Routes and traffic management

Note: This section describes the routing rules of ingress gateways. To configure routing rules for in-mesh services, see Routing.

One of the main reasons to use Istio gateways instead of native Kubernetes ingress is that you can use VirtualServices to configure the routing of incoming traffic, just like for in-mesh routes. You can apply Istio concepts to incoming requests, like redirects, rewrites, timeouts, retries, or fault injection.

Service Mesh Manager displays routes and their related configuration on the Gateways page, and gives you the ability to configure routing. Service Mesh Manager translates the inputs to Istio CRs (mainly VirtualServices), then validates and applies them to the cluster.

The MENU > GATEWAYS > <Gateway-to-inspect> > ROUTES page displays the following information about the routes of the gateway.

VIRTUAL SERVICE: The name of the VirtualService resource for the gateway. To display the YAML configuration of the VirtualService, click the icon next to its name.
GATEWAYS: The names of gateways and sidecars that apply these routes.
HOSTS: The host selector that determines which hosts are accessible using the route.
MATCH: The route applies only to requests matching this expression.
DESTINATION: The destinations of the routing rule.
ACTIONS: Any special action related to the route (for example, rewrite).
PROTOCOL: The protocol permitted in the route.

To modify an existing route, click .
To delete a route, click .
To create a new route, click CREATE NEW.

Routing rule precedence

Note the following points about how Service Mesh Manager evaluates the routing rules:

Rules are evaluated in top-down order.
Rules that match on any traffic are always the last to help avoid rule shadowing.
Changing the order of rules is not supported in Service Mesh Manager.

When you specify multiple MATCH arguments, they have a logical OR relationship: the rule matches any request that fits one of the match rules. Within a match rule, you can specify multiple rules that have an AND relation. That way you can match requests against a specific URL and an HTTP method, for example.

Create a new route

To create a new route on the gateway, or to apply redirects, rewrites, or other changes to the incoming requests, complete the following steps.

Note: Rules are evaluated in top-down order. For more details, see Rule precedence.

Navigate to MENU > GATEWAYS > <Gateway-to-modify> > ROUTES.
Click CREATE NEW.
Select the gateways that should apply this rule in the GATEWAYS field.
By default, the new rule matches every incoming request. Click ADD CUSTOM MATCH to select only specific traffic for the rule based on scheme, method, URI, host, port, or authority.

When you specify multiple MATCH arguments, they have a logical OR relationship: the rule matches any request that fits one of the match rules. Within a match rule, you can specify multiple rules that have an AND relation. That way you can match requests against a specific URL and an HTTP method, for example.

For example, the following rule matches GET requests, and PUT requests received on port 8080.
Set the action you want to execute on the matching requests.
- You can Route the requests to a specific service. To route a portion of the traffic to a different destination, select ADD DESTINATION and use the WEIGHT parameter to split the traffic between multiple destination services.
  
  Note: If you want to mirror the traffic (that is, send the same requests to multiple destinations), see Mirroring.
- Alternatively, you can Redirect the traffic to a specific URI. Redirect rules overwrite the Path portion of the URL with this value. Note that the entire path is replaced, irrespective of the request URI being matched as an exact path or prefix. To overwrite the Authority/Host portion of the URL, set the AUTHORITY FIELD as well.
Set TIMEOUT and RETRY options as needed for your environment.
Click Apply. The new rule appears on the ROUTES tab.

You can later edit or delete the routing rule by clicking the or icons, respectively.