Istio - 将请求重定向到外部 url
Istio - redirect request to external url
我正在尝试使用 istio 在 Kubernetes 集群中设置代理服务。我创建了两个不同的域。如果域是 foo.com,则应将其重定向到外部 URL,否则应将其路由到应用程序服务器。我已经使用虚拟服务和服务条目配置了它。但是当我点击 foo.com 时,它正在跳过授权 header。我需要授权 header 来处理请求。有什么办法可以解决这个问题吗?提前致谢。
VirtualService.yaml
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: external-svc-https
spec:
hosts:
- foo.com
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: TLS
resolution: DNS
---
kind: VirtualService
apiVersion: networking.istio.io/v1alpha3
metadata:
name: redirect
namespace: default
labels:
app: foo
env: staging
spec:
hosts:
- foo.com
gateways:
- istio-system/gateway
http:
- match:
- uri:
prefix: /
redirect:
authority: bar.com
如果在 foo.com 域被命中时重定向
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: github
spec:
hosts:
- "raw.githubusercontent.com"
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: TLS
resolution: DNS
和
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: webserver
spec:
hosts:
- foo.com
http:
- match:
- uri:
regex: ".*"
rewrite:
uri: "/mcasperson/NodejsProxy/master/externalservice1.txt"
authority: raw.githubusercontent.com
route:
- destination:
host: raw.githubusercontent.com
port:
number: 443
规则
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: github
spec:
host: "raw.githubusercontent.com"
trafficPolicy:
tls:
mode: SIMPLE
我正在尝试使用 istio 在 Kubernetes 集群中设置代理服务。我创建了两个不同的域。如果域是 foo.com,则应将其重定向到外部 URL,否则应将其路由到应用程序服务器。我已经使用虚拟服务和服务条目配置了它。但是当我点击 foo.com 时,它正在跳过授权 header。我需要授权 header 来处理请求。有什么办法可以解决这个问题吗?提前致谢。
VirtualService.yaml
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: external-svc-https
spec:
hosts:
- foo.com
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: TLS
resolution: DNS
---
kind: VirtualService
apiVersion: networking.istio.io/v1alpha3
metadata:
name: redirect
namespace: default
labels:
app: foo
env: staging
spec:
hosts:
- foo.com
gateways:
- istio-system/gateway
http:
- match:
- uri:
prefix: /
redirect:
authority: bar.com
如果在 foo.com 域被命中时重定向
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: github
spec:
hosts:
- "raw.githubusercontent.com"
location: MESH_EXTERNAL
ports:
- number: 443
name: https
protocol: TLS
resolution: DNS
和
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: webserver
spec:
hosts:
- foo.com
http:
- match:
- uri:
regex: ".*"
rewrite:
uri: "/mcasperson/NodejsProxy/master/externalservice1.txt"
authority: raw.githubusercontent.com
route:
- destination:
host: raw.githubusercontent.com
port:
number: 443
规则
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: github
spec:
host: "raw.githubusercontent.com"
trafficPolicy:
tls:
mode: SIMPLE