istio中使用serviceentry结合egressgateway实现多版本路由

假设有一个外部服务，外部服务ip为：10.10.102.90，其中32033为v1版本，32034为v2版本。

现在需要把这个服务引入到istio中，使用egressgateway转发访问该服务的流量，并且需要实现多版本路由，使得header中x-version的值为v1的路由到v1版本，x-version的值为v2的路由到v2版本。

使用serviceentry引入该服务

复制代码

apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
  name: gindemo-service-entry
spec:
  endpoints:
  - address: 10.10.102.90
    labels:
      version: v1
    ports:
      http: 32033
  - address: 10.10.102.90
    labels:
      version: v2
    ports:
      http: 32034
  hosts:
  - gindemo.test.ch
  location: MESH_EXTERNAL
  ports:
  - name: http
    number: 80
    protocol: HTTP
  resolution: STATIC

定义一个egress gateway：

bash 复制代码

apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: gindemo-egressgateway
spec:
  selector:
    istio: egressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - gindemo.test.ch

创建一个dr，作为流量入口，接收网格内请求外部服务的流量：

注意！该dr需要在创建在istio-system命名空间下

bash 复制代码

apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: egressgateway-for-gindemo
  namespace: istio-system
spec:
  host: istio-egressgateway-1-19-6.istio-system.svc.cluster.local
  subsets:
  - name: gindemo
  trafficPolicy:
    loadBalancer:
      simple: RANDOM

创建服务的dr，声明服务的多个版本：

bash 复制代码

apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: gindemo-destination-rule
spec:
  host: gindemo.test.ch
  subsets:
  - labels:
      version: v1
    name: v1
  - labels:
      version: v2
    name: v2
  trafficPolicy:
    loadBalancer:
      simple: RANDOM

创建一个vs，定义服务路由规则：

bash 复制代码

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: direct-gindemo-through-egress-gateway
spec:
  gateways:
  - gindemo-egressgateway # 接收来自网关的流量
  - mesh # 接收来自网格内的流量
  hosts:
  - gindemo.test.ch
  http:
  - match: # 该match实现将来自网格内的流量，转发到egressgateway
    - gateways:
      - mesh 
      port: 80
    route:
    - destination:
        host: istio-egressgateway-1-19-6.istio-system.svc.cluster.local
        port:
          number: 80
        subset: gindemo
      weight: 100
  - match: # 该match实现将来自egressgateway的流量转发到serviceentry
    - gateways:
      - gindemo-egressgateway
      headers:
        x-version:
          exact: v1
    route:
    - destination:
        host: gindemo.test.ch
        subset: v1
  - match: # 该match实现将来自egressgateway的流量转发到serviceentry
    - gateways:
      - gindemo-egressgateway
      headers:
        x-version:
          exact: v2
      port: 80
    route:
    - destination:
        host: gindemo.test.ch
        subset: v2