Envoy xDS

xDS的订阅方式：

1、基于文件系统，监控在本地文件系统上的文件的变动，使用linux 的 inotify 机制。

2、基于REST API 的订阅，需要MS server，轮询的方式。

2、基于gRPC的订阅，需要MS server，基于HTTP2协议，打开双向的流通道，双方实现多次的交互操作。

基于文件inotify机制的方式：

node:
  id: envoy_001
  cluster: testcluster

admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }

static_resources:
  listeners:
  - name: listener_http
    address:
      socket_address: { address: 0.0.0.0, port_value: 80 }
    filter_chains:
    - filters:
      - name: envoy.http_connection_manager
        config:
          stat_prefix: egress_http
          codec_type: AUTO
          route_config:
            name: test_route
            virtual_hosts:
            - name: web_service_1
              domains: ["*"]
              routes:
              - match: { prefix: "/" }
                route: { cluster: webcluster1 }
          http_filters:
          - name: envoy.router

  clusters:
  - name: webcluster1
    connect_timeout: 0.25s
    type: EDS
    lb_policy: ROUND_ROBIN
    eds_cluster_config:
      service_name: webcluster1
      eds_config:
        path: '/etc/envoy/eds.conf'

基于REST方式：需要一个eds服务

node:
  id: envoy_001
  cluster: mycluster

admin:
  access_log_path: "/tmp/admin_access.log"
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }

static_resources:
  listeners:
  - name: listener_http
    address: 
      socket_address: { address: 0.0.0.0, port_value: 80 }
    filter_chains:
    - filters:
      - name: envoy.http_connection_manager
        config:
          stat_prefix: egress_http
          codec_type: AUTO
          route_config:
            name: test_route
            virtual_hosts:
            - name: web_service_1
              domains: ["*"]
              routes:
              - match: { prefix: "/" }
                route: { cluster: webcluster1 }
          http_filters:
          - name: envoy.router

  clusters:
  - name: webcluster1
    type: EDS
    connect_timeout: 0.25s
    eds_cluster_config: 
      service_name: myservice
      eds_config:
        api_config_source:
          api_type: REST # 支持的类型有REST、GRPC、DELTA、DELTA_GRPC
          cluster_names: [edscluster] # eds集群的名称，只能和REST一起使用，故障时轮询访问，冗余目的
          refresh_delay: 5s # 轮询时间间隔
          request_timeout: 1s # 请求超时时长

  - name: edscluster
    connect_timeout: 0.25s
    type: STRICT_DNS
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: edscluster
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address: { address: edsserver, port_value: 8080 }

基于GRPC的方式：需要一个xds服务

node:
  id: sidecar-001
  cluster: mycluster

admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }

static_resources:
  listeners:
  - name: listener_http
    address:
      socket_address: { address: 0.0.0.0, port_value: 80 }
    filter_chains:
    - filters:
      - name: envoy.http_connection_manager
        config:
          stat_prefix: egress_http
          codec_type: AUTO
          route_config:
            name: local_route
            virtual_hosts:
            - name: web-service-1
              domains: ["*"]
              routes:
              - match: { prefix: "/" }
                route: { cluster: web-cluster-1 }
          http_filters:
          - name: envoy.router

  clusters:
  - name: web-cluster-1
    connect_timeout: 0.25s
    type: EDS
    lb_policy: ROUND_ROBIN
    eds_cluster_config:
      service_name: web-cluster-1
      eds_config:
        api_config_source:
          api_type: GRPC
          grpc_services:
            envoy_grpc:
              cluster_name: xds_cluster

  - name: xds_cluster
    type: STRICT_DNS
    connect_timeout: 0.25s
    http2_protocol_options: {}
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: xds_cluster
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address: { address: xds-service, port_value: 8081 }

基于GRPC的全局动态配置：

node:
  id: sidecar-002
  cluster: mycluster2

admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address:
      address: 0.0.0.0
      port_value: 9901

dynamic_resources:
  lds_config: 
    api_config_source:
      api_type: GRPC
      grpc_services:
        envoy_grpc:
          cluster_name: xds_cluster
  cds_config:
    api_config_source:
      api_type: GRPC
      grpc_services:
        envoy_grpc:
          cluster_name: xds_cluster

static_resources:
  clusters:
  - name: xds_cluster
    connect_timeout: 10s
    type: STRICT_DNS
    lb_policy: ROUND_ROBIN
    http2_protocol_options: {}
    load_assignment:
      cluster_name: xds_cluster
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address: { address: xds-service, port_value: 8081 }

ADS配置：

node:
  id: <node identifier>
dynamic_resources:
  cds_config: {ads: {}}
  lds_config: {ads: {}}
  ads_config:
    api_type: GRPC
    grpc_services:
      envoy_grpc:
        cluster_name: ads_cluster
static_resources:
  clusters:
  - name: ads_cluster
    connect_timeout: { seconds: 5 }
    type: STATIC
    hosts:
    - socket_address:
        address: <ADS management server IP address>
        port_value: <ADS management server port>
    lb_policy: ROUND_ROBIN
    http2_protocol_options: {}
    upstream_connection_options:
      # configure a TCP keep-alive to detect and reconnect to the admin
      # server in the event of a TCP socket disconnection
      tcp_keepalive:
      ...
admin:
  ...