Last active
October 20, 2020 17:15
-
-
Save xeviknal/e92a2a9fb1cdd0af20002f2c3673d355 to your computer and use it in GitHub Desktop.
Istio Debug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SERVICE FQDN PORT SUBSET DIRECTION TYPE DESTINATION RULE | |
BlackHoleCluster - - - STATIC | |
InboundPassthroughClusterIpv4 - - - ORIGINAL_DST | |
PassthroughCluster - - - ORIGINAL_DST | |
agent - - - STATIC | |
details.bookinfo.svc.cluster.local 9080 - outbound EDS details.bookinfo | |
details.bookinfo.svc.cluster.local 9080 v1 outbound EDS details.bookinfo | |
details.bookinfo.svc.cluster.local 9080 v2 outbound EDS details.bookinfo | |
grafana.istio-system.svc.cluster.local 3000 - outbound EDS | |
ingress-nginx-controller-admission.kube-system.svc.cluster.local 443 - outbound EDS | |
istio-egressgateway.istio-system.svc.cluster.local 80 - outbound EDS | |
istio-egressgateway.istio-system.svc.cluster.local 443 - outbound EDS | |
istio-egressgateway.istio-system.svc.cluster.local 15443 - outbound EDS | |
istio-ingressgateway.istio-system.svc.cluster.local 80 - outbound EDS | |
istio-ingressgateway.istio-system.svc.cluster.local 443 - outbound EDS | |
istio-ingressgateway.istio-system.svc.cluster.local 15021 - outbound EDS | |
istio-ingressgateway.istio-system.svc.cluster.local 15443 - outbound EDS | |
istio-ingressgateway.istio-system.svc.cluster.local 31400 - outbound EDS | |
istiod.istio-system.svc.cluster.local 443 - outbound EDS | |
istiod.istio-system.svc.cluster.local 853 - outbound EDS | |
istiod.istio-system.svc.cluster.local 15010 - outbound EDS | |
istiod.istio-system.svc.cluster.local 15012 - outbound EDS | |
istiod.istio-system.svc.cluster.local 15014 - outbound EDS | |
kiali-operator-metrics.kiali-operator.svc.cluster.local 8383 - outbound EDS | |
kiali-operator-metrics.kiali-operator.svc.cluster.local 8686 - outbound EDS | |
kiali.istio-system.svc.cluster.local 9090 - outbound EDS | |
kiali.istio-system.svc.cluster.local 20001 - outbound EDS | |
kube-dns.kube-system.svc.cluster.local 53 - outbound EDS | |
kube-dns.kube-system.svc.cluster.local 9153 - outbound EDS | |
kubernetes.default.svc.cluster.local 443 - outbound EDS | |
mongodb.bookinfo.svc.cluster.local 27017 - outbound EDS | |
productpage.bookinfo.svc.cluster.local 9080 - outbound EDS productpage.bookinfo | |
productpage.bookinfo.svc.cluster.local 9080 http inbound STATIC | |
productpage.bookinfo.svc.cluster.local 9080 v1 outbound EDS productpage.bookinfo | |
prometheus.istio-system.svc.cluster.local 9090 - outbound EDS | |
prometheus_stats - - - STATIC | |
ratings.bookinfo.svc.cluster.local 9080 - outbound EDS ratings.bookinfo | |
ratings.bookinfo.svc.cluster.local 9080 v1 outbound EDS ratings.bookinfo | |
ratings.bookinfo.svc.cluster.local 9080 v2 outbound EDS ratings.bookinfo | |
ratings.bookinfo.svc.cluster.local 9080 v2-mysql outbound EDS ratings.bookinfo | |
ratings.bookinfo.svc.cluster.local 9080 v2-mysql-vm outbound EDS ratings.bookinfo | |
registry.kube-system.svc.cluster.local 80 - outbound EDS | |
registry.kube-system.svc.cluster.local 443 - outbound EDS | |
