我是istio的新手。 Istio通过istio-proxy / envoy拦截两个服务之间的所有流量。是否可以配置istio以便忽略某种类型的流量
谢谢
根据Istio sidecar injection configuration,您可以使用traffic.sidecar.istio.io/excludeInboundPorts注释从Envoy和iptables规则中排除端口。
例:
apiVersion: apps/v1
kind: Deployment
metadata:
name: podinfo
namespace: test
labels:
app: podinfo
spec:
selector:
matchLabels:
app: podinfo
template:
metadata:
annotations:
traffic.sidecar.istio.io/excludeInboundPorts: "9999,9229"
labels:
app: podinfo
spec:
containers:
- name: podinfod
image: quay.io/stefanprodan/podinfo:1.4.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9898
name: http
protocol: TCP
- containerPort: 9999 # <- excluded port
protocol: UDP
- containerPort: 9229 # <- excluded port
protocol: TCP
command:
- ./podinfo
- --port=9898
- --level=info