这篇文章给大家介绍Istio的本地运行是怎样的,内容非常详细,感兴趣的小伙伴们可以参考借鉴,希望对大家能有所帮助。
提供http/grpc两种接口,其中grpc是双向通道
可用命令:
./pilot-discovery discovery --kubeconfig /root/.kube/config --caCertFile ./docker_build/docker.pilot/cacert.pem
其中, /root/.kube/config 是本地 K8S 的配置文件 ./docker_build/docker.pilot/cacert.pem 是Istio编译后自带有的证书文件
同时,它还隐式的要求配置文件:./etc/istio/config/mesh,可用的一份如下(未必最简化):
计算
安全
数据库
网络和加速
企业服务
{
"disablePolicyChecks": true,
"disableMixerHttpReports": true,
"proxyListenPort": 15001,
"connectTimeout": "10s",
"protocolDetectionTimeout": "5s",
"defaultConfig": {
"configPath": "./etc/istio/proxy",
"binaryPath": "/usr/local/bin/envoy",
"serviceCluster": "istio-proxy",
"drainDuration": "45s",
"parentShutdownDuration": "60s",
"discoveryAddress": "localhost:15012",
"proxyAdminPort": 15000,
"controlPlaneAuthPolicy": "NONE",
"statNameLength": 189,
"concurrency": 2,
"envoyAccessLogService": {
},
"envoyMetricsService": {
},
"statusPort": 15020,
"terminationDrainDuration": "5s"
},
"outboundTrafficPolicy": {
"mode": "ALLOW_ANY"
},
"defaultServiceExportTo": [
"*"
],
"defaultVirtualServiceExportTo": [
"*"
],
"defaultDestinationRuleExportTo": [
"*"
],
"localityLbSetting": {
"enabled": true
},
"dnsRefreshRate": "5s",
"reportBatchMaxEntries": 100,
"reportBatchMaxTime": "1s",
"certificates": [
],
"thriftConfig": {
},
"serviceSettings": [
]
}可通过http/grpc两种方式访问pilot-discovery,具体细分为 GPRC/DELTAGRPC/REST 等 其中DELTA前缀,表示:增量获取,且获取后断开本次链接
可用命令
./envoy -c envoy.yaml
其中,envoy.yaml 内容为(未必最简化):
{
"node": {
"id": "router~172.26.33.33~istio123456~local",
"cluster": "localhost-cluster",
"locality": {
}
},
"admin": {
"access_log_path": "/dev/null",
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 15000
}
}
},
"dynamic_resources": {
"lds_config": {
"ads": {}
},
"cds_config": {
"ads": {}
},
"ads_config": {
"api_type": "GRPC",
"grpc_services": [
{
"envoy_grpc": {
"cluster_name": "xds-grpc"
}
}
]
}
},
"static_resources": {
"clusters": [
{
"name": "xds-grpc",
"type": "STRICT_DNS",
"respect_dns_ttl": true,
"dns_lookup_family": "V4_ONLY",
"connect_timeout": "1s",
"lb_policy": "ROUND_ROBIN",
"load_assignment": {
"cluster_name": "xds-grpc",
"endpoints": [{
"lb_endpoints": [{
"endpoint": {
"address":{
"socket_address": {"address": "127.0.0.1", "port_value": 15010}
}
}
}]
}]
},
"circuit_breakers": {
"thresholds": [
{
"priority": "DEFAULT",
"max_connections": 100000,
"max_pending_requests": 100000,
"max_requests": 100000
},
{
"priority": "HIGH",
"max_connections": 100000,
"max_pending_requests": 100000,
"max_requests": 100000
}
]
},
"upstream_connection_options": {
"tcp_keepalive": {
"keepalive_time": 300
}
},
"max_requests_per_connection": 1,
"http2_protocol_options": { }
}
]
}
}当envoy启动后,可在浏览器通过 http://所在可访问IP:15000/ 访问 envoy 的简单管理界面(说是管理,其实大多仅可看,不可编辑)
关于Istio的本地运行是怎样的就分享到这里了,希望以上内容可以对大家有一定的帮助,可以学到更多知识。如果觉得文章不错,可以把它分享出去让更多的人看到。
亿速云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
原文链接:https://my.oschina.net/kakablue/blog/4473010
