我正在关注 istio 1.6 documentation example。

我已经部署了一个 ServiceEntry：

apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
Metadata:
  name: cnn
spec:
  hosts:
  - edition.cnn.com
  ports:
  - number: 80
    name: http-port
    protocol: HTTP
  - number: 443
    name: https
    protocol: HTTPS
  resolution: DNS

网关和目的地规则：

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
Metadata:
  name: istio-egressgateway
spec:
  selector:
    istio: egressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - edition.cnn.com
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
Metadata:
  name: egressgateway-for-cnn
spec:
  host: istio-egressgateway.istio-system.svc.cluster.local
  subsets:
  - name: cnn

和虚拟服务：

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
Metadata:
  name: direct-cnn-through-egress-gateway
spec:
  hosts:
  - edition.cnn.com
  gateways:
  - istio-egressgateway
  - mesh
  http:
  - match:
    - gateways:
      - mesh
      port: 80
    route:
    - destination:
        host: istio-egressgateway.istio-system.svc.cluster.local
        subset: cnn
        port:
          number: 80
      weight: 100
  - match:
    - gateways:
      - istio-egressgateway
      port: 80
    route:
    - destination:
        host: edition.cnn.com
        port:
          number: 80
      weight: 100

一切都像教程中的那样，然后我跑了：

 kubectl exec -it $SOURCE_POD -c sleep -- curl -sL -o /dev/null -D - http://edition.cnn.com/politics

但是，在第 6 步中：

Check the log of the istio-egressgateway pod for a line corresponding to our request. If Istio is deployed in the istio-system namespace,the command to print the log is:

$ kubectl logs -l istio=egressgateway -c istio-proxy -n istio-system | tail

You should see a line similar to the following:

[2019-09-03T20:57:49.103Z] "GET /politics HTTP/2" 301 - "-" "-" 0 0 90 89 "10.244.2.10" "curl/7.64.0" "ea379962-9b5c-4431-ab66-f01994f5a5a5" "edition.cnn.com" "151.101.65.67:80" outbound|80||edition.cnn.com - 10.244.1.5:80 10.244.2.10:50482 edition.cnn.com -

我在日志中看不到任何内容，看起来流量没有通过 egressgateway。我做错了什么，我基本上遵循与教程相同的步骤

解决方法

istioctl install --set profile=demo --set meshConfig.accessLogFile="/dev/stdout"

kubectl exec -it $SOURCE_POD -c sleep -- curl -sL -o /dev/null -D - https://edition.cnn.com/politics

kubectl logs -l istio=egressgateway -n istio-system

...
[2021-05-14T05:51:41.940Z] "GET /politics HTTP/2" 301 - "-" "-" 0 0 23 22 "10.4.2.6" "curl/7.69.1" "fc2903d6-904c-91ce-bfde-24f395db67eb" "edition.cnn.com" "151.101.65.67:80" outbound|80||edition.cnn.com 10.4.0.10:57078 10.4.0.10:8080 10.4.2.6:36238 - -