此过程说明如何向您的 Apigee Hybrid 安装添加额外的 Anthos Service Mesh (ASM) 网关。
安装其他 Anthos Service Mesh 网关
在 ASM overlay.yaml 文件中,您可以按照与下面类似的模式添加更多入站流量网关。请注意,spec.components[].label 和 spec.components[].k8s.service.selector 元素允许您将指定的入站流量网关与特定虚拟主机相关联,如将入站流量定向到虚拟主机所述。
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
profile: asm-gcp
# hub: gcr.io/gke-release/asm # {"$ref":"#/definitions/io.k8s.cli.setters.anthos.servicemesh.hub"}
components:
ingressGateways:
- name: istio-ingressgateway-dairy
enabled: true
label:
app: istio-ingressgateway
ingress_name: dairy
k8s:
service:
selector:
app: istio-ingressgateway
ingress_name: dairy
type: LoadBalancer
ports:
- name: status-port
port: 15021
- name: http2
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 8443
hpaSpec:
minReplicas: 1
maxReplicas: 10
- name: istio-ingressgateway-vegetables
enabled: true
label:
app: istio-ingressgateway
ingress_name: vegetables
k8s:
service:
selector:
app: istio-ingressgateway
ingress_name: vegetables
ports:
- name: http2
port: 80
targetPort: 8080
- name: status-port
port: 15020
- name: https
port: 443
targetPort: 8443
hpaSpec:
minReplicas: 1
maxReplicas: 10
resources:
requests:
cpu: 300m
memory: 128Mi
按照适合您平台的 Anthos Service Mesh 文档应用更改。
将 ASM/istio 入站流量定向到虚拟主机
您可以在替换文件中将已加标签的 ASM/istio 入站流量网关定向到特定虚拟主机。此配置指定了 Apigee 将虚拟主机的配置应用于的入站流量网关。在以下示例中,流向虚拟主机 milk-vh 的流量通过标有 dairy 的入站流量定向,而流向其他两个虚拟主机的流量经过 vegetables 入站流量。您必须按照安装额外的 Apigee 入站流量网关中的说明,为入站流量正确添加标签。
virtualhosts:
- name: milk-vh
sslCertPath: cert-milk.crt
sslKeyPath: cert-milk.key
selector:
app: istio-ingressgateway
ingress_name: dairy
- name: carrots-vh
sslCertPath: cert-carrots.crt
sslKeyPath: cert-carrots.key
selector:
app: istio-ingressgateway
ingress_name: vegetables
- name: ginger-vh
sslCertPath: cert-ginger.crt
sslKeyPath: cert-ginger.key
selector:
app: apigee-ingressgateway
ingress_name: vegetables