istio部署demoapp應用 (十四）sidecar

建立client

~# kubectl run client --image=ikubernetes/admin-box -it --rm --restart=Never --command -- /bin/sh
If you don't see a command prompt, try pressing enter.
root@client #

檢視pod

# kubectl get pod --show-labels 
NAME                          READY   STATUS    RESTARTS   AGE   LABELS
client                        2/2     Running   0          30s   run=client,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=client,service.istio.io/canonical-revision=latest
demoappv10-78b6586d58-7jm25   2/2     Running   0          30m   app=demoapp,pod-template-hash=78b6586d58,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=demoapp,service.istio.io/canonical-revision=v1.0,version=v1.0
demoappv10-78b6586d58-jmjrs   2/2     Running   0          30m   app=demoapp,pod-template-hash=78b6586d58,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=demoapp,service.istio.io/canonical-revision=v1.0,version=v1.0
demoappv11-78bf898c74-5r78m   2/2     Running   0          30m   app=demoapp,pod-template-hash=78bf898c74,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=demoapp,service.istio.io/canonical-revision=v1.1,version=v1.1
demoappv11-78bf898c74-f6xzm   2/2     Running   0          30m   app=demoapp,pod-template-hash=78bf898c74,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=demoapp,service.istio.io/canonical-revision=v1.1,version=v1.1
proxy-649b4d887d-g6bnm        2/2     Running   0          28m   app=proxy,pod-template-hash=649b4d887d,security.istio.io/tlsMode=istio,service.istio.io/canonical-name=proxy,service.istio.io/canonical-revision=latest

檢視svc

~# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
demoapp      ClusterIP   10.100.127.199   <none>        8080/TCP   46m
kubernetes   ClusterIP   10.100.0.1       <none>        443/TCP    18d
proxy        ClusterIP   10.100.229.205   <none>        80/TCP     44m

檢視listeners

~# kubectl exec -it client -c istio-proxy -- pilot-agent request GET /listeners
42ebe263-b277-409b-83a9-c66c184e710e::0.0.0.0:15090
5182c664-4c5a-4407-8a89-2b762113de65::0.0.0.0:15021
10.100.0.2_53::10.100.0.2:53
10.100.149.76_15012::10.100.149.76:15012
10.100.121.95_443::10.100.121.95:443
10.100.145.112_15443::10.100.145.112:15443
10.100.0.1_443::10.100.0.1:443
10.100.145.112_443::10.100.145.112:443
10.100.145.112_31400::10.100.145.112:31400
10.100.149.76_443::10.100.149.76:443
0.0.0.0_80::0.0.0.0:80
0.0.0.0_9090::0.0.0.0:9090
0.0.0.0_8080::0.0.0.0:8080
10.100.0.2_9153::10.100.0.2:9153
10.100.107.86_443::10.100.107.86:443
0.0.0.0_15014::0.0.0.0:15014
10.100.145.112_15021::10.100.145.112:15021
0.0.0.0_16685::0.0.0.0:16685
10.100.126.122_14268::10.100.126.122:14268
10.100.128.238_8000::10.100.128.238:8000
0.0.0.0_15010::0.0.0.0:15010
0.0.0.0_20001::0.0.0.0:20001
10.100.126.122_14250::10.100.126.122:14250
0.0.0.0_9411::0.0.0.0:9411
10.100.162.68_3000::10.100.162.68:3000
virtualOutbound::0.0.0.0:15001
virtualInbound::0.0.0.0:15006

建立sidecar

sidecar-demo.yaml

apiVersion: networking.istio.io/v1beta1
kind: Sidecar
metadata:
  name: client
  namespace: default
spec:
  workloadSelector:
    labels:
      run: client
  outboundTrafficPolicy:
    # mode: REGISTRY_ONLY
    mode: ALLOW_ANY
  egress:
  - port:
      number: 8080
      protocol: HTTP
      name: demoapp
    hosts:
    - "./*"

apiVersion: networking.istio.io/v1beta1
kind: Sidecar
metadata:
  name: client
  namespace: default
spec:
  workloadSelector:
    labels:
      run: client
  outboundTrafficPolicy:
    mode: REGISTRY_ONLY
    #mode: ALLOW_ANY
  egress:
  - port:
      number: 8080
      protocol: HTTP
      name: demoapp
    hosts:
    - "./*"
  - port:
      number: 80
      protocol: HTTP
      name: proxy
    hosts:
    - "./*"

建立sidecar資源

# kubectl apply -f sidecar-demo.yaml 
sidecar.networking.istio.io/proxy created

檢視sidecar資源

# kubectl get sidecar
NAME    AGE
client   52s

檢視proxy pod listeners

~# kubectl exec -it client -c istio-proxy -- pilot-agent request GET /listeners
42ebe263-b277-409b-83a9-c66c184e710e::0.0.0.0:15090
5182c664-4c5a-4407-8a89-2b762113de65::0.0.0.0:15021
0.0.0.0_8080::0.0.0.0:8080
virtualOutbound::0.0.0.0:15001
virtualInbound::0.0.0.0:15006
# 0.0.0.0_80::0.0.0.0:80

通路demoapp

root@client # while true;do curl demoapp:8080;curl proxy ; sleep 0.5 ;done

檢視kiali

istio部署demoapp應用 (十四）sidecar

建立client

檢視pod

檢視svc

檢視listeners

建立sidecar

sidecar-demo.yaml

建立sidecar資源

檢視sidecar資源

檢視proxy pod listeners

通路demoapp

檢視kiali

參考文檔

繼續閱讀

HDU 4719 Oh My Holy FFF

CSU 1561 (More) Multiplication

CSU 1563 Lexicography

HDU 4721 Food and Productivity

ZOJ 1041 Transmitters

CSU 1562 Fun House

CodeChef PALPROB Palindromeness

UVA 10344- 23 out of 5

ZOJ 1104 Leaps Tall Buildings

HDU 2821 Pusher

UVA 1401 Remember the Word

ZOJ 2748 Free Kick

CSU 1567 Reverse Rot

JAVA 系列——>開發工具IntelliJ IDEA的安裝以及配置、快捷鍵IDEA 簡介

UVA 519 Puzzle (II)

磁盤結構及在Linux中的命名