reviews.bookinfo.svc.cluster.local 9080 - outbound EDS reviews.bookinfo | |
reviews.bookinfo.svc.cluster.local 9080 v1 outbound EDS reviews.bookinfo | |
reviews.bookinfo.svc.cluster.local 9080 v2 outbound EDS reviews.bookinfo | |
reviews.bookinfo.svc.cluster.local 9080 v3 outbound EDS reviews.bookinfo | |
sds-grpc - - - STATIC | |
tracing.istio-system.svc.cluster.local 80 - outbound EDS | |
xds-grpc - - - STRICT_DNS | |
zipkin - - - STRICT_DNS | |
zipkin.istio-system.svc.cluster.local 9411 - outbound EDS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ADDRESS PORT MATCH DESTINATION | |
10.96.0.10 53 ALL Cluster: outbound|53||kube-dns.kube-system.svc.cluster.local | |
0.0.0.0 80 App: HTTP Route: 80 | |
0.0.0.0 80 ALL PassthroughCluster | |
10.100.100.96 443 ALL Cluster: outbound|443||ingress-nginx-controller-admission.kube-system.svc.cluster.local | |
10.100.126.176 443 ALL Cluster: outbound|443||istiod.istio-system.svc.cluster.local | |
10.103.23.133 443 ALL Cluster: outbound|443||istio-ingressgateway.istio-system.svc.cluster.local | |
10.104.193.236 443 ALL Cluster: outbound|443||registry.kube-system.svc.cluster.local | |
10.96.0.1 443 ALL Cluster: outbound|443||kubernetes.default.svc.cluster.local | |
10.97.60.217 443 ALL Cluster: outbound|443||istio-egressgateway.istio-system.svc.cluster.local | |
10.100.126.176 853 App: HTTP Route: istiod.istio-system.svc.cluster.local:853 | |
10.100.126.176 853 ALL Cluster: outbound|853||istiod.istio-system.svc.cluster.local | |
10.96.46.137 3000 App: HTTP Route: grafana.istio-system.svc.cluster.local:3000 | |
10.96.46.137 3000 ALL Cluster: outbound|3000||grafana.istio-system.svc.cluster.local | |
0.0.0.0 8383 App: HTTP Route: 8383 | |
0.0.0.0 8383 ALL PassthroughCluster | |
10.96.37.127 8686 App: HTTP Route: kiali-operator-metrics.kiali-operator.svc.cluster.local:8686 | |
10.96.37.127 8686 ALL Cluster: outbound|8686||kiali-operator-metrics.kiali-operator.svc.cluster.local | |
0.0.0.0 9080 App: HTTP Route: 9080 | |
0.0.0.0 9080 ALL PassthroughCluster | |
0.0.0.0 9090 App: HTTP Route: 9090 | |
0.0.0.0 9090 ALL PassthroughCluster | |
10.96.0.10 9153 App: HTTP Route: kube-dns.kube-system.svc.cluster.local:9153 | |
10.96.0.10 9153 ALL Cluster: outbound|9153||kube-dns.kube-system.svc.cluster.local | |
0.0.0.0 9411 App: HTTP Route: 9411 | |
0.0.0.0 9411 ALL PassthroughCluster | |
0.0.0.0 15001 ALL PassthroughCluster | |
0.0.0.0 15006 Trans: tls; App: HTTP TLS; Addr: 0.0.0.0/0 Inline Route: /* | |
0.0.0.0 15006 App: HTTP; Addr: 0.0.0.0/0 Inline Route: /* | |
0.0.0.0 15006 App: Istio HTTP Plain Inline Route: /* | |
0.0.0.0 15006 ALL Inline Route: /* | |
0.0.0.0 15006 Trans: tls; App: TCP TLS; Addr: 0.0.0.0/0 InboundPassthroughClusterIpv4 | |
0.0.0.0 15006 Addr: 0.0.0.0/0 InboundPassthroughClusterIpv4 | |
0.0.0.0 15010 App: HTTP Route: 15010 | |
0.0.0.0 15010 ALL PassthroughCluster | |
10.100.126.176 15012 ALL Cluster: outbound|15012||istiod.istio-system.svc.cluster.local | |
0.0.0.0 15014 App: HTTP Route: 15014 | |
0.0.0.0 15014 ALL PassthroughCluster | |
