Routing rule maps overview
This document applies only to Cloud Service Mesh with the load balancing APIs. We strongly recommend that you use the service routing APIs.
A routing rule map consists of the following:
- A forwarding rule that references a target proxy
- A target proxy that references a URL map
- A URL map that contains various routing rules
When you create and configure these resources for Cloud Service Mesh, Cloud Service Mesh uses the values to create the configuration that it sends to your data plane, which includes xDS clients such as Envoy proxies and proxyless gRPC applications. The data plane then handles traffic according to this configuration.
A forwarding rule references a target proxy, and has an IP address and a port.
For Cloud Service Mesh deployments, the forwarding rule's load-balancing
scheme must be set to INTERNAL_SELF_MANAGED
. The target proxy, in turn,
references a URL map. These three resources combine to form a routing rule map.
A forwarding rule that references a target gRPC proxy with the
validateForProxyless
field set to TRUE
must have its IP address set to
0.0.0.0
. When validateForProxyless
is set to TRUE
, configurations that
specify an IP address other than 0.0.0.0
are rejected.
The routing rule map defines how traffic passes from clients to servers inside a service mesh.
Supported target proxy types
Cloud Service Mesh supports the following target proxy types:
- Target HTTP proxy, which you configure when your clients and servers send or receive HTTP or HTTP/2 traffic.
- Target HTTPS proxy, which you configure when your clients and servers send or receive HTTPS traffic. This is required when you set up service security with Envoy proxies.
- Target TCP proxy, which you configure when your clients and servers send or receive TCP traffic.
- Target gRPC proxy, which you configure when your clients and servers send
or receive gRPC traffic. Target gRPC proxies contain the field
validateForProxyless
, which is set toTRUE
when you deploy proxyless gRPC services.
Traffic routing with Envoy sidecar proxies
When you use Cloud Service Mesh with Envoy sidecar proxies, client requests are routed as follows:
- The network stack intercepts the request and redirects it to your Envoy sidecar proxy.
- The Envoy sidecar proxy looks at the request's IP address and port.
- The IP address and port pair are checked against the IP address and port
specified in any forwarding rules that have the load-balancing scheme set to
INTERNAL_SELF_MANAGED
. - If a forwarding rule with a matching IP address and port is found, Envoy looks at the target HTTP proxy or the target gRPC proxy that the forwarding rule references.
- Envoy checks the URL map that the target proxy references.
- Envoy routes the request according to the rules specified in the URL map.
For information about how traffic is routed with a target TCP proxy, see Routing TCP traffic with Cloud Service Mesh.
Traffic routing with proxyless gRPC applications
This behavior is different for proxyless gRPC applications. When you configure
a gRPC client, you specify the target URI for the service that the client
needs to contact. This URI uses the xds
name resolver scheme and the
hostname:port
format—for example xds:///example.hostname:8080
.
When the proxyless gRPC client connects to Cloud Service Mesh, Cloud Service Mesh sends it information corresponding to the service as follows:
- Cloud Service Mesh looks for forwarding rules with the load-balancing scheme
set to
INTERNAL_SELF_MANAGED
to find forwarding rules whose port matches the port specified in the target URI. - Cloud Service Mesh finds the target gRPC proxy or the target HTTP proxy for each of these forwarding rules.
- Cloud Service Mesh finds the URL maps referenced by these target gRPC proxies or target HTTP proxies.
- Cloud Service Mesh checks the host rules in the URL map, which also have the
hostname[:port]
format, and looks for a match. - When a match is found, Cloud Service Mesh returns routing rules and service information to the gRPC client.
If more than one match is found, the behavior is undefined and can lead to unpredictable behavior. This generally happens when both of the following conditions are met:
- The same hostname is used across multiple URL maps.
- Multiple forwarding rules with the load-balancing scheme
INTERNAL_SELF_MANAGED
specify the same port.
For this reason, we recommend that you don't re-use the same hostname across multiple URL maps that are referenced by forwarding rules that specify the same port.
What's next
To get fine-grained control over how traffic is handled, see the Advanced traffic management overview.
To learn more about Cloud Service Mesh, see the Cloud Service Mesh overview.