Routing rule maps overview
This document describes routing rule maps and how they manage traffic in Traffic Director deployments that use the older APIs. If you are using the new service routing APIs, which are in preview, see the overview of the new service routing APIs.
A routing rule map consists of the following:
- A forwarding rule that references a target proxy
- A target proxy that references a URL map
- A URL map that contains various routing rules
When you create and configure these resources for Traffic Director, Traffic Director uses the values to create the configuration that it sends to your data plane, which includes xDS clients such as Envoy proxies and proxyless gRPC applications. The data plane then handles traffic according to this configuration.
A forwarding rule references a target proxy, and has an IP address and a port.
For Traffic Director deployments, the forwarding rule's load-balancing
scheme must be set to
INTERNAL_SELF_MANAGED. The target proxy, in turn,
references a URL map. These three resources combine to form a routing rule map.
A forwarding rule that references a target gRPC proxy with the
validateForProxyless field set to
TRUE must have its IP address set to
validateForProxyless is set to
TRUE, configurations that
specify an IP address other than
0.0.0.0 are rejected.
The routing rule map defines how traffic passes from clients to servers inside a service mesh.
Supported target proxy types
Traffic Director supports the following target proxy types:
- Target HTTP proxy, which you configure when your clients and servers send or receive HTTP or HTTP/2 traffic.
- Target HTTPS proxy, which you configure when your clients and servers send or receive HTTPS traffic. This is required when you set up service security with Envoy proxies.
- Target TCP proxy, which you configure when your clients and servers send or receive TCP traffic.
- Target gRPC proxy, which you configure when your clients and servers send
or receive gRPC traffic. Target gRPC proxies contain the field
validateForProxyless, which is set to
TRUEwhen you deploy proxyless gRPC services.
Traffic routing with Envoy sidecar proxies
When you use Traffic Director with Envoy sidecar proxies, client requests are routed as follows:
- The network stack intercepts the request and redirects it to your Envoy sidecar proxy.
- The Envoy sidecar proxy looks at the request's IP address and port.
- The IP address and port pair are checked against the IP address and port
specified in any forwarding rules that have the load-balancing scheme set to
- If a forwarding rule with a matching IP address and port is found, Envoy looks at the target HTTP proxy or the target gRPC proxy that the forwarding rule references.
- Envoy checks the URL map that the target proxy references.
- Envoy routes the request according to the rules specified in the URL map.
For information about how traffic is routed with a target TCP proxy, see Routing TCP traffic with Traffic Director.
Traffic routing with proxyless gRPC applications
This behavior is different for proxyless gRPC applications. When you configure
a gRPC client, you specify the target URI for the service that the client
needs to contact. This URI uses the
xds name resolver scheme and the
hostname:port format—for example
When the proxyless gRPC client connects to Traffic Director, Traffic Director sends it information corresponding to the service as follows:
- Traffic Director looks for forwarding rules with the load-balancing scheme
INTERNAL_SELF_MANAGEDto find forwarding rules whose port matches the port specified in the target URI.
- Traffic Director finds the target gRPC proxy or the target HTTP proxy for each of these forwarding rules.
- Traffic Director finds the URL maps referenced by these target gRPC proxies or target HTTP proxies.
- Traffic Director checks the host rules in the URL map, which also have the
hostname[:port]format, and looks for a match.
- When a match is found, Traffic Director returns routing rules and service information to the gRPC client.
If more than one match is found, the behavior is undefined and can lead to unpredictable behavior. This generally happens when both of the following conditions are met:
- The same hostname is used across multiple URL maps.
- Multiple forwarding rules with the load-balancing scheme
INTERNAL_SELF_MANAGEDspecify the same port.
For this reason, we recommend that you do not re-use the same hostname across multiple URL maps that are referenced by forwarding rules that specify the same port.
To get fine-grained control over how traffic is handled, see the Advanced traffic management overview.
To learn more about Traffic Director, see the Traffic Director overview.