DestinationRule 详解
欢迎关注我的:
⽬前刚开始写⼀个⽉,⼀共写了18篇原创⽂章,⽂章⽬录如下:
学习⽬标
什么是DestinationRule
与VirtualService ⼀样,DestinationRule 也是 Istio 流量路由功能的关键部分。您可以将虚拟服务视为将流量如何路由到给定⽬标地址,然后使⽤⽬标规则来配置该⽬标的流量。在评估虚拟服务路由规则之后,⽬标规则将应⽤于流量的“真实”⽬标地址。
特别是,您可以使⽤⽬标规则来指定命名的服务⼦集,例如按版本为所有给定服务的实例分组。然后可以在虚拟服务的路由规则中使⽤这些服务⼦集来控制到服务不同实例的流量。
⽬标规则还允许您在调⽤整个⽬的地服务或特定服务⼦集时定制 Envoy 的流量策略,⽐如您喜欢的负载均衡模型、TLS 安全模式或熔断器设置。在⽬标规则参考中可以看到⽬标规则选项的完整列表。
资源详解
host
string
必要字段。⽬标服务的名称。流量⽬标对应的服务,会在在平台的服务注册表(例如 Kubernetes 服务和Consul 服务)以及 ServiceEntry  注册中进⾏查,如果查失败,则丢弃流量。Kubernetes ⽤户注
意:当使⽤服务的短名称时(例如使⽤ reviews,⽽不是 reviews.default.svc.cluster.local),Istio 会根据规则所在的命名空间来处理这⼀名称,⽽⾮服务所在的命名空间。假设 default 命名空间的⼀条规则中包含了⼀个 reivews 的 host 引⽤,就会被视为 reviews.default.svc.cluster.local,⽽不会考虑reviews 服务所在的命名空间。为了避免可能的错误配置,建议使⽤ FQDN 来进⾏服务引⽤。
Yes
trafficPolicy TrafficPolicy流量策略,包括负载均衡、连接池策略、异常点检查等No subsets Subset[]是定义的⼀个服务的⼦集,经常⽤来定义⼀个服务版本,结合 VirtualService 使⽤No
exportTo string[]当前destination rule要导出的 namespace 列表。 应⽤于 service 的 destination rule 的解析发⽣在
namespace 层次结构的上下⽂中。 destination rule 的导出允许将其包含在其他 namespace 中的服务的解析层
次结构中。 此功能为服务所有者和⽹格管理员提供了⼀种机制,⽤于控制跨 namespace 边界的 destination rule
的可见性 如果未指定任何 namespace,则默认情况下将 destination rule 导出到所有 namespace 值. 被保留,
⽤于定义导出到 destination rule 被声明所在的相同 namespace 。类似的值*保留,⽤于定义导出到所有namespaces NOTE:在当前版本中,exportTo值被限制为.或*(即, 当前namespace或所有namespace)
No
host string 必要字段。⽬标服务的名称。流量⽬标对应的服务,会在在平台的服务注册表(例如 Kubernetes 服务和
Consul 服务)以及 ServiceEntry 注册中进⾏查,如果查失败,则丢弃流量。Kubernetes ⽤户注
意:当使⽤服务的短名称时(例如使⽤ reviews,⽽不是 reviews.default.svc.cluster.local),Istio
会根据规则所在的命名空间来处理这⼀名称,⽽⾮服务所在的命名空间。假设 default 命名空间的⼀条规则
中包含了⼀个 reivews 的 host 引⽤,就会被视为 reviews.default.svc.cluster.local,⽽不会考虑
reviews 服务所在的命名空间。为了避免可能的错误配置,建议使⽤ FQDN 来进⾏服务引⽤。
Yes
exportTo
1名称空间
1.7.0/destinationrule/dr-productpage-exportto-namespace.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: productpage
spec:
exportTo:
- 'istio-system'
host: productpage
subsets:
- name: v1
labels:
version: v1
2当前名称空间
1.7.0/destinationrule/dr-productpage-exportto-dot.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: productpage
spec:
exportTo:
- '.'
