istio

route-binding.yaml
363 строки · 8.1 Кб
Перенос по словам
1
apiVersion: gateway.networking.k8s.io/v1beta1
2
kind: GatewayClass
3
metadata:
4
  name: istio
5
spec:
6
  controllerName: istio.io/gateway-controller
7
---
8
apiVersion: gateway.networking.k8s.io/v1beta1
9
kind: Gateway
10
metadata:
11
  name: gateway
12
  namespace: istio-system
13
spec:
14
  addresses:
15
  - value: istio-ingressgateway
16
    type: Hostname
17
  gatewayClassName: istio
18
  listeners:
19
  - name: default
20
    hostname: "*.domain.example"
21
    port: 80
22
    protocol: HTTP
23
    allowedRoutes:
24
      namespaces:
25
        from: All
26
  - name: foobar
27
    hostname: "*.foobar.example"
28
    port: 80
29
    protocol: HTTP
30
    allowedRoutes:
31
      namespaces:
32
        from: All
33
      kinds:
34
      - kind: HTTPRoute
35
  - name: same-namespace
36
    hostname: "*.same-namespace.example"
37
    port: 80
38
    protocol: HTTP
39
  - name: scope-route
40
    hostname: "*.scope-route.example"
41
    port: 80
42
    protocol: HTTP
43
    allowedRoutes:
44
      namespaces:
45
        from: All
46
      kinds:
47
      - kind: TCPRoute
48
  - name: slctr-labels
49
    hostname: "*.slctr-labels.example"
50
    port: 80
51
    protocol: HTTP
52
    allowedRoutes:
53
      namespaces:
54
        from: Selector
55
        selector:
56
          matchLabels:
57
            istio.io/test-name-part: group
58
  - name: slctr-expr-in-yes
59
    hostname: "*.slctr-expr-in-yes.example"
60
    port: 80
61
    protocol: HTTP
62
    allowedRoutes:
63
      namespaces:
64
        from: Selector
65
        selector:
66
          matchExpressions:
67
          - key: istio.io/test-name-part
68
            operator: In
69
            values:
70
              - group
71
  - name: slctr-expr-in-no
72
    hostname: "*.slctr-expr-in-no.example"
73
    port: 80
74
    protocol: HTTP
75
    allowedRoutes:
76
      namespaces:
77
        from: Selector
78
        selector:
79
          matchExpressions:
80
          - key: istio.io/test-name-part
81
            operator: In
82
            values:
83
              - public
84
  - name: slctr-expr-notin-yes
85
    hostname: "*.slctr-expr-notin-yes.example"
86
    port: 80
87
    protocol: HTTP
88
    allowedRoutes:
89
      namespaces:
90
        from: Selector
91
        selector:
92
          matchExpressions:
93
          - key: istio.io/test-name-part
94
            operator: NotIn
95
            values:
96
              - private
97
          - key: istio.io/test-label-not-found
98
            operator: NotIn
99
            values:
100
              - irrelevant
101
  - name: slctr-expr-notin-no
102
    hostname: "*.slctr-expr-notin-no.example"
103
    port: 80
104
    protocol: HTTP
105
    allowedRoutes:
106
      namespaces:
107
        from: Selector
108
        selector:
109
          matchExpressions:
110
          - key: istio.io/test-name-part
111
            operator: NotIn
112
            values:
113
              - group
114
          - key: istio.io/test-label-not-found
115
            operator: NotIn
116
            values:
117
              - irrelevant
118
  - name: slctr-expr-exists-yes
119
    hostname: "*.slctr-expr-exists-yes.example"
120
    port: 80
121
    protocol: HTTP
122
    allowedRoutes:
123
      namespaces:
124
        from: Selector
125
        selector:
126
          matchExpressions:
127
          - key: istio.io/test-name-part
128
            operator: Exists
129
  - name: slctr-expr-exists-no
130
    hostname: "*.slctr-expr-exists-no.example"
131
    port: 80
132
    protocol: HTTP
133
    allowedRoutes:
134
      namespaces:
135
        from: Selector
136
        selector:
137
          matchExpressions:
138
          - key: istio.io/test-name-public
139
            operator: Exists
140
  - name: slctr-expr-dne-yes
141
    hostname: "*.slctr-expr-dne-yes.example"
142
    port: 80
143
    protocol: HTTP
144
    allowedRoutes:
145
      namespaces:
146
        from: Selector
147
        selector:
148
          matchExpressions:
149
          - key: istio.io/test-label-not-found
150
            operator: DoesNotExist
151
  - name: slctr-expr-dne-no
152
    hostname: "*.slctr-expr-dne-no.example"
153
    port: 80
154
    protocol: HTTP
155
    allowedRoutes:
156
      namespaces:
157
        from: Selector
158
        selector:
159
          matchExpressions:
160
          - key: istio.io/test-name-part
161
            operator: DoesNotExist
162
  - name: slctr-combined-yes
163
    hostname: "*.slctr-combined-yes.example"
164
    port: 80
165
    protocol: HTTP
166
    allowedRoutes:
167
      namespaces:
168
        from: Selector
169
        selector:
170
          matchLabels:
171
            istio.io/test-name-part: group
172
          matchExpressions:
173
          - key: istio.io/test-name-part
