Re-route traffic using Istio Service Entry
If you are accessing external services from your application code, you may already have those external urls in some config files or may be added those as ConfigMaps to add further flexibility for modifying them in Kubernetes. However, If you change the config files, environment variables or ConfigMaps most likely you need to redeploy or restart the deployments to take effect those changes. What If , you really don't want to restart deployment but still need to change the endpoint from one host to another or change the IP/Port or both from one to another?
Well, Istio has an answer for this with Istio Service Entry.
Answer is "DNS resolution within the Istio proxy is orthogonal to DNS resolution in a user application. Even when the client does DNS resolution, the proxy may ignore the resolved IP address and use its own, which could be from a static list of IPs or by doing its own DNS resolution (potentially of the same hostname or a different one)."
This may become handy when you want to test in different staging environments by changing the destination IP/Port without any restarts to your application and even delegate this to test team so they can be independent.
Below is how the service entry yaml looks like,
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: serviceentry-redirect
spec:
addresses:
- 0.0.0.200
endpoints:
- address: 0.0.0.300 # new IP we wont traffic routed to.
hosts:
- hostconfigured-in-my-clientapp.com
location: MESH_EXTERNAL
ports:
- name: tls
number: 9200
protocol: TLS
targetPort: 9300 # new Port number we wont traffic routed to.
resolution: STATICPoints to note that this - hostconfigured-in-my-clientapp.com (which DNS resolved to IP 0.0.0.200) Is the external url configured in the config file or the ConfigMap and 0.0.0.300 Is the IP and 9300 Is the port we need traffic routed to instead those original IP/Port .
Essentially, With this way you can arbitrarily re-route an HTTP request to an external url.
Further reading:
4 minute read