最近在学习Istio的Gateway,有一点不太明白
所以当我们安装 istio 时,我们得到 Deployment
istio-ingressgateway$ kubectl get deploy -n istio-system
NAME READY UP-TO-DATE AVAILABLE AGE
istio-egressgateway 1/1 1 1 3h9m
istio-ingressgateway 1/1 1 1 3h9m
istiod 1/1 1 1 3h9m
现在,这个
istio-ingressgateway$ kubectl get svc -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
istio-egressgateway ClusterIP 172.20.33.252 <none> 80/TCP,443/TCP 3h10m
istio-ingressgateway LoadBalancer 172.20.19.8 abc-xyz.us-east-1.elb.amazonaws.com 15021:30308/TCP,80:32116/TCP,443:30034/TCP,31400:30430/TCP,15443:30260/TCP 3h10m
istiod ClusterIP 172.20.27.14 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 3h10m
现在,代理(istio-ingressgateway deployment 的 pod)监听
8080targetPort80istio-ingressgateway现在假设我有以下网关配置:
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: my-ingress
spec:
selector:
app: my-ingressgateway
servers:
- port:
number: 80
name: http2
protocol: HTTP2
hosts:
- "www.example.com"
我不明白的是,为什么服务器的
port.number我将解释:例如,当我配置一个 EKS 集群并在其上安装 istio 时,我会为该
istio-ingressgateway...
- name: http2
nodePort: 32116
port: 80
protocol: TCP
targetPort: 8080
...
所以基本上,当我访问
<load-balancer-domain>:80我的问题是,网关配置“关心”我使用哪个端口到达代理容器?