1

I would like to perform path-based dynamic routing to Kubernetes services with support for WebSockets.

For example, this path:

http://10.0.0.1/myport/myservice/foo

should route traffic to service myservice at named port myport (namespace default) with path foo.

I got close to achieving this with Linkerd using the following ConfiMap router entry (using the io.l5d.k8s namer):

routers:
- protocol: http
  dtab: |
    /svc => /#/io.l5d.k8s/default;
  identifier:
    kind: io.l5d.path
    segments: 2
    consume: true

It worked except for that I need WebSocket support which is not available in Linkerd.

I tried NGINX using regular expressions for the location and rewrite rules. This looks something like this:

 location ~ ^/(.*?)/.*$ {
   rewrite ^/(.*?)/(.*)$ /$2 break;
   proxy_pass http://$upstream:$1;

This worked except for that NGINX does not route to services that were created after NGINX was started. I'm not sure whether this is related to DNS caching issues in nginx or to support for SRV DNS records. This scenario should work in NGINX Plus but I must rely on open source software only.

Any ideas which reverse proxy / service mesh supports dynamic routing to K8s service:port as well as WebSockets?

Edit Can this be done with Istio? It seems that one must specify a hard-coded destination in the Istio routing configuration. I can specify a regex on the source (request) but cannot use regex capture groups to specify the destination.

Perspectivus
  • 972
  • 1
  • 9
  • 22
  • Have you specified a resolver? See [this link](http://nginx.org/en/docs/http/ngx_http_core_module.html#resolver) – Richard Smith Aug 13 '17 at 16:37
  • Thanks for the response. I tried specifying a resolver (the same one that's in the resolv.conf file). It didn't help. I'll try playing around with the valid=s option to invalidate the DNS cache, but the behavior I observed with NGINX is that new kube-dns entries are not found (not that old ones are remembered). Another issue with NGINX is that it does not support SRV records, which makes it impossible to work with named ports in K8s... – Perspectivus Aug 13 '17 at 18:19

1 Answers1

0

There is no support for dynamically creating destinations based on regex capture groups. You need to define a routing rule per destination.

Tautology
  • 385
  • 2
  • 9
  • Thanks @Tautology. I'm guessing you're referring to Istio's routing capabilities. I'm looking for any solution that would dynamically route to K8s services + provide WebSocket support. – Perspectivus Aug 15 '17 at 12:53
  • @Perspectivus did you ever find a solution or viable workaround for this issue? I'm struggling to do the same thing. (dynamic kubernetes routing using a reverse proxy) – Winston RIley Aug 30 '18 at 00:32