0.0.0.0 15021 ALL Non-HTTP/Non-TCP | |
10.103.23.133 15021 App: HTTP Route: istio-ingressgateway.istio-system.svc.cluster.local:15021 | |
10.103.23.133 15021 ALL Cluster: outbound|15021||istio-ingressgateway.istio-system.svc.cluster.local | |
0.0.0.0 15090 ALL Non-HTTP/Non-TCP | |
10.103.23.133 15443 ALL Cluster: outbound|15443||istio-ingressgateway.istio-system.svc.cluster.local | |
10.97.60.217 15443 ALL Cluster: outbound|15443||istio-egressgateway.istio-system.svc.cluster.local | |
0.0.0.0 20001 App: HTTP Route: 20001 | |
0.0.0.0 20001 ALL PassthroughCluster | |
10.99.252.155 27017 ALL Cluster: outbound|27017||mongodb.bookinfo.svc.cluster.local | |
10.103.23.133 31400 ALL Cluster: outbound|31400||istio-ingressgateway.istio-system.svc.cluster.local |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"name": "virtualOutbound", | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 15001 | |
} | |
}, | |
"filterChains": [ | |
{ | |
"filters": [ | |
{ | |
"name": "istio.stats", | |
"typedConfig": { | |
"@type": "type.googleapis.com/udpa.type.v1.TypedStruct", | |
"typeUrl": "type.googleapis.com/envoy.extensions.filters.network.wasm.v3.Wasm", | |
"value": { | |
"config": { | |
"configuration": { | |
"@type": "type.googleapis.com/google.protobuf.StringValue", | |
"value": "{\n \"debug\": \"false\",\n \"stat_prefix\": \"istio\"\n}\n" | |
}, | |
"root_id": "stats_outbound", | |
"vm_config": { | |
"code": { | |
"local": { | |
"inline_string": "envoy.wasm.stats" | |
} | |
}, | |
"runtime": "envoy.wasm.runtime.null", | |
"vm_id": "tcp_stats_outbound" | |
} | |
} | |
} | |
} | |
}, | |
{ | |
"name": "envoy.filters.network.tcp_proxy", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy", | |
"statPrefix": "PassthroughCluster", | |
"cluster": "PassthroughCluster", | |
"accessLog": [ | |
{ | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"path": "/dev/stdout", | |
"format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% \"%DYNAMIC_METADATA(istio.mixer:status)%\" \"%UPSTREAM_TRANSPORT_FAILURE_REASON%\" %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" %UPSTREAM_CLUSTER% %UPSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_REMOTE_ADDRESS% %REQUESTED_SERVER_NAME% %ROUTE_NAME%\n" | |
} | |
} | |
] | |
} | |
} | |
], | |
"name": "virtualOutbound-catchall-tcp" | |
} | |
], | |
"trafficDirection": "OUTBOUND", | |
"hiddenEnvoyDeprecatedUseOriginalDst": true | |
} | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"name": "9080", | |
"virtualHosts": [ | |
{ | |
"name": "allow_any", | |
"domains": [ | |
"*" | |
], | |
"routes": [ | |
{ | |
"name": "allow_any", | |
"match": { | |
"prefix": "/" | |
}, | |
"route": { | |
"cluster": "PassthroughCluster", | |
"timeout": "0s", | |
"maxGrpcTimeout": "0s" | |
} | |
} | |
], | |
"includeRequestAttemptCount": true | |
}, | |
{ | |
"name": "details.bookinfo.svc.cluster.local:9080", | |
"domains": [ | |
"details.bookinfo.svc.cluster.local", | |
"details.bookinfo.svc.cluster.local:9080", | |
"details", | |
"details:9080", | |
"details.bookinfo.svc.cluster", | |
