반응형
구조는 아래 이미지와 같다.
호출 → Ingress → Envoy Service → Envoy Pod(로그 기록) → Backend Service → Pod
테스트용 백앤드 서비스 생성
kubectl create deployment service-1 --image=nginx --replicas=1
kubectl create deployment service-2 --image=nginx --replicas=1
kubectl create deployment service-3 --image=nginx --replicas=1
kubectl expose deployment service-1 --port=80 --target-port=80
kubectl expose deployment service-2 --port=80 --target-port=80
kubectl expose deployment service-3 --port=80 --target-port=80
Envoy ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: envoy-config
namespace: default
data:
envoy.yaml: |
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 15001
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress
route_config:
name: ingress_route
virtual_hosts:
- name: backend_services
domains:
- "*"
routes:
- match:
prefix: "/"
route:
cluster: service-1
http_filters:
- name: envoy.filters.http.lua
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua
inline_code: |
function envoy_on_request(handle)
local headers = handle:headers()
local log = "=== REQUEST HEADERS START ===\n"
for key, value in pairs(headers) do
log = log .. key .. ": " .. value .. "\n"
end
log = log .. "=== REQUEST HEADERS END ==="
handle:logInfo(log)
end
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
access_log:
- name: envoy.access_loggers.stdout
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog
log_format:
text_format: |
[START]
Remote Address: %DOWNSTREAM_REMOTE_ADDRESS%
Method: %REQ(:METHOD)%
Path: %REQ(:PATH)%
User-Agent: %REQ(USER-AGENT)%
Content-Type: %REQ(CONTENT-TYPE)%
Accept: %REQ(ACCEPT)%
Host: %REQ(HOST)%
Accept-Language: %REQ(ACCEPT-LANGUAGE)%
Content-Length: %REQ(CONTENT-LENGTH)%
Referrer: %REQ(REFERRER)%
Cookie: %REQ(COOKIE)%
X-Forwarded-For: %REQ(X-FORWARDED-FOR)%
X-Real-IP: %REQ(X-REAL-IP)%
Status: %RESP(:STATUS)%
TTTT Header: %REQ(tttt)%
Transfer-Encoding: %RESP(TRANSFER-ENCODING)%
Bytes Received: %BYTES_RECEIVED%
Bytes Sent: %BYTES_SENT%
Duration: %DURATION%
Requested Server Name: %REQUESTED_SERVER_NAME%
[END]
clusters:
- name: service-1
connect_timeout: 1s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: service-1
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service-1.default.svc.cluster.local
port_value: 80
Envoy Deployment & Service
apiVersion: apps/v1
kind: Deployment
metadata:
name: envoy
spec:
replicas: 1
selector:
matchLabels:
app: envoy
template:
metadata:
labels:
app: envoy
spec:
containers:
- name: envoy
image: envoyproxy/envoy:v1.29-latest
args: ["--config-path", "/etc/envoy/envoy.yaml"]
ports:
- containerPort: 15001
volumeMounts:
- name: config
mountPath: /etc/envoy
volumes:
- name: config
configMap:
name: envoy-config
---
apiVersion: v1
kind: Service
metadata:
name: envoy
spec:
selector:
app: envoy
ports:
- port: 15001
targetPort: 15001
ingress에서 특정 경로만 Envoy로 라우팅
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: test-ingress
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
ingressClassName: nginx
rules:
- host: test.local
http:
paths:
- path: /test1(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: envoy
port:
number: 15001
- path: /test2(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: service-2
port:
number: 80
- path: /test3(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: service-3
port:
number: 80반응형