salrashid123
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ istioctl create -f destination-rule.yaml | |
| $ kubectl get po,deployments,svc,ing | |
| NAME READY STATUS RESTARTS AGE | |
| po/be-v1-16151855-r8hn1 2/2 Running 0 29s | |
| po/be-v2-4191276971-6j9q3 2/2 Running 0 28s | |
| po/myapp-v1-2518991625-h521p 2/2 Running 0 29s | |
| NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE | |
| deploy/be-v1 1 1 1 1 29s | |
| deploy/be-v2 1 1 1 1 29s |
salrashid123
/ istio_destination_round_robin.yaml
Created
February 6, 2018 15:25
istio_destination_round_robin
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: config.istio.io/v1alpha2 | |
| kind: DestinationPolicy | |
| metadata: | |
| name: be-lb-policy | |
| namespace: default | |
| spec: | |
| source: | |
| name: myapp | |
| destination: | |
| name: be |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ for i in {1..1000}; do curl -k https://$GATEWAY_IP/hostz; done | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v2-4191276971-6j9q3] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v2-4191276971-6j9q3] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v2-4191276971-6j9q3] node: [gke-cluster- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ for i in {1..1000}; do curl -k https://$GATEWAY_IP/hostz; done | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v2-4191276971-6j9q3] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v2-4191276971-6j9q3] node: [gke-cluster-1-default-pool-94718a04-lrb5]","statusCode":200}] | |
| [{"url":"http://be.default.svc.cluster.local:8080/backend","body":"pod: [be-v1-16151855-r8hn1] node: [gke-cluster-1- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: config.istio.io/v1alpha2 | |
| kind: EgressRule | |
| metadata: | |
| name: allow-googleapis-egress-rule | |
| spec: | |
| destination: | |
| service: www.bbc.com | |
| ports: | |
| - port: 443 | |
| protocol: https |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "url": "http:\/\/www.cnn.com:443\/", | |
| "statusCode": { | |
| "name": "RequestError", | |
| "message": "Error: read ECONNRESET", | |
| { | |
| "url": "http:\/\/www.bbc.com:443\/robots.txt", | |
| "statusCode": { | |
| "name": "RequestError", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "url": "http:\/\/www.cnn.com:443\/", | |
| "body": "", | |
| "statusCode": 404 | |
| }, | |
| { | |
| "url": "http:\/\/www.bbc.com:443\/robots.txt", | |
| "statusCode": 200 | |
| }, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://github.com/istio/istio/releases/download/0.7.0/istio-0.7.0-linux.tar.gz | |
| tar xvf istio-0.7.0-linux.tar.gz | |
| cd istio-0.7.0/ | |
| kubectl create -f install/kubernetes/istio.yaml | |
| ./install/kubernetes/webhook-create-signed-cert.sh \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -s https://raw.githubusercontent.com/salrashid123/k8s_webook_helloworld/master/authn.yaml \ | |
| -o /var/lib/localkube/authn.yaml | |
| curl -s https://raw.githubusercontent.com/salrashid123/k8s_webook_helloworld/master/authz.yaml \ | |
| -o /var/lib/localkube/authz.yaml | |
| curl -s https://raw.githubusercontent.com/salrashid123/k8s_webook_helloworld/master/CA/GAE_CA.pem \ | |
| -o /var/lib/localkube/certs/webhook_ca.crt | |
| curl -s https://raw.githubusercontent.com/salrashid123/k8s_webook_helloworld/master/CA/webhook_plugin.crt \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| clusters: | |
| - name: my-authn-service | |
| cluster: | |
| certificate-authority: /var/lib/localkube/certs/webhook_ca.crt | |
| server: https://1-dot-webhook-dot-YOUR_PROJECT.appspot.com/authenticate | |
| users: | |
| - name: my-api-server | |
| user: | |
| client-certificate: /var/lib/localkube/certs/webhook_plugin.crt | |
| client-key: /var/lib/localkube/certs/webhook_plugin.key |