"details.bookinfo.svc.cluster:9080", | |
"details.bookinfo.svc", | |
"details.bookinfo.svc:9080", | |
"details.bookinfo", | |
"details.bookinfo:9080", | |
"10.108.110.202", | |
"10.108.110.202:9080" | |
], | |
"routes": [ | |
{ | |
"name": "default", | |
"match": { | |
"prefix": "/" | |
}, | |
"route": { | |
"cluster": "outbound|9080||details.bookinfo.svc.cluster.local", | |
"timeout": "0s", | |
"retryPolicy": { | |
"retryOn": "connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes", | |
"numRetries": 2, | |
"retryHostPredicate": [ | |
{ | |
"name": "envoy.retry_host_predicates.previous_hosts" | |
} | |
], | |
"hostSelectionRetryMaxAttempts": "5", | |
"retriableStatusCodes": [ | |
503 | |
] | |
}, | |
"maxGrpcTimeout": "0s" | |
}, | |
"decorator": { | |
"operation": "details.bookinfo.svc.cluster.local:9080/*" | |
} | |
} | |
], | |
"includeRequestAttemptCount": true | |
}, | |
{ | |
"name": "productpage.bookinfo.svc.cluster.local:9080", | |
"domains": [ | |
"productpage.bookinfo.svc.cluster.local", | |
"productpage.bookinfo.svc.cluster.local:9080", | |
"productpage", | |
"productpage:9080", | |
"productpage.bookinfo.svc.cluster", | |
"productpage.bookinfo.svc.cluster:9080", | |
"productpage.bookinfo.svc", | |
"productpage.bookinfo.svc:9080", | |
"productpage.bookinfo", | |
"productpage.bookinfo:9080", | |
"10.108.225.70", | |
"10.108.225.70:9080" | |
], | |
"routes": [ | |
{ | |
"name": "default", | |
"match": { | |
"prefix": "/" | |
}, | |
"route": { | |
"cluster": "outbound|9080||productpage.bookinfo.svc.cluster.local", | |
"timeout": "0s", | |
"retryPolicy": { | |
"retryOn": "connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes", | |
"numRetries": 2, | |
"retryHostPredicate": [ | |
{ | |
"name": "envoy.retry_host_predicates.previous_hosts" | |
} | |
], | |
"hostSelectionRetryMaxAttempts": "5", | |
"retriableStatusCodes": [ | |
503 | |
] | |
}, | |
"maxGrpcTimeout": "0s" | |
}, | |
"decorator": { | |
"operation": "productpage.bookinfo.svc.cluster.local:9080/*" | |
} | |
} | |
], | |
"includeRequestAttemptCount": true | |
}, | |
{ | |
"name": "ratings.bookinfo.svc.cluster.local:9080", | |
"domains": [ | |
"ratings.bookinfo.svc.cluster.local", | |
"ratings.bookinfo.svc.cluster.local:9080", | |
"ratings", | |
"ratings:9080", | |
"ratings.bookinfo.svc.cluster", | |
"ratings.bookinfo.svc.cluster:9080", | |
"ratings.bookinfo.svc", | |
"ratings.bookinfo.svc:9080", | |
"ratings.bookinfo", | |
"ratings.bookinfo:9080", | |
"10.102.78.183", | |
"10.102.78.183:9080" | |
], | |
"routes": [ | |
{ | |
"name": "default", | |
"match": { | |
"prefix": "/" | |
}, | |
"route": { | |
"cluster": "outbound|9080||ratings.bookinfo.svc.cluster.local", | |
"timeout": "0s", | |
"retryPolicy": { | |
"retryOn": "connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes", | |
"numRetries": 2, | |
"retryHostPredicate": [ | |
{ | |
"name": "envoy.retry_host_predicates.previous_hosts" | |
} | |
], | |
"hostSelectionRetryMaxAttempts": "5", | |
"retriableStatusCodes": [ | |
503 | |
] | |
}, | |
"maxGrpcTimeout": "0s" | |
