本篇 directory
- 本篇 directory
- Explanation
- He responded to the call of the times Envoy
- Cluster、Listener 与 Filter
- Hard nut to profile
- Play the leading role of the filter
- Dynamic configuration in the end how is it?
- Hands-on look
- reference
Explanation
When combing open source API Gateway and ServiceMesh project, a word most frequently encountered are the data plane Envoy, Ambassador, Contour, Gloo, Istio other projects are selected Envoy. Envoy Hedeheneng favored by many project? Envoy to grasp the context of just 2 minutes.
He responded to the call of the times Envoy
Envoy is having a reverse proxy and load balancing stand-alone software, and Nginx, Haproxy belong to the same category of software. Compared with Nginx and Haproxy, Envoy there is one important feature: built-configuration API.
With Nginx, Haproxy represented by load-balancing software, in practical applications for many years in the past, rarely change the configuration when the software is running, even if occasionally you want to modify the configuration file, use the reload command to reload, etc. will be able to meet their needs.
Directions evolve to Kubernetes as the representative of PaaS or container management system after emergence, IT systems along the "division of labor specialization, fewer people to do more homogeneous things" in the current evolution, reverse proxy and load balancing the ability to be centrally managed, unified offer.
This evolution is reflected in Kubernetes for all services within the cluster as exports ingress proxy cluster, embodied agent software flung circulation flow under the control of a single center in order to istio represented in ServiceMesh. Either as export Kubernetes, or as a node in the Mesh, bear traffic forwarding components are required to complete a challenge: frequent updating configuration during operation.
The frequency of updates new scene is N times per second, far exceeding the previous update frequency of the scene in weeks, months or even years for the cycle. In this case, the thermal load profile significantly slow cumbersome way, there are a number of projects with a development component through the API functions to achieve generates configuration files, triggers the function of the heat load, this gives Nginx, Haproxy other traditional load balancing software HF ability to update configurations.
However, if there is a software configuration with native API, and focus on the data plane, it exists as a reliable third party, allowing control plane management to concentrate on the rules, then it would not be very popular?
Envoy is such a software. Note that this only explain the background, not to blow envoy ticket, nginx, haproxy so updating evolve to adapt to changes in the scene.
Cluster、Listener 与 Filter
Envoy features and details of the use of complicated, but as long to figure out the use of Cluster, Listener and Filter, we grasp the general direction.
Cluster is a group of IP, the equivalent of Nginx in upstream, load balancing strategy in the cluster set, cluster can be IP can also be a domain name:
Listener is listening address and forwarding rules:
Hard nut to profile
Envoy configuration file is the greatest difficulty encountered scratch understand Envoy, its configuration is complicated, and the lack of system introduction.
Configuration file when you start envoy, with -c specified content into the following sections:
{
"node": { "id": "...", "cluster": "...", "metadata": "{...}", "locality": "{...}", "build_version": "..." }, "static_resources": { "listeners": [], "clusters": [], "secrets": [] }, "dynamic_resources": { "lds_config": "{...}", "cds_config": "{...}", "ads_config": "{...}" }, "cluster_manager": { "local_cluster_name": "...", "outlier_detection": "{...}", "upstream_bind_config": "{...}", "load_stats_config": "{...}" }, "hds_config": { "api_type": "...", "cluster_names": [], "grpc_services": [], "refresh_delay": "{...}", "request_timeout": "{...}", "rate_limit_settings": "{...}" }, "flags_path": "...", "stats_sinks": [ { "name": "...", "config": "{...}" } ], "stats_config": { "stats_tags": [], "use_all_default_tags": "{...}", "stats_matcher": "{...}" }, "stats_flush_interval": "{...}", "watchdog": { "miss_timeout": "{...}", "megamiss_timeout": "{...}", "kill_timeout": "{...}", "multikill_timeout": "{...}" }, "tracing":