Ingress Traffic

- By: Thomas Jungbauer ( Lastmod: 2021-08-14 ) - 2 min read

Part 3 of tutorial series OpenShift 4 and Service Mesh will show you how to create a Gateway and a VirtualService, so external traffic actually reaches your Mesh. It also provides an example script to run some curl in a loop.

Configure Gateway and VirtualService Example

With the microservices deployed during Issue #2, it makes sense to test the access somehow. In order to bring traffic into the application a Gateway object and a VirtualService object must be created.

The Gateway will be the entry point which forward the traffic to the istio ingressgateway

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: ingress-gateway-exampleapp
spec:
  selector:
    istio: ingressgateway # use istio default controller
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "*"

As 2nd object a VirtualService must be created:

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: ingress-gateway-exampleapp
spec:
  hosts:
  - "*"
  gateways:
  - ingress-gateway-exampleapp
  http:
  - match:
    - uri:
        exact: /
    route:
    - destination:
        host: customer
        port:
          number: 8080

Get all istio-io related objects of your project. These objects represent the network objects of Service Mesh, like Gateway, VirtualService and DestinationRule (explained later)

oc get istio-io -n tutorial
NAME                                                 HOST             AGE
destinationrule.networking.istio.io/recommendation   recommendation   3d21h

NAME                                          AGE
gateway.networking.istio.io/ingress-gateway   4d15h

NAME                                                 GATEWAYS            HOSTS              AGE
virtualservice.networking.istio.io/ingress-gateway   [ingress-gateway]   [*]        4d15h

Create some example traffic

Before we start, lets fetch the default route of our Service Mesh:

export GATEWAY_URL=$(oc -n istio-system get route istio-ingressgateway -o jsonpath='{.spec.host}')

This should return: istio-ingressgateway-istio-system.apps.<clustername>

Now, let’s create a shell script to run some curl commands in a loop and can be easily reused for other scenarios:

#!/bin/bash

numberOfRequests=$1
host2check=$2

if [ $# -eq 0 ]; then
    echo "better define: <script> #ofrequests hostname2check"
    echo "Example: run.sh 100 hello.com"
	let "numberOfRequests=100"
else
	let "i = 0"
	while [ $i -lt $numberOfRequests ]; do
	  echo -n "# $i: "; curl $2
	  let "i=$((i + 1))"
	done
fi

Run the script and check the output:

sh run-check.sh 1000 $GATEWAY_URL

This will send 1000 requests to our application:

# 0: customer => preference => recommendation v1 from 'f11b097f1dd0': 3622
# 1: customer => preference => recommendation v1 from 'f11b097f1dd0': 3623
# 2: customer => preference => recommendation v1 from 'f11b097f1dd0': 3624
# 3: customer => preference => recommendation v1 from 'f11b097f1dd0': 3625
# 4: customer => preference => recommendation v1 from 'f11b097f1dd0': 3626
# 5: customer => preference => recommendation v1 from 'f11b097f1dd0': 3627
...

Verify in Kiali

To verify in Kiali our application, open the URL in your browser and login using your OpenShift credentials.

If you do not know the URL for Kiali, execute the following command
oc get route kiali -n istio-system

Switch the the Graph view and you should see the following picture:

Kiali Example 1
Figure 1. Kiali Graph

Copyright © 2020 - 2023 Toni Schmidbauer & Thomas Jungbauer

Built with Hugo Learn Theme and Hugo