}, | |
"decorator": { | |
"operation": "ratings.bookinfo.svc.cluster.local:9080/*" | |
} | |
} | |
], | |
"includeRequestAttemptCount": true | |
}, | |
{ | |
"name": "reviews.bookinfo.svc.cluster.local:9080", | |
"domains": [ | |
"reviews.bookinfo.svc.cluster.local", | |
"reviews.bookinfo.svc.cluster.local:9080", | |
"reviews", | |
"reviews:9080", | |
"reviews.bookinfo.svc.cluster", | |
"reviews.bookinfo.svc.cluster:9080", | |
"reviews.bookinfo.svc", | |
"reviews.bookinfo.svc:9080", | |
"reviews.bookinfo", | |
"reviews.bookinfo:9080", | |
"10.98.197.30", | |
"10.98.197.30:9080" | |
], | |
"routes": [ | |
{ | |
"match": { | |
"prefix": "/" | |
}, | |
"route": { | |
"weightedClusters": { | |
"clusters": [ | |
{ | |
"name": "outbound|9080|v1|reviews.bookinfo.svc.cluster.local", | |
"weight": 50 | |
}, | |
{ | |
"name": "outbound|9080|v3|reviews.bookinfo.svc.cluster.local", | |
"weight": 50 | |
} | |
] | |
}, | |
"timeout": "0s", | |
"retryPolicy": { | |
"retryOn": "connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes", | |
"numRetries": 2, | |
"retryHostPredicate": [ | |
{ | |
"name": "envoy.retry_host_predicates.previous_hosts" | |
} | |
], | |
"hostSelectionRetryMaxAttempts": "5", | |
"retriableStatusCodes": [ | |
503 | |
] | |
}, | |
"maxGrpcTimeout": "0s" | |
}, | |
"metadata": { | |
"filterMetadata": { | |
"istio": { | |
"config": "/apis/networking.istio.io/v1alpha3/namespaces/bookinfo/virtual-service/reviews" | |
} | |
} | |
}, | |
"decorator": { | |
"operation": "reviews:9080/*" | |
} | |
} | |
], | |
"includeRequestAttemptCount": true | |
} | |
], | |
"validateClusters": false | |
} | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
NOTE: This output only contains routes loaded via RDS. | |
NAME DOMAINS MATCH VIRTUAL SERVICE | |
istio-ingressgateway.istio-system.svc.cluster.local:15021 istio-ingressgateway.istio-system /* | |
20001 kiali.istio-system /* | |
15014 istiod.istio-system /* | |
15010 istiod.istio-system /* | |
8383 kiali-operator-metrics.kiali-operator /* | |
9080 details /* | |
9080 productpage /* | |
9080 ratings /* | |
9080 reviews /* reviews.bookinfo | |
kube-dns.kube-system.svc.cluster.local:9153 kube-dns.kube-system /* | |
grafana.istio-system.svc.cluster.local:3000 grafana.istio-system /* | |
9411 zipkin.istio-system /* | |
80 istio-egressgateway.istio-system /* | |
80 istio-ingressgateway.istio-system /* | |
80 registry.kube-system /* | |
80 reviews.bookinfo.svc.cluster.local /* reviews.bookinfo | |
80 tracing.istio-system /* | |
9090 kiali.istio-system /* | |
9090 prometheus.istio-system /* | |
kiali-operator-metrics.kiali-operator.svc.cluster.local:8686 kiali-operator-metrics.kiali-operator /* | |
istiod.istio-system.svc.cluster.local:853 istiod.istio-system /* | |
inbound|9080|http|productpage.bookinfo.svc.cluster.local * /* | |
* /stats/prometheus* | |
inbound|9080|http|productpage.bookinfo.svc.cluster.local * /* | |
InboundPassthroughClusterIpv4 * /* | |
InboundPassthroughClusterIpv4 * /* | |
* /healthz/ready* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment