前言

Istio Service Mesh 要怎麼允許特定Http Header通過Enovy Proxy，又可以用Header 做出怎樣的應用

VirtualService

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: example
spec:
  hosts:
  - "*"
  gateways:
  - example-gateway
  http:
  - match:
    - authority:
         exact: "example.test.com:31380"
    route:
    - destination:
        port:
          number: 80
        host: example-host
    corsPolicy:
      allowHeaders:
      - X-AuthorizationToken
      - X-RefreshToken
      - X-AccessToken

這邊採用VirtualService在http底下新增corePolicy，讓下面三者客製化Header的Key and Value能被Envoy Proxy往後面的服務進行傳遞。

Request Routing use Http Header

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - match:
    - headers:
        end-user:
          exact: jason
    route:
    - destination:
        host: reviews
        subset: v2
  - route:
    - destination:
        host: reviews
        subset: v1

甚至還能在VirtualService設定某些特定Header的Value能做不同的destination allow policy。

結語

在Istio Service Mesh新增Request Routing Rule，已經許多Route Rule都可以不需要額外修改程式，都是依靠Envoy Proxy，對於開發者來說非常的便利。