster }
- name: web_service_2
domains: ["*.envoyproxy.io","envoyproxy.io"]
routes:
- match: { prefix: "/" }
redirect:
host_redirect: "www.envoy.io"
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: web_cluster
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: web_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 172.31.4.11, port_value: 80 }
- endpoint:
address:
socket_address: { address: 172.31.4.12, port_value: 80 }docker-compose.yaml
version: '3.3'
services:
envoy:
image: envoyproxy/envoy:v1.23-latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
environment:
- ENVOY_UID=0
- ENVOY_GID=0
networks:
envoymesh:
ipv4_address: 172.31.4.2
aliases:
- front-proxy
depends_on:
- webserver01
- webserver02
client:
image: ikubernetes/admin-toolbox:v1.0
network_mode: "service:envoy"
depends_on:
- envoy
webserver01:
image: ikubernetes/demoapp:v1.0
hostname: webserver01
networks:
envoymesh:
ipv4_address: 172.31.4.11
aliases:
- webserver01
webserver02:
image: ikubernetes/demoapp:v1.0
hostname: webserver02
networks:
envoymesh:
ipv4_address: 172.31.4.12
aliases:
- webserver02
networks:
envoymesh:
driver: bridge
ipam:
config:
- subnet: 172.31.4.0/24运行envoy
docker-compose up -d测试envoy
# docker-compose exec client bash
[root@367ff6ac8f0a /]$ ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 127.0.0.1:80 0.0.0.0:*
LISTEN 0 4096 127.0.0.1:80 0.0.0.0:*
LISTEN 0 4096 127.0.0.1:80 0.0.0.0:*
LISTEN 0 4096 127.0.0.1:80 0.0.0.0:*
LISTEN 0 4096 127.0.0.11:34867 0.0.0.0:*
[root@367ff6ac8f0a /]$ curl http://127.0.0.1:80
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver01, ServerIP: 172.31.4.11!
[root@367ff6ac8f0a /]$ curl http://127.0.0.1:80
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver02, ServerIP: 172.31.4.12!
[root@367ff6ac8f0a /]$ curl http://172.31.4.11:80
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver01, ServerIP: 172.31.4.11!
[root@367ff6ac8f0a /]$ curl http://172.31.4.12:80
iKubernetes demoapp v1.0 !! ClientIP: 172.31.4.2, ServerName: webserver02, ServerIP: 172.31.4.12!
[root@367ff6ac8f0a /]$ curl -I -H "host: www.envoyproxy.io" http://127.0.0.1:80
HTTP/1.1 301 Moved Permanently
location: http://www.envoy.io/
date: Tue, 16 Aug 2022 02:55:55 GMT
server: envoy
transfer-encoding: chunked清理envoy
docker-compose down
