我的书签
添加书签
移除书签Windows based Front proxy
Setup your sandbox environment with Docker and Docker Compose, and clone the Envoy repository with Git.
To get a flavor of what Envoy has to offer on Windows, we are releasing a sandbox that deploys a front Envoy and a couple of services (simple Flask apps) colocated with a running service Envoy.
The three containers will be deployed inside a virtual network called .
Below you can see a graphic showing the docker compose deployment:
All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the envoymesh network. Port 8080, 8443, and 8001 are exposed by docker compose (see ) to handle HTTP, HTTPS calls to the services and requests to /admin respectively.
Moreover, notice that all traffic routed by the front Envoy to the service containers is actually routed to the service Envoys (routes setup in front-envoy.yaml).
Change to the examples/front-proxy directory.
You can now send a request to both services via the front-envoy.
For service1:
PS> curl -v localhost:8080/service/1* Trying ::1...* TCP_NODELAY set* Trying 127.0.0.1...* TCP_NODELAY set* Connected to localhost (127.0.0.1) port 8080 (#0)> GET /service/1 HTTP/1.1> Host: localhost:8080> User-Agent: curl/7.55.1> Accept: */*>< HTTP/1.1 200 OK< content-type: text/html; charset=utf-8< content-length: 92< server: envoy< date: Wed, 05 May 2021 05:55:55 GMT< x-envoy-upstream-service-time: 18<Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237* Connection #0 to host localhost left intact
For service2:
PS> curl -v localhost:8080/service/2* Trying ::1...* TCP_NODELAY set* Trying 127.0.0.1...* TCP_NODELAY set* Connected to localhost (127.0.0.1) port 8080 (#0)> GET /service/2 HTTP/1.1> Host: localhost:8080> User-Agent: curl/7.55.1> Accept: */*>< HTTP/1.1 200 OK< content-type: text/html; charset=utf-8< content-length: 93< server: envoy< date: Wed, 05 May 2021 05:57:03 GMT< x-envoy-upstream-service-time: 14<Hello from behind Envoy (service 2)! hostname: 51e28eb3c8b8 resolvedhostname: 172.30.109.113* Connection #0 to host localhost left intact
Notice that each request, while sent to the front Envoy, was correctly routed to the respective application.
We can also use HTTPS to call services behind the front Envoy. For example, calling service1:
Now let’s scale up our service1 nodes to demonstrate the load balancing abilities of Envoy:
PS> docker-compose scale service1=3Creating and starting example_service1_2 ... done
Now if we send a request to service1 multiple times, the front Envoy will load balance the requests by doing a round robin of the three service1 machines:
PS> curl -v localhost:8080/service/1* Trying ::1...* Trying 127.0.0.1...* TCP_NODELAY set* Connected to localhost (127.0.0.1) port 8080 (#0)> GET /service/1 HTTP/1.1> Host: localhost:8080> User-Agent: curl/7.55.1> Accept: */*>< HTTP/1.1 200 OK< content-type: text/html; charset=utf-8< content-length: 93< server: envoy< date: Wed, 05 May 2021 05:58:40 GMT< x-envoy-upstream-service-time: 22<Hello from behind Envoy (service 1)! hostname: 8d2359ee21a8 resolvedhostname: 172.30.101.143* Connection #0 to host localhost left intactPS> curl -v localhost:8080/service/1* Trying ::1...* TCP_NODELAY set* Trying 127.0.0.1...* TCP_NODELAY set* Connected to localhost (127.0.0.1) port 8080 (#0)> GET /service/1 HTTP/1.1> Host: localhost:8080> User-Agent: curl/7.55.1> Accept: */*>< HTTP/1.1 200 OK< content-type: text/html; charset=utf-8< content-length: 91< server: envoy< date: Wed, 05 May 2021 05:58:43 GMT< x-envoy-upstream-service-time: 11<Hello from behind Envoy (service 1)! hostname: 41e1141eebf4 resolvedhostname: 172.30.96.11* Connection #0 to host localhost left intactPS> curl -v localhost:8080/service/1* Trying ::1...* TCP_NODELAY set* Trying 127.0.0.1...* TCP_NODELAY set* Connected to localhost (127.0.0.1) port 8080 (#0)> GET /service/1 HTTP/1.1> Host: localhost:8080> User-Agent: curl/7.55.1> Accept: */*>< HTTP/1.1 200 OK< content-type: text/html; charset=utf-8< date: Wed, 05 May 2021 05:58:44 GMT< x-envoy-upstream-service-time: 7<Hello from behind Envoy (service 1)! hostname: 8a45bba91d83 resolvedhostname: 172.30.97.237* Connection #0 to host localhost left intact
When Envoy runs it also attaches an admin to your desired port.
In the example configs the admin listener is bound to port 8001.
We can curl it to gain useful information:
provides information about the Envoy version you are running.
/stats provides statistics about the Envoy server.
In the example we can enter the front-envoy container to query admin:
PS> docker-compose exec front-envoy powershellPS C:\> (curl http://localhost:8003/server_info -UseBasicParsing).Content
{"version": "093e2ffe046313242144d0431f1bb5cf18d82544/1.15.0-dev/Clean/RELEASE/BoringSSL","state": "LIVE","hot_restart_version": "11.104","command_line_options": {"base_id": "0","use_dynamic_base_id": false,"base_id_path": "","concurrency": 8,"config_path": "/etc/front-envoy.yaml","config_yaml": "","allow_unknown_static_fields": false,"reject_unknown_dynamic_fields": false,"ignore_unknown_dynamic_fields": false,"admin_address_path": "","local_address_ip_version": "v4","log_level": "info","component_log_level": "","log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v","log_format_escaped": false,"log_path": "","service_cluster": "front-proxy","service_node": "","service_zone": "","drain_strategy": "Gradual","mode": "Serve","disable_hot_restart": false,"enable_mutex_tracing": false,"restart_epoch": 0,"cpuset_threads": false,"disabled_extensions": [],"bootstrap_version": 0,"hidden_envoy_deprecated_max_stats": "0","hidden_envoy_deprecated_max_obj_name_len": "0","file_flush_interval": "10s","drain_time": "600s","parent_shutdown_time": "900s"},"uptime_current_epoch": "188s","uptime_all_epochs": "188s"
Notice that we can get the number of members of upstream clusters, number of requests fulfilled by them, information about http ingress, and a plethora of other useful stats.
See also
Quick start guide to the Envoy admin interface.
