Comments (7)
We are configuring the Istio ingress based on hostname (rather than IP-based) rules. This substantially simplifies setup for the automatic names (i.e. you can create a single ingress IP, and map *.elafros.mycompany
to that IP), but it means that you probably need to use an HTTP reverse proxy to map custom domains to services.
I think this should be something that we document; a few options:
- How to set up nginx as a reverse proxy, which I think would look like:
server {
listen myhost:80;
server_name myhost;
location / {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://elaservice.namespace.elaclusterprefix;
}
}
- How to configure Envoy via Istio to forward the additional hostname to the ElaService.
- How to configure Envoy without Istio.
from serving.
#26 seems related
from serving.
@evankanderson are you saying doc for how to configure nginx is the path forward here? I thought we decided to leverage Istio route rules for that?
from serving.
@mchmarny Can we close this issue now?
from serving.
From a product perspective, I think I'm looking for some higher level constructs that make this easier, maybe like:
domain: mydomain.com
- path: /login
service: login # login.namespace.clusterprefix
- path: /search
service: search # search.namespace.clusterprefix
- path: /catalog
service: catalog # catalog.namespace.clusterprefix
It's possible we might also want to do different subdomains (either for different environments or for regionalization):
domain: eu.mydomain.com
- path: /login
service: login-eu # login-eu.namespace.clusterprefix
- path: /search
service: search-eu # search-eu.namespace.clusterprefix
- path: /catalog
service: catalog-eu # catalog-eu.namespace.clusterprefix
This is somewhat aligned with what Ambassador (API Gateway) does with it's Mapping resource.
Istio and Envoy native options are here:
Options as I see them today:
- Require developers use a third party solution (e.g. nginx [low level] or Ambassador [high level])
- Surface Istio or Envoy configs directly
- Create our own resource on top of Istio/Envoy configs
Note that I think these solutions exist for a host of other "API gateway" like problems (e.g. data plane auth).
from serving.
@tcnghia would you mind re-opening, as I don't think it's fully resolved?
from serving.
@mcdonamp Thanks for the clarification. We have an issue tracking this: #540 - Would you mind adding your comments there? We need input especially on things that are most commonly used and should be supported by Elafros out of the box. Istio supports many different ways to route the traffic, but we are not sure if all of them are commonly used and should be exposed, or we should start with a smaller set and expand as there is customer demand.
from serving.
Related Issues (20)
- Deleting a ksvc keeps a dm ingress in ready=true status
- [flaky] test/e2e.TestWebSocketWithTimeout/exceeds_response_start_timeout_seconds HOT 2
- [flaky] test/e2e.TestWebSocketBlueGreenRoute HOT 2
- Unable to use Proxy Protocol in Knative service HOT 8
- Discussion: can we drop `certificate-class` when http01 is archived
- Queue Proxy Timeout Seconds Not Respected HOT 2
- Address GO-2023-2382 HOT 5
- [flaky] test/upgrade.TestServingUpgrades/Run/Steps/DowngradeWith/ServingLatestRelease HOT 2
- Activator continues to route requests to non-existent pods.
- Discussion: do we want to keep net-certmanager or can we integrate in Serving HOT 4
- Specify position to scale pod
- Support configurable Istio Virtualservice match prefix/rewrite of a Knative Service
- Challenge with Istio Gateway Configuration for Wildcard Domain Handling in Multi-Tenant Knative Environment HOT 1
- [flaky] test/e2e.TestRevisionTimeout/exceeds_response_start_timeout HOT 2
- Request for Version Compatibility Matrix Between Knative and Kubernetes HOT 1
- CrashBackOff in Knative Controller Pod After Deploying with Official YAML Script HOT 5
- [flaky] test/conformance/api/v1.TestRouteCreation HOT 2
- autoscaling.knative.dev/scale-down-delay: 15m does not seem to work HOT 5
- How to mount NFS in Knative v0.23? HOT 1
- GRPC probes service field should have defaulting HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from serving.