host: productpage.istio.svc.cluster.local
subsets:
- name: v1
labels:
version: v1
3 所有名称空间
1.7.0/destinationrule/dr-productpage-exportto-star.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: productpage
spec:
exportTo:
- '*'
host: productpage
subsets:
- name: v1
labels:
version: v1
host
短名称
1部署vs
1.7.0/destinationrule/hosts/vs-details.yaml
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: details
spec:
hosts:
- details
http:
- route:
- destination:
host: details
2部署dr
1.7.0/destinationrule/hosts/dr-details-hosts-short.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: details
spec:
host: details
长名称
1.7.0/destinationrule/hosts/dr-details-hosts-long.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: details
spec:
host: details.istio.svc.cluster.local
trafficPolicy
connectionPool
连接池策略
tcp
tcp连接池设置
Field Type Description Required maxConnections int32Maximum number of HTTP1 /TCP connections to a destination host. Default 2^32-1.No connectTimeout Duration TCP connection timeout.No tcpKeepalive TcpKeepalive If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.No TcpKeepalive
Field Type Description Required
prob es uint3
2
Maximum number of keepalive probes to send without response before deciding the connection is dead.
Default is to use the OS level configuration (unless overridden, Linux defaults to 9.)
No
time Durati
on
The time duration a connection needs to be idle before keep-alive probes start being sent. Default is to use
the OS level configuration (unless overridden, Linux defaults to 7200s (ie 2 hours.)
No
interv al Durati
on
The time duration between keep-alive probes. Default is to use the OS level configuration (unless overridden,
Linux defaults to 75s.)
No
1.7.0/destinationrule/trafficPolicy/dr-productpage-connectionPool-tcp.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: productpage
spec:
host: productpage
subsets:
- name: v1
labels:
version: v1
trafficPolicy:
connectionPool:
tcp:
maxConnections: 100
connectTimeout: 30ms
tcpKeepalive:
time: 7200s
interval: 75s
probes: 10
http
Field Type Description Required
http1M
axPen
dingR
equest
s
int32Maximum number of pending HTTP requests to a destination. Default 2^32-1.No
http2M
axReq
uests
int32Maximum number of requests to a backend. Default 2^32-1.No
maxR
equest sPerC onnect ion int32
Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive.
Default 0, meaning “unlimited”, up to 2^29.
No
maxR etries int32
Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to
2^32-1.
No
idleTi meout Durati
on
The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in
which there are no active requests. If not set, the default is 1 hour. When the idle timeout is reached t
he
connection will be closed. Note that request based timeouts mean that HTTP/2 PINGs will not keep the
connection alive. Applies to both HTTP1.1 and HTTP2 connections.
No
h2Upg radeP olicy H2Up
grade
Policy
Specify if http1.1 connection should be upgraded to http2 for the associated destination.No
Field Type Description Required
h2UpgradePolicy
Name Description
DEFAULT Use the global default.
DO_NOT_UPGRADE Do not upgrade the connection to http2. This opt-out option overrides the default.
UPGRADE Upgrade the connection to http2. This opt-in option overrides the default.
connectionPool-http.
1.7.0/destinationrule/trafficPolicy/dr-productpage-connectionPool-http.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: productpage
spec:
host: productpage
subsets:
- name: v1
labels:
version: v1
trafficPolicy:
connectionPool:
tcp:
maxConnections: 10
connectTimeout: 30ms
timeout was reachedtcpKeepalive:
time: 7200s
interval: 75s
probes: 10
http:
http2MaxRequests: 10
maxRequestsPerConnection: 1
http1MaxPendingRequests: 1
maxRetries: 1
idleTimeout: 10s
h2UpgradePolicy: DEFAULT
upstream connect error or disconnect/reset before headers. reset reason: overflow
destinationrule/trafficPolicy/dr-productpage-connectionPool-http-overflow.yaml

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。