We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When I use sidecar mode, the sourceLabels is working well. But if I use ambient mode, the sourceLabels will match all request, work as default route.
kubectl get crd gateways.gateway.networking.k8s.io &> /dev/null || \ { kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.1.0" | kubectl apply -f -; } istioctl install --set profile=ambient --skip-confirmation kubectl label namespace default istio.io/dataplane-mode=ambient istioctl x waypoint apply --enroll-namespace --wait
kind: Deployment apiVersion: apps/v1 metadata: name: netshoot namespace: default labels: app: netshoot spec: replicas: 1 selector: matchLabels: app: netshoot template: metadata: name: netshoot labels: app: netshoot spec: containers: - name: netshoot image: nicolaka/netshoot command: - nc args: - '-l' - '8080' resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: Always securityContext: privileged: false restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst securityContext: {} schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 25% revisionHistoryLimit: 10 progressDeadlineSeconds: 600 --- kind: Deployment apiVersion: apps/v1 metadata: name: httpecho-v1 namespace: default labels: app: httpecho version: v1 spec: replicas: 1 selector: matchLabels: app: httpecho version: v1 template: metadata: name: httpecho-v1 creationTimestamp: null labels: app: httpecho version: v1 spec: containers: - name: httpecho-v1 image: hashicorp/http-echo:latest command: - /http-echo args: - '-text="echo-v1"' resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: Always securityContext: privileged: false restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst securityContext: {} schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 25% revisionHistoryLimit: 10 progressDeadlineSeconds: 600 --- kind: Deployment apiVersion: apps/v1 metadata: name: httpecho-v2 namespace: default labels: app: httpecho version: v2 spec: replicas: 1 selector: matchLabels: app: httpecho version: v2 template: metadata: name: httpecho-v2 creationTimestamp: null labels: app: httpecho version: v2 spec: containers: - name: httpecho-v2 image: hashicorp/http-echo:latest command: - /http-echo args: - '-text="echo-v2"' resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: Always securityContext: privileged: false restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst securityContext: {} schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 25% revisionHistoryLimit: 10 progressDeadlineSeconds: 600 --- kind: Deployment apiVersion: apps/v1 metadata: name: httpecho-v3 namespace: default labels: app: httpecho version: v3 spec: replicas: 1 selector: matchLabels: app: httpecho version: v3 template: metadata: name: httpecho-v3 creationTimestamp: null labels: app: httpecho version: v3 spec: containers: - name: httpecho-v3 image: hashicorp/http-echo:latest command: - /http-echo args: - '-text="echo-v3"' resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: Always securityContext: privileged: false restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst securityContext: {} schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 25% maxSurge: 25% revisionHistoryLimit: 10 progressDeadlineSeconds: 600 --- kind: Service apiVersion: v1 metadata: name: httpecho namespace: default labels: app: httpecho spec: ports: - name: http protocol: TCP port: 80 targetPort: 5678 selector: app: httpecho type: ClusterIP ipFamilies: - IPv4 ipFamilyPolicy: SingleStack internalTrafficPolicy: Cluster --- kind: Service apiVersion: v1 metadata: name: httpecho-v1 namespace: default labels: app: httpecho version: v1 spec: ports: - name: http protocol: TCP port: 80 targetPort: 5678 selector: app: httpecho version: v1 type: ClusterIP ipFamilies: - IPv4 ipFamilyPolicy: SingleStack internalTrafficPolicy: Cluster --- kind: Service apiVersion: v1 metadata: name: httpecho-v2 namespace: default labels: app: httpecho version: v2 spec: ports: - name: http protocol: TCP port: 80 targetPort: 5678 selector: app: httpecho version: v2 type: ClusterIP ipFamilies: - IPv4 ipFamilyPolicy: SingleStack internalTrafficPolicy: Cluster --- kind: Service apiVersion: v1 metadata: name: httpecho-v3 namespace: default labels: app: httpecho version: v3 spec: ports: - name: http protocol: TCP port: 80 targetPort: 5678 selector: app: httpecho version: v3 type: ClusterIP ipFamilies: - IPv4 ipFamilyPolicy: SingleStack internalTrafficPolicy: Cluster
kind: VirtualService apiVersion: networking.istio.io/v1beta1 metadata: name: httpecho namespace: default spec: hosts: - httpecho.default.svc.cluster.local http: - match: - sourceLabels: should_not_match_this_v1: nothing route: - destination: host: httpecho.default.svc.cluster.local subset: v1 - route: - destination: host: httpecho.default.svc.cluster.local subset: v2 --- kind: DestinationRule apiVersion: networking.istio.io/v1beta1 metadata: name: httpecho namespace: default spec: host: httpecho.default.svc.cluster.local subsets: - name: v1 labels: version: v1 - name: v2 labels: version: v2 - name: v3 labels: version: v3
netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1" netshoot-5556b6c97b-qb25h:~# curl httpecho.default.svc.cluster.local "echo-v1"
./istioctl version client version: 1.22.1 control plane version: 1.22.1 data plane version: 1.22.1 (2 proxies) kubectl version Client Version: v1.28.3-eks-e71965b Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.28.9-eks-036c24b
No response
The text was updated successfully, but these errors were encountered:
Thanks for the report. One note, with ambient Gateway API is the tested and recommended approach to routing (https://preliminary.istio.io/latest/docs/releases/feature-stages/#ambient).
SourceLabels will never work in ambient. Maybe we should make it so they just never apply instead of always apply, though.
Sorry, something went wrong.
No branches or pull requests
Is this the right place to submit this?
Bug Description
When I use sidecar mode, the sourceLabels is working well.
But if I use ambient mode, the sourceLabels will match all request, work as default route.
reproduce
According to the virtualservice definination, requests should routes to "echo-v2" instead of "echo-v1"
Version
Additional Information
No response
The text was updated successfully, but these errors were encountered: