注:以下讲述的按理环境场景是基于Kubernetes环境基础上部署的Istio环境。
涉及到特使概念介绍请参考深度解析Istio系列之流量控制篇。本文重点针对特使初始化场景进行拆解。
Istio-proxy(特使)作为Istio数据平面的重要组件,基于双轮马车方式与业务应用混合部署到同一仓,为应用提供代理服务.Pilot作为控制平面组件,基于元数据的抽象层,屏蔽底层具体容器环境(Kubernetes或者码头工人),同时为特使的策略执行提供有效的数据支撑。那么特使如何获取飞行员所在地址的信息呢?
下面通过官网BookInfo案例中Productpage服务的配置文件来说明。
舱容器说明
执行kubectl部署productpage-v1 - o yaml,获取productpage部署模板,如下所示:
<代码> apiVersion:扩展/v1beta1 :部署 元数据: 注释: deployment.kubernetes。io/修订:“2” kubectl.kubernetes。io/last-applied-configuration: | {"apiVersion":"extensions/v1beta1","kind":"Deployment","metadata":{"annotations":{},"creationTimestamp":null,"name":"productpage-v1","namespace":"default"},"spec":{"replicas":1,"strategy":{},"template":{"metadata":{"annotations":{"sidecar.istio.io/status":"{"version":"50128f63e7b050c58e1cdce95b577358054109ad2aff4bc4995158c06924a43b","initContainers":["istio-init"],"containers":["istio-proxy"],"volumes":["istio-envoy","istio-certs"],"imagePullSecrets":null}"},"creationTimestamp":null,"labels":{"app":"productpage","version":"v1"}},"spec":{"containers":[{"image":"istio/examples-bookinfo-productpage-v1:1.8.0","imagePullPolicy":"IfNotPresent","name":"productpage","ports":[{"containerPort":9080}],"resources":{}},{"args":["proxy","sidecar","--configPath","/etc/istio/proxy","--binaryPath","/usr/local/bin/envoy","--serviceCluster","productpage","--drainDuration","45s","--parentShutdownDuration","1m0s","--discoveryAddress","istio-pilot.istio-system:15007","--discoveryRefreshDelay","1s","--zipkinAddress","zipkin.istio-system:9411","--connectTimeout","10s","--proxyAdminPort","15000","--controlPlaneAuthPolicy","NONE"],"env":[{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"INSTANCE_IP","valueFrom":{"fieldRef":{"fieldPath":"status.podIP"}}},{"name":"ISTIO_META_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"ISTIO_META_INTERCEPTION_MODE","value":"REDIRECT"},{"name":"ISTIO_METAJSON_LABELS","value":"{"app":"productpage","version":"v1"}\n"}],"image":"docker.io/istio/proxyv2:1.0.5","imagePullPolicy":"IfNotPresent","name":"istio-proxy","ports":[{"containerPort":15090,"name":"http-envoy-prom","protocol":"TCP"}],"resources":{"requests":{"cpu":"10m"}},"securityContext":{"readOnlyRootFilesystem":true,"runAsUser":1337},"volumeMounts":[{"mountPath":"/etc/istio/proxy","name":"istio-envoy"},{"mountPath":"/etc/certs/","name":"istio-certs","readOnly":true}]}],"initContainers":[{"args":["-p","15001","-u","1337","-m","REDIRECT","-i","*","-x","","-b","9080","-d",""],"image":"docker.io/istio/proxy_init:1.0.5","imagePullPolicy":"IfNotPresent","name":"istio-init","resources":{},"securityContext":{"capabilities":{"add":["NET_ADMIN"]},"privileged":true}}],"volumes":[{"emptyDir":{"medium":"Memory"},"name":"istio-envoy"},{"name":"istio-certs","secret":{"optional":true,"secretName":"istio.default"}}]}}},"status":{}} creationTimestamp: 2018 - 12 - 18 - t01:51:18z 代:2 标签: 应用:productpage v1版本: 名称:productpage-v1 名称空间:默认 resourceVersion:“17402700” selfLink:/api/扩展/v1beta1/命名空间//部署/productpage-v1违约 uid: 695 ba22c - 0267 - 11 - e9 - 8475 - 0050569 - c62d0 规范: progressDeadlineSeconds: 600 副本:1 revisionHistoryLimit: 10 选择器: matchLabels: 应用:productpage v1版本: 策略: rollingUpdate: maxSurge: 1 maxUnavailable: 1 类型:RollingUpdate 模板: 元数据: 注释: sidecar.istio。io/状态:{“版本”:“50128 f63e7b050c58e1cdce95b577358054109ad2aff4bc4995158c06924a43b”、“initContainers”:“istio-init”,“容器”:“istio-proxy”,“卷”:“istio-envoy”、“istio-certs”,“imagePullSecrets”:零}” creationTimestamp:零 标签: 应用:productpage v1版本: 规范: 容器: ——图片:istio/examples-bookinfo-productpage-v1:1.8.0 imagePullPolicy: IfNotPresent 名称:productpage 港口: - containerPort: 9080 TCP协议: 资源:{} terminationMessagePath:/dev/termination-log terminationMessagePolicy:文件 - arg游戏: -代理 ——双轮马车 ————configPath ——/etc/istio/proxy ————binaryPath ——/usr/local/bin/envoy ————serviceCluster ——productpage ————drainDuration - 45 ————parentShutdownDuration - 1 m0 ————discoveryAddress - istio-pilot.istio-system: 15007 ————discoveryRefreshDelay - - - - - - 1 ————zipkinAddress - zipkin.istio-system: 9411 ————connectTimeout - 10年代 ————proxyAdminPort ——“15000” ————controlPlaneAuthPolicy ——没有一个 env: ——名称:POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name ——名称:POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace ——名称:INSTANCE_IP valueFrom: fieldRef: apiVersion: v1 fieldPath: status.podIP ——名称:ISTIO_META_POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name ——名称:ISTIO_META_INTERCEPTION_MODE 价值:重定向 ——名称:ISTIO_METAJSON_LABELS 价值:| {“应用程序”:“productpage”、“版本”:“v1”} 图片:docker.io/istio/proxyv2:1.0.5 null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null null深度解析Istio系列之Istio-proxy初始化篇
