流量治理的原理 —— VirutalService —— TLSRoute
https://istio.io/latest/docs/reference/config/networking/virtual-service/#TLSRoute
Describes match conditions and actions for routing unterminated TLS traffic (TLS/HTTPS) The following routing rule forwards unterminated TLS traffic arriving at port 443 of gateway called “mygateway” to internal services in the mesh based on the SNI value.
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: bookinfo-sni spec: hosts: - "*.bookinfo.com" gateways: - mygateway tls: - match: - port: 443 sniHosts: - login.bookinfo.com route: - destination: host: login.prod.svc.cluster.local - match: - port: 443 sniHosts: - reviews.bookinfo.com route: - destination: host: reviews.prod.svc.cluster.local
Field | Type | Description | Required |
match | TLSMatchAttributes[] | Match conditions to be satisfied for the rule to be activated. All conditions inside a single match block have AND semantics, while the list of match blocks have OR semantics. The rule is matched if any one of the match blocks succeed. | Yes |
route | RouteDestination[] |
The destination to which the connection should be forwarded to. |
No |
- VirutalService TLSRoute 流量 原理 Istiovirutalservice tlsroute流量 原理 routedestination virutalservice流量 原理 virutalservice httpredirect流量 原理 httpmatchrequest virutalservice流量 原理 virutalservice httproute流量 原理 virutalservice流量 原理headers virutalservice delegate流量 原理 virtualservice流量 原理istio 流量istio 流量 时间istio