使用 Lua 脚本扩展 Waypoint
Istio 提供了通过 TrafficExtension
API 使用内联 Lua 脚本来扩展 waypoint 代理的能力。在 Ambient 模式下,
TrafficExtension 资源必须通过 targetRefs 绑定到 waypoint 代理。
开始之前
按照 Ambient 模式快速入门指南 安装 Istio。
部署 Bookinfo 示例应用。
将 curl 示例应用作为测试源部署:
$ kubectl apply -f @samples/curl/curl.yaml@
在网关上使用
获取网关名称:
$ kubectl get gateway
NAME CLASS ADDRESS PROGRAMMED AGE
bookinfo-gateway istio bookinfo-gateway-istio.default.svc.cluster.local True 42m创建一个 TrafficExtension,目标为 bookinfo-gateway,使用 Lua 奇偶性过滤器。该过滤器读取请求头
x-number,并在响应头中添加 x-parity,表示该值是奇数还是偶数。该值在请求处理过程中存储在动态元数据中,以便在响应阶段使用:
$ kubectl apply -f - <<EOF
apiVersion: extensions.istio.io/v1alpha1
kind: TrafficExtension
metadata:
name: parity-at-gateway
spec:
targetRefs:
- kind: Gateway
group: gateway.networking.k8s.io
name: bookinfo-gateway
phase: STATS
lua:
inlineCode: |
function envoy_on_request(request_handle)
local number = tonumber(request_handle:headers():get("x-number"))
if number == nil then return end
local parity = number % 2 == 0 and "even" or "odd"
request_handle:streamInfo():dynamicMetadata():set(
"envoy.filters.http.lua", "parity", parity)
end
function envoy_on_response(response_handle)
local meta = response_handle:streamInfo():dynamicMetadata():get(
"envoy.filters.http.lua")
if meta == nil then return end
response_handle:headers():add("x-parity", meta["parity"])
end
EOF验证通过网关的流量
$ kubectl exec deploy/curl -- curl -s -o /dev/null -D - -H "x-number: 4" "http://bookinfo-gateway-istio.default.svc.cluster.local/productpage" | grep x-parity
x-parity: even在 waypoint 上(针对某个命名空间内所有服务)
部署 waypoint 代理
按照 waypoint 部署说明 在 bookinfo 命名空间中部署 waypoint:
$ istioctl waypoint apply --enroll-namespace --wait验证流量是否能够到达服务:
$ kubectl exec deploy/curl -- curl -s -w "%{http_code}" -o /dev/null http://productpage:9080/productpage
200获取 waypoint 网关名称:
$ kubectl get gateway
NAME CLASS ADDRESS PROGRAMMED AGE
bookinfo-gateway istio bookinfo-gateway-istio.default.svc.cluster.local True 23h
waypoint istio-waypoint 10.96.202.82 True 21h创建一个目标为 waypoint 的 TrafficExtension:
$ kubectl apply -f - <<EOF
apiVersion: extensions.istio.io/v1alpha1
kind: TrafficExtension
metadata:
name: parity-at-waypoint
spec:
targetRefs:
- kind: Gateway
group: gateway.networking.k8s.io
name: waypoint
phase: STATS
lua:
inlineCode: |
function envoy_on_request(request_handle)
local number = tonumber(request_handle:headers():get("x-number"))
if number == nil then return end
local parity = number % 2 == 0 and "even" or "odd"
request_handle:streamInfo():dynamicMetadata():set(
"envoy.filters.http.lua", "parity", parity)
end
function envoy_on_response(response_handle)
local meta = response_handle:streamInfo():dynamicMetadata():get(
"envoy.filters.http.lua")
if meta == nil then return end
response_handle:headers():add("x-parity", meta["parity"])
end
EOF验证通过 waypoint 代理的流量
$ kubectl exec deploy/curl -- curl -s -o /dev/null -D - -H "x-number: 7" http://productpage:9080/productpage | grep x-parity
x-parity: odd在 waypoint 上(针对特定服务)
删除命名空间级别的过滤器,并替换为仅作用于 reviews 服务的过滤器:
$ kubectl delete trafficextension parity-at-waypoint创建一个直接针对 reviews 服务的 TrafficExtension,使过滤器仅作用于该服务的流量:
$ kubectl apply -f - <<EOF
apiVersion: extensions.istio.io/v1alpha1
kind: TrafficExtension
metadata:
name: parity-for-reviews
spec:
targetRefs:
- kind: Service
group: ""
name: reviews
match:
- mode: SERVER
phase: STATS
lua:
inlineCode: |
function envoy_on_request(request_handle)
local number = tonumber(request_handle:headers():get("x-number"))
if number == nil then return end
local parity = number % 2 == 0 and "even" or "odd"
request_handle:streamInfo():dynamicMetadata():set(
"envoy.filters.http.lua", "parity", parity)
end
function envoy_on_response(response_handle)
local meta = response_handle:streamInfo():dynamicMetadata():get(
"envoy.filters.http.lua")
if meta == nil then return end
response_handle:headers():add("x-parity", meta["parity"])
end
EOF验证指向服务的流量
$ kubectl exec deploy/curl -- curl -s -o /dev/null -D - -H "x-number: 3" http://reviews:9080/reviews/1 | grep x-parity
x-parity: odd清理
移除
TrafficExtension资源:$ kubectl delete trafficextension parity-at-gateway parity-for-reviews按照 Ambient 模式卸载指南移除 Istio 和示例应用。