Closed danistrebel closed 1 year ago
In the Apigee Envoy extension (for external access) description we list the final call as follows:
curl -i http://"$INGRESS_HOST"/headers -H "x-api-key: $CONSUMER_KEY" \ -H "Host: $TARGET_HOST"
Which I think is IMO unnecessarily leaking the internal host names and adds a cumbersome Host header.
What do you think if we would change the final call to
curl -i http://"$INGRESS_HOST"/httpbin/headers -H "x-api-key: $CONSUMER_KEY"
By adding
/httpbin/
/
Host: httpbin
to the VirtualService resource?
The VirtualService would then look something like this:
cat <<EOF | kubectl apply -n istio-system -f - apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: envoy-adapter-ingress spec: hosts: - "$INGRESS_HOST" gateways: - apigee-gateway http: - match: - uri: prefix: /httpbin/ rewrite: uri: / route: - destination: host: $TARGET_SERVICE_NAME.$TARGET_SERVICE_NAMESPACE.svc.cluster.local port: number: 80 headers: request: add: Host: $TARGET_HOST EOF
last minor detail:
Step 8 is missing a | as it is:
|
cat <<EOF kubectl apply -n $ISTIO_GATEWAY_NS -f -
but should be
cat <<EOF | kubectl apply -n $ISTIO_GATEWAY_NS -f -
Nice and cleaner as per your recommendation.
Created the PR : https://github.com/apigee/devrel/pull/613 addressing the fixes.
In the Apigee Envoy extension (for external access) description we list the final call as follows:
Which I think is IMO unnecessarily leaking the internal host names and adds a cumbersome Host header.
What do you think if we would change the final call to
By adding
/httpbin/
=>/
Host: httpbin
to the VirtualService resource?
The VirtualService would then look something like this:
last minor detail:
Step 8 is missing a
|
as it is:but should be