cloudnativebooks / cloud-native-istio Goto Github PK

View Code? Open in Web Editor NEW

338.0 338.0 140.0 139 KB

华为云原生丛书之《云原生服务网格Istio：原理、实践、架构与源码解析》

License: Apache License 2.0

cloud-native-istio's People

Contributors

Stargazers

Watchers

Forkers

fisherxu arksir zhanghan12 www6v tfy0000 mspromyhaha binlanguage roarain dongzl equalll gdzy1987 isgasho x15zhang eagle9527 inpcs2007 liuc204 liuwanqiang hoseazhai gottaboy 277631272 skhuang1993 suding1188 walkcloud pippo1988 toper2035 dockerwang myicefrog elvistan yancoo kevinsingapore xiaobingchan linkingli chch1970 jansure brynelee passzhang demonhuahua piano-wow baodouok idefav fc277073030 danielqujun akaxb wangzedongvincent videni chris-my aduanyue woyaowoyao qqaimh szbrain merlini0116 usualheart anline5104 rainbowmango hangyejiadao cloudnative-x a1135656335 woniupapa wjd198344 guobingliu hzzhangfan slzcc ghb-1234 zuyanlong qinzhao168 open-classes liugb1029 zcerhub gavinh2016 tiankong88888 tianqiongenze linuful johnson-smith feixiao wmy595265578 421466698 yujin12315 daheige zj4775 zkq5168 dx3039 upupcl jackios guanjiayao danielchen89 ciryu lyw306 zhongliangshan azhu0914 costa92 ydx-coder ht010203 jasonkayzk liulp lhongjum panggl52xiaojuzi kimboqi alan066 yezimai ston1992

cloud-native-istio's Issues

p191有个小错误

图5-1下第4行：
pilot 从Kube-apierver处获取授权配置策略这一句，应该为Kube-apiserver

kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}

这个命令取不到值

我的loadbalance里边是空的

kubectl -n istio-system get service istio-ingressgateway -o json
{
"apiVersion": "v1",
"kind": "Service",
"metadata": {
"creationTimestamp": "2019-11-29T02:39:30Z",
"labels": {
"app": "istio-ingressgateway",
"chart": "gateways",
"heritage": "Tiller",
"istio": "ingressgateway",
"release": "istio"
},
"name": "istio-ingressgateway",
"namespace": "istio-system",
"resourceVersion": "145750",
"selfLink": "/api/v1/namespaces/istio-system/services/istio-ingressgateway",
"uid": "450e4154-d2e2-441f-a8db-6f12ffd7bc41"
},
"spec": {
"clusterIP": "10.111.14.51",
"externalIPs": [
"192.168.100.6"
],
"externalTrafficPolicy": "Cluster",
"ports": [
{
"name": "http2",
"nodePort": 31380,
"port": 80,
"protocol": "TCP",
"targetPort": 80
},
{
"name": "https",
"nodePort": 31390,
"port": 443,
"protocol": "TCP",
"targetPort": 443
},
{
"name": "tcp",
"nodePort": 31400,
"port": 31400,
"protocol": "TCP",
"targetPort": 31400
},
{
"name": "https-kiali",
"nodePort": 31591,
"port": 15029,
"protocol": "TCP",
"targetPort": 15029
},
{
"name": "https-prometheus",
"nodePort": 32176,
"port": 15030,
"protocol": "TCP",
"targetPort": 15030
},
{
"name": "https-grafana",
"nodePort": 32174,
"port": 15031,
"protocol": "TCP",
"targetPort": 15031
},
{
"name": "https-tracing",
"nodePort": 32581,
"port": 15032,
"protocol": "TCP",
"targetPort": 15032
},
{
"name": "tls",
"nodePort": 30986,
"port": 15443,
"protocol": "TCP",
"targetPort": 15443
},
{
"name": "status-port",
"nodePort": 31639,
"port": 15020,
"protocol": "TCP",
"targetPort": 15020
}
],
"selector": {
"app": "istio-ingressgateway",
"istio": "ingressgateway",
"release": "istio"
},
"sessionAffinity": "None",
"type": "LoadBalancer"
},
"status": {
"loadBalancer": {}
}
}

我添加了外部地址，我想请教一下哪位大佬可以说说我是哪里搞错了吗 @fisherxu @idouba @liuhewei

kiali unused nodes

There is currently no graph available for namespace weather. This could either mean there is no service mesh available for this namespace or the service mesh has yet to see request traffic. You can enable 'Unused nodes' to display service mesh nodes that have yet to see any request traffic.

weather-v1.yaml

缺少namespace数据默认是是在default下面

P30: 2.3 Istio的主要组建，代码截图问题

第一行的命令少一个空格：

# kubectl get svc -nistio-system

应为

# kubectl get svc -n istio-system

kiali : VirtualService: frontend-route Not all checks passed!

