我正在尝试使用 Istio 使用 VirtualServices 添加、覆盖和删除 header 。向请求添加 header 并从响应中删除 header 效果很好,但不会覆盖请求中的 header 。
因此,根据 Istio 文档, header 操作如下:
这是我的VirtualService:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: server-vs
spec:
hosts:
- server.istio.svc.cluster.local
http:
- headers:
request:
set:
test: "true"
add:
added: "header"
route:
- destination:
host: server.istio.svc.cluster.local
subset: apache
weight: 90
- destination:
host: server.istio.svc.cluster.local
subset: nginx
headers:
response:
remove:
- foo
weight: 10
专注于设置 header ,这是我的理解。 Istio 将识别带有 test 键的 header ,并将用 true 覆盖该值。因此,如果我使用 -H "test: hello" 参数来 curl 我的服务,我应该在请求中看到 test: true 。
现在,我已在后端 pod 中安装了 tcpdump,并且可以看到 added: header。我还可以看到 foo: bar 已被删除(我的 nginx 服务器正在返回 foo: bar 以及响应),但我看不到 test : true header 。我对 Istio header 操作的理解是否正确?
来自测试:
请求
/ # curl -H "test: hello" server
<h1>THIS IS AN ISTIO DEMO</h1>/ #
回应
15:47:27.387891 IP 192.168.49.58.39652 > 192.168.113.134.80: Flags [S], seq 2810811797, win 28000, options [mss 1400,sackOK,TS val 1900372734 ecr 0,nop,wscale 7], length 0
E..<d.@.>.....1:..q....P..........m`
3.....x...
qEb.........
15:47:27.388130 IP 192.168.49.58.39652 > 192.168.113.134.80: Flags [.], ack 2093848160, win 219, options [nop,nop,TS val 1900372735 ecr 3950379544], length 0
E..4d.@.>.....1:..q....P....|..`.....z.....
qEb..v..
15:47:27.388202 IP 192.168.49.58.39652 > 192.168.113.134.80: Flags [P.], seq 2810811798:2810812507, ack 2093848160, win 219, options [nop,nop,TS val 1900372735 ecr 3950379544], length 709: HTTP: GET / HTTP/1.1
E...d.@.>.....1:..q....P....|..`....S&.....
qEb..v..GET / HTTP/1.1
host: server
user-agent: curl/7.59.0
accept: */*
test: hello <-HERE IS THE HEADER THAT SUPPOSED TO BE OVERWRITTEN
x-forwarded-proto: http
x-request-id: 05ff2bb6-8810-9411-8a3b-7456066e1d16
x-envoy-decorator-operation: server-vs:80/*
x-istio-attributes: CjwKGGRlc3RpbmF0aW9uLnNlcnZpY2UuaG9zdBIgEh5zZXJ2ZXIuaXN0aW8uc3ZjLmNsdXN0ZXIubG9jYWwKOgoXZGVzdGluYXRpb24uc2VydmljZS51aWQSHxIdaXN0aW86Ly9pc3Rpby9zZXJ2aWNlcy9zZXJ2ZXIKJAoYZGVzdGluYXRpb24uc2VydmljZS5uYW1lEggSBnNlcnZlcgooCh1kZXN0aW5hdGlvbi5zZXJ2aWNlLm5hbWVzcGFjZRIHEgVpc3Rpbwo6Cgpzb3VyY2UudWlkEiwSKmt1YmVybmV0ZXM6Ly9jdXJsZXItNzU1Y2M3Y2ZmZi14dmxiMi5pc3Rpbw==
x-b3-traceid: 741c90fab1ca5e23802399916451563e
x-b3-spanid: 802399916451563e
x-b3-sampled: 1
added: header <- HERE IS THE ADDED HEADER
content-length: 0
15:47:27.390857 IP 192.168.49.58.39652 > 192.168.113.134.80: Flags [.], ack 2093848436, win 228, options [nop,nop,TS val 1900372737 ecr 3950379547], length 0
E..4d.@.>.....1:..q....P...[|..t...........
qEc..v..
但我期待看到test: true
最佳答案
一个愚蠢的事情解决了这个问题。看起来如果我在 yaml 文件中先定义 set 然后 add,它就不起作用,但如果我用 backwords 定义它,它就起作用。我猜这是一个错误。因此以下 yaml 有效:
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: server-vs
spec:
hosts:
- server.istio.svc.cluster.local
http:
- headers:
request:
add: <- add goes first
added: "header"
set: <- set goes second
test: "true"
route:
- destination:
host: server.istio.svc.cluster.local
subset: apache
weight: 90
- destination:
host: server.istio.svc.cluster.local
subset: nginx
headers:
response:
remove:
- foo
weight: 10
关于Istio 添加和删除 header ,但不覆盖,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59533472/