问题描述
admin:
access_log_path: /dev/stdout
address:
socket_address:
address: 127.0.0.1
port_value: 9901
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 443
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.httpconnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains: ["*"]
routes:
- match:
prefix: "/s1/request/get"
headers:
- name: ":method"
exact_match: "GET"
route:
host_rewrite_literal: service1
cluster: internal_service1
- match:
prefix: "/s1/request/post"
headers:
- name: ":method"
exact_match: "POST"
route:
host_rewrite_literal: service1
cluster: internal_service1
- match:
prefix: "/s2/request/get"
headers:
- name: ":method"
exact_match: "GET"
route:
host_rewrite_literal: service2
cluster: internal_service2
- match:
prefix: "/s2/request/post"
headers:
- name: ":method"
exact_match: "POST"
route:
host_rewrite_literal: service2
cluster: internal_service2
http_filters:
- name: envoy.filters.http.router
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
require_client_certificate: true
common_tls_context:
tls_certificates:
certificate_chain:
filename: /etc/ssl/listener/cert.pem
private_key:
filename: /etc/ssl/listener/key.pem
validation_context:
trusted_ca:
filename: /etc/ssl/cluster/cabundle.pem
clusters:
- name: internal_service1
connect_timeout: 0.25s
type: LOGICAL_DNS
# Comment out the following line to test on v6 networks
dns_lookup_family: V4_ONLY
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: internal_service1
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service1
port_value: 443
tls_context:
allow_renegotiation: true
common_tls_context:
tls_certificates:
certificate_chain:
filename: /etc/ssl/listener/cert.pem
private_key:
filename: /etc/ssl/listener/key.pem
validation_context:
trusted_ca:
filename: /etc/ssl/cluster/cabundle.pem
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
sni: service1
- name: internal_service2
connect_timeout: 0.25s
type: LOGICAL_DNS
# Comment out the following line to test on v6 networks
dns_lookup_family: V4_ONLY
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: internal_service2
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service2
port_value: 443
tls_context:
allow_renegotiation: true
common_tls_context:
tls_certificates:
certificate_chain:
filename: /etc/ssl/listener/cert.pem
private_key:
filename: /etc/ssl/listener/key.pem
validation_context:
trusted_ca:
filename: /etc/ssl/cluster/cabundle.pem
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
sni: service2
登录ash
> export myvar="`cat envoy.yaml`" or
> export myvar="$(cat envoy.yaml)" and
> echo $myvar
未对齐整个文件
admin: access_log_path: /dev/stdout address: socket_address: address: 127.0.0.1 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: address: 0.0.0.0 port_value: 443 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.httpconnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: prefix: "/s1/request/get" headers: - name: ":method" exact_match: "GET" route: host_rewrite_literal: service1 cluster: internal_service1 - match: prefix: "/s1/request/post" headers: - name: ":method" exact_match: "POST" route: host_rewrite_literal: service1 cluster: internal_service1 - match: prefix: "/s2/request/get" headers: - name: ":method" exact_match: "GET" route: host_rewrite_literal: service2 cluster: internal_service2 - match: prefix: "/s2/request/post" headers: - name: ":method" exact_match: "POST" route: host_rewrite_literal: service2 cluster: internal_service2 http_filters: - name: envoy.filters.http.router transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext require_client_certificate: true common_tls_context: tls_certificates: certificate_chain: filename: /etc/ssl/listener/cert.pem private_key: filename: /etc/ssl/listener/key.pem validation_context: trusted_ca: filename: /etc/ssl/cluster/cabundle.pem clusters: - name: internal_service1 connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: internal_service1 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service1 port_value: 443 tls_context: allow_renegotiation: true common_tls_context: tls_certificates: certificate_chain: filename: /etc/ssl/listener/cert.pem private_key: filename: /etc/ssl/listener/key.pem validation_context: trusted_ca: filename: /etc/ssl/cluster/cabundle.pem transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: service1 - name: internal_service2 connect_timeout: 0.25s type: LOGICAL_DNS # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN load_assignment: cluster_name: internal_service2 endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service2 port_value: 443 tls_context: allow_renegotiation: true common_tls_context: tls_certificates: certificate_chain: filename: /etc/ssl/listener/cert.pem private_key: filename: /etc/ssl/listener/key.pem validation_context: trusted_ca: filename: /etc/ssl/cluster/cabundle.pem transport_socket: name: envoy.transport_sockets.tls typed_config: "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext sni: service2
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)