我试图了解如何在 Istio 中进行负载平衡。
Istio DestinationRule 定义了 Pod 之间流量平衡的规则。
K8s 服务类似管理 Pod 之间的流量负载平衡。
DestinationRule 定义主机,k8s 服务定义主机。
但是没有 k8s 服务,请求失败,http 代码为 503。
k8s 服务与 DestinationRule 有何关联?
最佳答案
Kubernetes 服务
Kubernetes 服务类型 ClusterIP用途 kube-proxy 的 iptables 规则 分发请求。
文档说:
By default, kube-proxy in userspace mode chooses a backend via a round-robin algorithm.
更多相关信息 here .
目的地规则
如前所述 here
You can think of virtual services as how you route your traffic to a given destination, and then you use destination rules to configure what happens to traffic for that destination. Destination rules are applied after virtual service routing rules are evaluated, so they apply to the traffic’s “real” destination.
Every HTTP route must have a target: a route, or a redirect. A route is a forwarding target, and it can point to one of several versions of a service described in DestinationRules. Weights associated with the service version determine the proportion of traffic it receives.
DestinationRule defines policies that apply to traffic intended for a service after routing has occurred.
和 here
While a virtual service matches on a rule and evaluates a destination to route the traffic to, destination rules define available subsets of the service to send the traffic.
For example, if you have a service that has multiple versions running at a time, you can create destination rules to define routes to those versions. Then use virtual services to map to a specific subset defined by the destination rules or split a percentage of the traffic to particular versions.
503 没有 Kubernetes 服务
But without k8s service, request failed with http code 503.
它失败是因为没有在虚拟服务和目标规则中指定的主机。
例如,看看这个 virtual service and destination rule .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews-route
spec:
hosts:
- reviews.prod.svc.cluster.local
http:
- name: "reviews-v2-routes"
match:
- uri:
prefix: "/wpcatalog"
route:
- destination:
host: reviews.prod.svc.cluster.local <---
subset: v2
- name: "reviews-v1-route"
route:
- destination:
host: reviews.prod.svc.cluster.local <---
subset: v1
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews-destination
spec:
host: reviews.prod.svc.cluster.local <---
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
host然后你会看到指定了你的 kubernetes 服务,没有它它就无法工作。此外,在设置路由规则以将流量定向到服务的特定版本(子集)时,必须注意确保子集在路由中使用之前可用。否则,在重新配置期间对服务的调用可能会返回 503 错误。
更多相关信息 here .
DestinationRule 定义主机,k8s 服务定义主机。
目标规则主机是您的 kubernetes 服务。 Kubernetes 服务主机是您的 Pod,
您可能想知道,但为什么我需要服务?
如前所述 here .
A Kubernetes Service is an abstraction which defines a logical set of Pods running somewhere in your cluster, that all provide the same functionality. When created, each Service is assigned a unique IP address (also called clusterIP). This address is tied to the lifespan of the Service, and will not change while the Service is alive. Pods can be configured to talk to the Service, and know that communication to the Service will be automatically load-balanced out to some pod that is a member of the Service.
Kubernetes 服务与 DestinationRule 相关
我找不到它是如何工作的确切信息,所以我将解释我是如何理解它的。
您需要 kubernetes 服务,这样虚拟服务和目标规则才能真正起作用。
由于 kubernetes 服务使用 kube-proxy 的 iptables 规则来分发请求,我假设 istio 目标规则可以用他自己的规则覆盖它,并通过 envoy sidecar 应用它们,因为您的网格服务发送和接收的所有流量(数据平面流量)通过 Envoy 代理,可以轻松地引导和控制网格周围的流量,而无需对您的服务进行任何更改。
更多相关信息 here .
其他资源:
如果您还有其他问题,请告诉我。
关于load-balancing - Istio DestinationRule 如何与 Kubernetes Service 相关?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64478467/