Want to specify rules in VirtualService file where two or more services have same rules
I have made a reproduction of your question with 3 simple nginx pods, the problem is I couldn't make it work with just 1 header and 3 uri.
So i made it another way, every match of virtual service has it's own header and uri.
Check below example.
We have 3 pods -> 3 services -> virtual service -> gateway -> ingressgateway
Deployment 1
apiVersion: apps/v1kind: Deploymentmetadata: name: nginx1spec: selector: matchLabels: run: nginx1 replicas: 1 template: metadata: labels: run: nginx1 app: frontend spec: containers: - name: nginx1 image: nginx ports: - containerPort: 80 lifecycle: postStart: exec: command: ["/bin/sh", "-c", "echo Hello nginx1 > /usr/share/nginx/html/index.html"]
Deployment 2
apiVersion: apps/v1kind: Deploymentmetadata: name: nginx2spec: selector: matchLabels: run: nginx2 replicas: 1 template: metadata: labels: run: nginx2 app: frontend2 spec: containers: - name: nginx2 image: nginx ports: - containerPort: 80 lifecycle: postStart: exec: command: ["/bin/sh", "-c", "echo Hello nginx2 > /usr/share/nginx/html/index.html"]
Deployment 3
piVersion: apps/v1kind: Deploymentmetadata: name: nginx3spec: selector: matchLabels: run: nginx3 replicas: 1 template: metadata: labels: run: nginx3 app: frontend3 spec: containers: - name: nginx3 image: nginx ports: - containerPort: 80 lifecycle: postStart: exec: command: ["/bin/sh", "-c", "echo Hello nginx3 > /usr/share/nginx/html/index.html"]
Service 1
apiVersion: v1kind: Servicemetadata: name: nginx labels: app: frontendspec: ports: - name: http port: 80 protocol: TCP selector: app: frontend
Service 2
apiVersion: v1kind: Servicemetadata: name: nginx2 labels: app: frontend2spec: ports: - port: 80 protocol: TCP selector: app: frontend2
Service 3
apiVersion: v1kind: Servicemetadata: name: nginx3 labels: app: frontend3spec: ports: - port: 80 protocol: TCP selector: app: frontend3
Virtual Service
apiVersion: networking.istio.io/v1alpha3kind: VirtualServicemetadata: name: nginxvirtspec: gateways: - mesh # traffic inside cluster - comp-ingress-gateway # traffic from outside cluster hosts: - nginx.default.svc.cluster.local - nginx.com # outside cluster - nginx3.default.svc.cluster.local - nginx2.default.svc.cluster.local http: - name: a match: - uri: prefix: /wagholi headers: location: exact: pune rewrite: uri: / route: - destination: host: nginx.default.svc.cluster.local port: number: 80 - name: b match: - uri: prefix: /yerwada headers: location: exact: pune rewrite: uri: / route: - destination: host: nginx2.default.svc.cluster.local port: number: 80 - name: c match: - uri: prefix: /hadasapar headers: location: exact: pune rewrite: uri: / route: - destination: host: nginx3.default.svc.cluster.local port: number: 80
Gateway
apiVersion: networking.istio.io/v1alpha3kind: Gatewaymetadata: name: comp-ingress-gatewayspec: selector: istio: ingressgateway servers: - hosts: - '*' port: name: http number: 80 protocol: HTTP - hosts: - '*' port: name: https number: 443 protocol: HTTPS tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
Some ubuntu pod to test inside traffic
apiVersion: v1kind: Podmetadata: name: ubu1spec: containers: - name: ubu1 image: ubuntu command: ["/bin/sh"] args: ["-c", "apt-get update && apt-get install curl -y && sleep 3000"]
And the results:
Inside:
root@ubu1:/# curl -H "location: pune" nginx/wagholiHello nginx1root@ubu1:/# curl -H "location: pune" nginx/hadasaparHello nginx3root@ubu1:/# curl -H "location: pune" nginx/yerwada Hello nginx2
Outside:
curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/hadasaparHello nginx3curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/wagholiHello nginx1curl -H "location: pune" -H "host: nginx.com" ingress_gateway_ip/yerwadaHello nginx2
EDIT
How Can I find ingress_gateway_ip?
You Can use
kubectl get svc istio-ingressgateway -n istio-system
And it's istio-ingressgateway EXTERNAL-IP
If the EXTERNAL-IP value is set, your environment has an external load balancer that you can use for the ingress gateway. If the EXTERNAL-IP value is (or perpetually ), your environment does not provide an external load balancer for the ingress gateway. In this case, you can access the gateway using the service’s node port.
Can I do differently Ingress for each service and then map to VirtualService.
I'm not sure about that but i think it's possible. Check below links
I hope it will help You. Let me know if You have any more questions.