Versions Compared

Old Version 20

changes.mady.by.user Pramod Raghavendra Jayathirth

Saved on

compared with

New Version 21

changes.mady.by.user Pramod Raghavendra Jayathirth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Name of the ClusterMicroserviceIstio ConfigurationComments
Cluster01
  1. echo
  2. sleep 


MicroserviceResource
commonserviceEntry (httpbin)
echodestinationRule for simple TLS
sleepdestinationRule for simple TLS






Cluster02httpbin


MicroserviceResource
httpbin

destinationRule for simple TLSdestinationRule for Loadbalancing, Loadbalancing and circuit breaking

AuthorizationPolicy for Access Control




Cluster01 Resources

  1. ServiceEntry - To enable sleep to access httpbin  
Code Block
languageyml
themeEclipse
titleServiceEntry
linenumberstrue
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
  name: servicename-httpbin
spec:
  hosts:
  # template for the remote service name - <servicename.namespace.global>
  # Treat remote cluster services as part of the service mesh
  # as all clusters in the service mesh share the same root of trust.
  location: MESH_INTERNAL
  ports:
  - name: http1
    number: 8000
    protocol: http
  resolution: DNS
  addresses:
  # the IP address to which httpbin.<namespace>.<logicalcloudname> will resolve to
  # must be unique for each remote service, within a given cluster.
  # This address need not be routable. Traffic for this IP will be captured
  # by the sidecar and routed appropriately.
  - 240.0.0.2
  endpoints:
  # This is the routable address of the istio ingress gateway in cluster02
  # routed to this address.
  - address: 172.25.55.50
    ports:
      http1: 15443 //Sni. Do not change this

Cluster 02 Resources

  1. DestinationRule for simple TLS, Loadbalancing and circuit breaking 
Code Block
languageyml
themeEclipse
firstlinesa
titleServiceEntry
linenumberstrue
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: httpbin-dr
  namespace: scene2
spec:
  host: "httpbin.scene2.svc.cluster.local"
  trafficPolicy:
    tls:
      mode: ISTIO_MUTUAL
    loadbalancer:
      consistentHash:
        httpCookie: "user1"
    connectionPool:
      tcp:
        maxConnections: 10
      http:
        http2MaxRequests: 1000
        maxRequestsPerConnection: 100
    outlierDetection:
      consecutiveErrors: 7
      interval: 5m
      baseEjectionTime: 15m