From 73b4959b4506c28d977813b79414d41231ad73ef Mon Sep 17 00:00:00 2001 From: savagebidoof Date: Thu, 4 May 2023 03:24:28 +0200 Subject: [PATCH] 02-DirectResponse-HTTP-Body documented --- .../02-DirectResponse-HTTP-Body/README.md | 284 +++++++++++++++++- .../{Services.yaml => Service.yaml} | 3 +- .../VirtualService.yaml | 3 +- 3 files changed, 282 insertions(+), 8 deletions(-) rename 02-Traffic_management/02-DirectResponse-HTTP-Body/{Services.yaml => Service.yaml} (88%) diff --git a/02-Traffic_management/02-DirectResponse-HTTP-Body/README.md b/02-Traffic_management/02-DirectResponse-HTTP-Body/README.md index 43b6ce0..b07c498 100755 --- a/02-Traffic_management/02-DirectResponse-HTTP-Body/README.md +++ b/02-Traffic_management/02-DirectResponse-HTTP-Body/README.md @@ -1,7 +1,283 @@ -https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPDirectResponse -https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPBody +--- +gitea: none +include_toc: true +--- + +# Description + +Based on the [previous example](../../01-Getting_Started/01-hello_world_1_service_1_deployment), we configure the [VirtualService](#virtualservice) to return a specific response to the client with the contents of our choice. + +This example configures: + + Generic Kubernetes resources: + - 1 Service + - 1 Deployments + + Istio resources: + - 1 Gateway + - 1 Virtual Service -# Continues from +# Based on -- 01-hello_world_1_service_1_deployment +- [01-hello_world_1_service_1_deployment](../../01-Getting_Started/01-hello_world_1_service_1_deployment) + +# Configuration + +## Service + +Creates a service named `helloworld`. + +This service listens for the port `80` expecting `HTTP` traffic and will forward the incoming traffic towards the port `80` from the destination pod. + +```yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +``` + +## Deployment + +Deploys a Nginx server that listens for the port `80`. + +```yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 +``` + +## Gateway + +Deploys an Istio gateway that's listening to the port `80` for `HTTP` traffic. + +It doesn't filter for any specific host. + +The `selector` field is used to "choose" which Istio Load Balancers will have this gateway assigned to. + +The Istio `default` profile creates a Load Balancer in the namespace `istio-system` that has the label `istio: ingressgateway` set, allowing us to target that specific Load Balancer and assign this gateway resource to it. + +```yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +``` + +## VirtualService + +The configuration set, targets the [gateway created](#gateway) as well of not limiting the traffic to any specific host. + +We configure 2 rules for HTTP traffic (this includes `HTTPS` and `HTTP2`, this will be my last warning about this). + +The first rule configure will match when the requested path is `/helloworld`. + +This traffic will be forwarded to the service `helloworld.default.svc.cluster.local` with port `80`. + +The second rule, which will manage the rest of the traffic, will return a response with status code `404`, and body content set to `Page Not Found`. + +Additionally, for consistency and good practices purposes, we also specified the content type of the page to `text/plain`. + +```yaml +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - name: helloworld + match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + rewrite: + uri: "/" + - name: default + directResponse: + status: 404 + body: + string: "Page Not Found" + headers: + response: + set: + content-type: "text/plain" +``` + +# Walkthrough + +## Deploy resources + +Deploy the resources. + +```shell +kubectl apply -f ./ +``` +```text +deployment.apps/helloworld-nginx created +gateway.networking.istio.io/helloworld-gateway created +service/helloworld created +virtualservice.networking.istio.io/helloworld-vs created +``` + +## Wait for the pods to be ready + +Wait for the Apache and Nginx deployments to be up and ready. + +```shell +kubectl get deployment helloworld-nginx -w +``` +```text +NAME READY UP-TO-DATE AVAILABLE AGE +helloworld-v1 1/1 1 1 4m1s +helloworld-v2 1/1 1 1 4m1s +``` + +## Test the service + +### Get LB IP + +To perform the desired tests, we will need to obtain the IP Istio Load Balancer that we selected in the [Gateway section](#gateway). + +On my environment, the IP is the `192.168.1.50`. + +```shell +kubectl get svc -l istio=ingressgateway -A +``` +```text +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h +``` + +### helloworld + +As expected, we receive the contents from the Nginx contents + +```shell +curl 192.168.1.50/helloworld -s | grep "

.*

" +``` +```text +

Welcome to nginx!

+``` +### other paths + +#### / + +We receive the contents "Page Not Found". + +```shell +curl 192.168.1.50/ +``` + +```text +Page Not Found +``` + +Checking the headers, we also can see the status code is set to `404`, as well of the content-type we specified on the [VirtualService configuration](#virtualservice). + +```shell +curl 192.168.1.50/ -I +``` + +```text +HTTP/1.1 404 Not Found +content-type: text/plain +content-length: 14 +date: Thu, 04 May 2023 01:18:50 GMT +server: istio-envoy +``` + + + +#### /found + +We can confirm that this behavior applies to other paths (as it is matching the "default" rule we set in [VirtualService configuration]). + +```shell +curl 192.168.1.50/found +``` + +```text +Page Not Found +``` + +```shell +curl 192.168.1.50/found -I +``` + +```text +HTTP/1.1 404 Not Found +content-type: text/plain +content-length: 14 +date: Thu, 04 May 2023 01:20:40 GMT +server: istio-envoy +``` + + +## Cleanup + +Finally, a cleanup from the resources deployed. + +```shell +kubectl delete -f ./ +``` +```text +deployment.apps "helloworld-nginx" deleted +gateway.networking.istio.io "helloworld-gateway" deleted +service "helloworld" deleted +virtualservice.networking.istio.io "helloworld-vs" deleted +``` + +# Links of interest + +- https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPDirectResponse + +- https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPBody diff --git a/02-Traffic_management/02-DirectResponse-HTTP-Body/Services.yaml b/02-Traffic_management/02-DirectResponse-HTTP-Body/Service.yaml similarity index 88% rename from 02-Traffic_management/02-DirectResponse-HTTP-Body/Services.yaml rename to 02-Traffic_management/02-DirectResponse-HTTP-Body/Service.yaml index 9a68f29..271ce25 100644 --- a/02-Traffic_management/02-DirectResponse-HTTP-Body/Services.yaml +++ b/02-Traffic_management/02-DirectResponse-HTTP-Body/Service.yaml @@ -10,5 +10,4 @@ spec: - port: 80 name: http selector: - app: helloworld ---- \ No newline at end of file + app: helloworld \ No newline at end of file diff --git a/02-Traffic_management/02-DirectResponse-HTTP-Body/VirtualService.yaml b/02-Traffic_management/02-DirectResponse-HTTP-Body/VirtualService.yaml index 8581813..11574c3 100755 --- a/02-Traffic_management/02-DirectResponse-HTTP-Body/VirtualService.yaml +++ b/02-Traffic_management/02-DirectResponse-HTTP-Body/VirtualService.yaml @@ -1,4 +1,3 @@ ---- apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: @@ -15,7 +14,7 @@ spec: exact: /helloworld route: - destination: - host: helloworld + host: helloworld.default.svc.cluster.local port: number: 80 rewrite: