首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(12)Istio(12)

语言

全部英语(6)中文(简体)(3)英语(3)

格式

全部PDF文档 PDF(11)PPT文档 PPT(1)
 
本次搜索耗时 0.021 秒,为您找到相关结果约 12 个.

  • pdf文档 13 Istio 流量管理原理与协议扩展 赵化冰

    Gateway Virtual Service Destination Rule 外部请求 内部客户端 Service2 Service1 网格内部 定义网格入口 • 服务端口 • Host • TLS 配置 • 路由配置 • 根据 Host 路由 • 根据 Header • 根据 URI 路由 目的地流量策略配置 • LB 策略 • 连接池配置 • 断路器配置 • TLS 配置 Gateway External Envoy配置模型和xDS协议 ADS Server LDS RDS CDS EDS Envoy 配置模型的主要概念: • Downstream:连接到 Envoy 的下游 Host,发送请求并接收响应。 • Upstream: 上游 Host 接收来自 Envoy 的连接和请求,并返回响应。 • Listener:监听器是命名网地址(可以是TCP socket 或者 Unix domain socket),可以被 0.0_9080 listener 的 http_connection_manager filter 配置,该请求采用 9080 route 进行分发。 6. 9080 这个 route 的配置中,host name 为 reviews:9080 的请求对应 的 cluster 为 outbound|9080||reviews.default.svc.cluster.local。 7. outbound|9080||reviews
    0 码力 | 20 页 | 11.31 MB | 6 月前
    3

  • pdf文档 Istio Security Assessment

    reproduced. Description Istio VirtualServices define the sets of traffic routing rules to apply when a host is addressed. They support matching on various criteria including URI paths and header values and gateways: - test/bookinfo-gateway http: - match: - uri: exact: /productpage route: - destination: host: details.restrict-test.svc.cluster.local port: number: 9080 - match: - uri: exact: /login redirect: to be based on two things, which host name is more specific and which Gateway was created first. For example, in the event that an earlier-created Gateway includes a host declaration of "*", and an later-created
    0 码力 | 51 页 | 849.66 KB | 1 年前
    3

  • ppt文档 Secure your microservices with istio step by step

    peer-authentication to enable server side mTLS mTLS in Istio - PeerAuthenticati on Using ingress port and ingress host to send request: can access reviews-v1, reviews-v2 and reviews-v3 can reach v2 as peer-authentication rule to enable client side mTLS mTLS in Istio - Destination rule Using ingress port and ingress host to send request: can access reviews-v1, reviews-v3 can not access reviews-v2 since we have enabled apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: reviews spec: host: reviews trafficPolicy: tls: mode: ISTIO_MUTUAL 1) Generate client and server certificates
    0 码力 | 34 页 | 67.93 MB | 1 年前
    3

  • pdf文档 Accelerate Istio-CNI with ebpf

    sidecar traffic from 3 scopes ● Inbound ● Outbound ● Envoy to Envoy(same host) #IstioCon Dataflow After Acceleration(same host) #IstioCon ebpf Background Knowledge Prog type ● ebpf provide various network namespace #IstioCon Outbound Acceleration #IstioCon Envoy to Envoy Acceleration(same host) #IstioCon Performance Comparison #IstioCon Thank you!
    0 码力 | 15 页 | 658.90 KB | 1 年前
    3

  • pdf文档 Accelerate Istio with ebpf

    TCP/IP stack 3 times ○ Inbound ○ Outbound ○ Envoy to Envoy(same host) Istio Meetup China Dataflow After Acceleration(same host) Istio Meetup China ebpf Background Knowledge Loader & Verification Istio Meetup China Outbound Acceleration Istio Meetup China Envoy to Envoy Acceleration(same host) Istio Meetup China Deploy eBPF Istio Meetup China Performance Comparison Refactored istio benchmarking
    0 码力 | 15 页 | 591.60 KB | 1 年前
    3

  • pdf文档 Performance tuning and best practices in a Knative based, large-scale serverless platform with Istio

    51ch62kjrnd.svc.cluster.local http: route: - destination: host: {revision-3}. 51ch62kjrnd.svc.cluster.local weight: 10 - destination: host: {revision-2}. 51ch62kjrnd.svc.cluster.local weight: 90 Knative Cloud Code Engine which fully managed, serverless platform(including knative and istio) that can host all of your cloud native workloads: https://www.ibm.com/cloud/code-engine ● Kperf, a public Knative
    0 码力 | 23 页 | 2.51 MB | 1 年前
    3

  • pdf文档 Is Your Virtual Machine Really Ready-to-go with Istio?

    VMs accessing K8s SVCs 1. DNS query for httpbin.ns1.svc.cluster.local 2. DNS response – no such host httpbin.ns1.svc.cluster.local SVC IP: 10.4.4.4 #IstioCon DNS Issues on ext-TCP SVCs without VIPs ● Concurrency limitations ■ Lack of docs etc. #IstioCon VM High Performance Networking ● VM  Host IO interface ○ Relay ■ DPDK ○ Passthrough ■ SRIOV ● SRIOV ○ Single Root I/O Virtualization ○ Security (DDoS defense…) ● HW acceleration ○ Crypto ○ Rule matching ● Further isolation w/ host ● CapEx, OpEx #IstioCon RDMA (Remote Direct Memory Access) ● Advance transport protocol (same
    0 码力 | 50 页 | 2.19 MB | 1 年前
    3

  • pdf文档 5 tips for your first Istio.io Contribution

    Automation Indicator #7734 Add IBM Cloud Kubernetes Service specific instructions for node port Ingress Host #7663 Homepage Redesign Proposal #IstioCon #IstioCon “First and foremost: as a potential contributor
    0 码力 | 14 页 | 717.74 KB | 1 年前
    3

  • pdf文档 Your laptop as part of the service mesh

    envoy_on_response(request_handle) #IstioCon Who and where to reroute ? #IstioCon The contract GET / HTTP/1.1 Host: example.com User-Agent: curl/7.64.1 X-devroute: { “foo”:”192.168.1.12:8001” } Accept: */* #IstioCon
    0 码力 | 30 页 | 555.24 KB | 1 年前
    3

  • pdf文档 Istio-redirector: the way to go to manage thousands of HTTP redirections

    director And leave a star ? #IstioCon How can we use istio-redirector ? The GitHub repository host also a HelmChart that you can use to deploy istio-redirector on your own cluster. Feel free to reach
    0 码力 | 13 页 | 1.07 MB | 1 年前
    3
共 12 条
  • 1
  • 2
前往
相关搜索词
13Istio流量管理原理协议扩展赵化冰SecurityAssessmentSecureyourmicroserviceswithistiostepbye7pAccelerateIstioCNIwithebpfXuYizhouGuoRuijingAccelerateebpftipsforfirstioContributionYourlaptopaspartoftheservicemeshredirectorwaytogomanagethousandsHTTPredirections