Istio Workload Entry and Workload Group

WorkloadEntry

  • 为什么需要WorkloadEntry CR?

    • ·自v1.6开始,Istio在其流量管理功能组中引入了WorkloadEntry这一新的资源类型
    • WorkloadEntry CR用于抽象非Kubernetes托管的工作负载,例如虚拟机(VM)实例和裸服务器等,从而将虚拟机加入到网格中
    • 于是,这些VM或裸服务器,亦可作为与Kubernetes集群上的Pod等同的工作负载,并具备流量管理、安全管理、可视化等能力
    • ServiceEntry对象可根据指定的标签器筛选VM,从而让ServiceEntry专注于服务定义,而由WorkloadEntry负责定义各端点

    • 因此:WorkloadEntry CR的引入,大大简化了将VM加入Istio网格的复杂度

  • Istio在其v1.8版本中对VM的支持有了进一步的增强

    • VM自动注册:使用WorkloadGroup CR,将VM实例自动注册为Istio上的WorkloadEntry

    • 智能DNS代理:使用Sidecar DNS Proxy,缓存网格中的endpoint,以及由ServiceEntry创建的endpoint

      • 虚拟机访问网格内的服务无需再配置/etc/hosts

    • 因此:WorkloadGroup和WorkloadEntry能够方便用户将虚拟机上的服务注册到网格内

WorkloadEntry CR 资源规范

~# kubectl explain workloadgroup
KIND:     WorkloadGroup
VERSION:  networking.istio.io/v1beta1

DESCRIPTION:
     <empty>

FIELDS:
   apiVersion	<string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

   kind	<string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

   metadata	<Object>
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

   spec	<Object>

   status	<>
~# kubectl explain workloadentry
KIND:     WorkloadEntry
VERSION:  networking.istio.io/v1beta1

DESCRIPTION:
     <empty>

FIELDS:
   apiVersion	<string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

   kind	<string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

   metadata	<Object>
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

   spec	<Object>
     Configuration affecting VMs onboarded into the mesh. See more details at:
     https://istio.io/docs/reference/config/networking/workload-entry.html

   status	<>

参考文档

 workload-entry:https://istio.io/latest/docs/reference/config/networking/workload-entry/

workload-group:https://istio.io/latest/docs/reference/config/networking/workload-group/

posted @ 2022-11-01 15:09  小吉猫  阅读(215)  评论(0编辑  收藏  举报