174
            operator: In
175
            values:
176
              - group
177
  - name: slctr-combined-no
178
    hostname: "*.slctr-combined-no.example"
179
    port: 80
180
    protocol: HTTP
181
    allowedRoutes:
182
      namespaces:
183
        from: Selector
184
        selector:
185
          matchLabels:
186
            istio.io/test-name-part: public
187
          matchExpressions:
188
          - key: istio.io/test-name-part
189
            operator: In
190
            values:
191
              - group
192
---
193
apiVersion: gateway.networking.k8s.io/v1beta1
194
kind: HTTPRoute
195
metadata:
196
  name: section-name-cross-namespace
197
  namespace: default
198
spec:
199
  parentRefs:
200
  - name: gateway
201
    namespace: istio-system
202
    sectionName: foobar
203
  hostnames: ["alpha.foobar.example"]
204
  rules:
205
  - backendRefs:
206
    - name: httpbin
207
      port: 80
208
---
209
apiVersion: gateway.networking.k8s.io/v1beta1
210
kind: HTTPRoute
211
metadata:
212
  name: same-namespace-valid
213
  namespace: istio-system
214
spec:
215
  parentRefs:
216
  - name: gateway
217
    namespace: istio-system
218
    sectionName: foobar
219
  - name: gateway
220
    namespace: istio-system
221
    sectionName: same-namespace
222
  rules:
223
  - backendRefs:
224
    - name: httpbin
225
      port: 81
226
---
227
apiVersion: gateway.networking.k8s.io/v1beta1
228
kind: HTTPRoute
229
metadata:
230
  name: same-namespace-invalid
231
  namespace: default
232
spec:
233
  parentRefs:
234
  - kind: Gateway
235
    name: gateway
236
    namespace: istio-system
237
    sectionName: same-namespace
238
  hostnames: ["foo.same.example"]
239
  rules:
240
  - backendRefs:
241
    - name: echo
242
      port: 80
243
---
244
apiVersion: gateway.networking.k8s.io/v1alpha2
245
kind: TCPRoute
246
metadata:
247
  # Should not generate anything, the protocol is HTTP
248
  name: wrong-protocol
249
  namespace: default
250
spec:
251
  parentRefs:
252
  - name: gateway
253
    namespace: istio-system
254
    sectionName: foobar
255
  rules:
256
  - backendRefs:
257
    - name: httpbin
258
      port: 82
259
---
260
apiVersion: gateway.networking.k8s.io/v1beta1
261
kind: HTTPRoute
262
metadata:
263
  name: host-mismatch
264
  namespace: default
265
spec:
266
  parentRefs:
267
  - name: gateway
268
    namespace: istio-system
269
    sectionName: foobar
270
  hostnames: ["no.match.example"]
271
  rules:
272
  - backendRefs:
273
    - name: httpbin
274
      port: 84
275
---
276
apiVersion: gateway.networking.k8s.io/v1beta1
277
kind: HTTPRoute
278
metadata:
279
  name: bind-all
280
  namespace: default
281
spec:
282
  parentRefs:
283
  - name: gateway
284
    namespace: istio-system
285
  rules:
286
  - backendRefs:
287
    - name: httpbin
288
      port: 85
289
---
290
apiVersion: gateway.networking.k8s.io/v1beta1
291
kind: HTTPRoute
292
metadata:
293
  name: bind-cross-namespace
294
  namespace: group-namespace1
295
spec:
296
  parentRefs:
297
  - name: gateway
298
    namespace: istio-system
299
    sectionName: slctr-labels
300
  - name: gateway
301
    namespace: istio-system
302
    sectionName: slctr-expr-in-yes
303
  - name: gateway
304
    namespace: istio-system
305
    sectionName: slctr-expr-in-no
306
  - name: gateway
307
    namespace: istio-system
308
    sectionName: slctr-expr-notin-yes
309
  - name: gateway
310
    namespace: istio-system
311
    sectionName: slctr-expr-notin-no
312
  - name: gateway
313
    namespace: istio-system
314
    sectionName: slctr-expr-exists-yes
315
  - name: gateway
316
    namespace: istio-system
317
    sectionName: slctr-expr-exists-no
318
  - name: gateway
319
    namespace: istio-system
320
    sectionName: slctr-expr-dne-yes
321
  - name: gateway
322
    namespace: istio-system
323
    sectionName: slctr-expr-dne-no
324
  - name: gateway
325
    namespace: istio-system
326
    sectionName: slctr-combined-yes
327
  - name: gateway
328
    namespace: istio-system
329
    sectionName: slctr-combined-no
330
  rules:
331
  - backendRefs:
332
    - name: httpbin
333
      port: 86
334
---
335
apiVersion: gateway.networking.k8s.io/v1beta1
336
kind: HTTPRoute
337
metadata:
338
  name: bind-cross-namespace
339
  namespace: group-namespace2
340
spec:
341
  parentRefs:
342
  - name: gateway
343
    namespace: istio-system
344
    sectionName: slctr-labels
345
  rules:
346
  - backendRefs:
347
    - name: httpbin
348
      port: 87
349
---
350
apiVersion: gateway.networking.k8s.io/v1beta1
351
kind: HTTPRoute
352
metadata:
353
  name: invalid-bind-cross-namespace
354
  namespace: default
355
spec:
356
  parentRefs:
357
  - name: gateway
358
    namespace: istio-system
359
    sectionName: slctr-labels
360
  rules:
361
  - backendRefs:
362
    - name: httpbin
363
      port: 87
364

365
istio

Использование cookies
