對於api gateway,之前老是認知感受和proxy差很少。html
最近幾天,擼完了ambassador的官方文檔,才比較系統的瞭解了gateway的功能。java
它和傳統的nginx proxy或是k8s裏的ingress仍是有必定差異的。node
近期準備在公司用起來。nginx
一,Ambassador 是什麼?
ambassador是datawire開源的服務網關,很好的支持kubernetes。具體詳細介紹參考官網:https://www.getambassador.io/about/why-ambassadorapi
Ambassador is an open source, Kubernetes-native API Gateway built on Envoy Proxy.tomcat
二,爲何先把Ambassador ?
網上關於K8S Ingress的比較文檔:app
http://tuohuang.info/ambassador-jwt-istio#.XVP-KfluaM8ide
http://www.javashuo.com/article/p-brkgnuje-do.htmlpost
https://www.lijiaocn.com/%E9%A1%B9%E7%9B%AE/2019/05/21/apigateway-base-envoy-compare.html性能
https://zhuanlan.zhihu.com/p/61364466
https://blog.csdn.net/hxpjava1/article/details/79375452
http://www.javashuo.com/article/p-uvgpwajq-k.html
http://www.sohu.com/a/314009713_465944
http://tuohuang.info/ambassador-jwt-istio#.XVtCjPkzbRY
三,安裝過程
1, 預先下載好鏡像,應用以下yaml文件
https://getambassador.io/yaml/ambassador/ambassador-rbac.yaml
2, 針對實際狀況,啓動nodePort做爲service。
--- apiVersion: v1 kind: Service metadata: name: ambassador spec: type: NodePort ports: - port: 80 targetPort: 8080 selector: service: ambassador
3, 測試nginx跳轉
nginx.yaml內容以下(使用annotations 來進行聲明式配置,方便分散管理。若是是default的命名空間,mapping中對應服務可省略.namespace後綴):
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deploy spec: replicas: 1 selector: matchLabels: name: nginx template: metadata: labels: name: nginx spec: containers: - name: nginx image: harbor.xxx.com.cn/base/middleware/nginx:1.13-alpine imagePullPolicy: IfNotPresent ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: nginx-service annotations: getambassador.io/config: | --- apiVersion: ambassador/v1 kind: Mapping name: ngnix_mapping prefix: / service: nginx-service:80 --- apiVersion: ambassador/v1 kind: Mapping name: nginx-backend_mapping prefix: /backend/ service: nginx-service:80 labels: ambassador: - request_label: - nginx spec: ports: - name: nginx port: 80 targetPort: 80 protocol: TCP selector: name: nginx
4, 測試tomcat跳轉(request_label實際上是在service多個port中來做過濾選擇的)
--- apiVersion: apps/v1 kind: Deployment metadata: name: tomcat-deploy spec: replicas: 2 selector: matchLabels: app: tomcat-deploy template: metadata: labels: app: tomcat-deploy spec: containers: - name: tomcat image: harbor.xxx.com.cn/official_hub/tomcat:8.5.23.0 imagePullPolicy: IfNotPresent ports: - containerPort: 8080 --- apiVersion: v1 kind: Service metadata: name: tomcat-svc annotations: getambassador.io/config: | --- apiVersion: ambassador/v1 kind: Mapping name: tomcat_mapping prefix: /tomcat-svc service: tomcat-svc.default:8080 --- apiVersion: ambassador/v1 kind: Mapping name: tomcat-backend_mapping prefix: /tomcat/ service: tomcat-svc.default:8080 labels: ambassador: - request_label: - tomcat spec: ports: - name: tomcat port: 8080 targetPort: 8080 selector: app: tomcat-deploy
5, 驗證
根據幾節的內容,分別訪問以下幾個url,檢測其生效。
http://3.2.10.1:xxxx/ambassador/v0/diag/ http://3.2.10.1:30080/backend/hello.html http://3.2.10.1:30080/tomcat/
四,ambassador性能監控
1, zipkin做api調用性能分析
參考url:https://www.getambassador.io/user-guide/tracing-tutorial
--- apiVersion: v1 kind: Service metadata: name: zipkin annotations: getambassador.io/config: | --- apiVersion: ambassador/v1 kind: TracingService name: tracing service: zipkin:9411 driver: zipkin spec: selector: app: zipkin ports: - port: 9411 name: http targetPort: http nodePort: 32764 type: NodePort --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: zipkin spec: replicas: 1 strategy: type: RollingUpdate template: metadata: labels: app: zipkin spec: containers: - name: zipkin image: harbor.xxx.com.cn/3rd_part/openzipkin/zipkin:2.16 imagePullPolicy: IfNotPresent ports: - name: http containerPort: 9411
http://3.3.10.5:xxx/zipkin
2, Prometheus,grafana做api的性能展現
參考URL:https://www.getambassador.io/user-guide/monitoring
【這是基於prometheus operator安裝的,可能要和如今整合】