Could not fetch IstioConfig details, Error: [ gateways.networking.istio.io "weather-gateway" not found ]

P22图连线误导

P22图2-1，所有Envoy都连线到了Mixer，而没有和Pilot的连线，与后续文字描述的（3）服务发现、（4）负载均衡、（5）流量治理、（6）访问安全不对应

实战章节第8章无法跑通

istio 版本 1.2.2
k8s版本15

Name:         weather-gateway
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"networking.istio.io/v1alpha3","kind":"Gateway","metadata":{"annotations":{},"name":"weather-gateway","namespace":"default"}...
API Version:  networking.istio.io/v1alpha3
Kind:         Gateway
Metadata:
  Creation Timestamp:  2019-08-01T10:23:54Z
  Generation:          1
  Resource Version:    377713
  Self Link:           /apis/networking.istio.io/v1alpha3/namespaces/default/gateways/weather-gateway
  UID:                 5e79d0de-58b7-4c41-84c2-f7c2bfd3f747
Spec:
  Selector:
    Istio:  ingressgateway
  Servers:
    Hosts:
      *
    Port:
      Name:      http
      Number:    80
      Protocol:  HTTP
Events:          <none>

Name:         weather-gateway
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"networking.istio.io/v1alpha3","kind":"Gateway","metadata":{"annotations":{},"name":"weather-gateway","namespace":"default"}...
API Version:  networking.istio.io/v1alpha3
Kind:         Gateway
Metadata:
  Creation Timestamp:  2019-08-01T10:23:54Z
  Generation:          1
  Resource Version:    377713
  Self Link:           /apis/networking.istio.io/v1alpha3/namespaces/default/gateways/weather-gateway
  UID:                 5e79d0de-58b7-4c41-84c2-f7c2bfd3f747
Spec:
  Selector:
    Istio:  ingressgateway
  Servers:
    Hosts:
      *
    Port:
      Name:      http
      Number:    80
      Protocol:  HTTP
Events:          <none>
[root@master install]# kubectl describe virtualservices.networking.istio.io
Name:         frontend-route
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"networking.istio.io/v1alpha3","kind":"VirtualService","metadata":{"annotations":{},"name":"frontend-route","namespace":"def...
API Version:  networking.istio.io/v1alpha3
Kind:         VirtualService
Metadata:
  Creation Timestamp:  2019-08-01T10:55:34Z
  Generation:          1
  Resource Version:    380674
  Self Link:           /apis/networking.istio.io/v1alpha3/namespaces/default/virtualservices/frontend-route
  UID:                 ffb83d9d-ad9e-4cf1-9271-e652a29669e0
Spec:
  Gateways:
    weather-gateway
  Hosts:
    *
  Http:
    Match:
      Port:  80
    Route:
      Destination:
        Host:  frontend
        Port:
          Number:  3000
        Subset:    v1
Events:            <none>

从istio-ingress-gateway访问 503

weather项目源码在哪

此网站无法提供安全连接

第8章搭建环境，浏览器（chrome）打开报这个错误：

此网站无法提供安全连接
xxxx 发送的响应无效。
ERR_SSL_PROTOCOL_ERROR

curl 命令是可以正确返回html文件的。猜测是里面的js有安全问题，不允许通过http进行访问？

<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="shortcut icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><meta name="theme-color" content="#000000"/><link rel="manifest" href="/manifest.json"/><title>天气预报</title><link href="/static/css/2.af985d11.chunk.css" rel="stylesheet"><link href="/static/css/main.5a80810e.chunk.css" rel="stylesheet"></head><body style="height:100%;margin:0"><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script>!function(l){function e(e){for(var r,t,n=e[0],o=e[1],u=e[2],f=0,i=[];f<n.length;f++)t=n[f],p[t]&&i.push(p[t][0]),p[t]=0;for(r in o)Object.prototype.hasOwnProperty.call(o,r)&&(l[r]=o[r]);for(s&&s(e);i.length;)i.shift()();return c.push.apply(c,u||[]),a()}function a(){for(var e,r=0;r<c.length;r++){for(var t=c[r],n=!0,o=1;o<t.length;o++){var u=t[o];0!==p[u]&&(n=!1)}n&&(c.splice(r--,1),e=f(f.s=t[0]))}return e}var t={},p={1:0},c=[];function f(e){if(t[e])return t[e].exports;var r=t[e]={i:e,l:!1,exports:{}};return l[e].call(r.exports,r,r.exports,f),r.l=!0,r.exports}f.m=l,f.c=t,f.d=function(e,r,t){f.o(e,r)||Object.defineProperty(e,r,{enumerable:!0,get:t})},f.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},f.t=function(r,e){if(1&e&&(r=f(r)),8&e)return r;if(4&e&&"object"==typeof r&&r&&r.__esModule)return r;var t=Object.create(null);if(f.r(t),Object.defineProperty(t,"default",{enumerable:!0,value:r}),2&e&&"string"!=typeof r)for(var n in r)f.d(t,n,function(e){return r[e]}.bind(null,n));return t},f.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return f.d(r,"a",r),r},f.o=function(e,r){return Object.prototype.hasOwnProperty.call(e,r)},f.p="/";var r=window.webpackJsonp=window.webpackJsonp||[],n=r.push.bind(r);r.push=e,r=r.slice();for(var o=0;o<r.length;o++)e(r[o]);var s=n;a()}([])</script><script src="/static/js/2.2cc554d3.chunk.js"></script><script src="/static/js/main.3cf214ef.chunk.js"></script></body></html>%

P20排版错误

P20，表1-2，倒数第一行，第二列，“KubernetesCRD”少一个空格

P54图拼写错误

P54，图3-19，里面的“south”都拼成了“sourth”

Error fetching Grafana Info., Error: [ Grafana URL is not set in Kiali configuration ]

kiali中一直报这个错

使用ratelimiting.yaml配置进行访问次数限制的时候报错

作者朋友您好，我使用cloud-native-istio/chapter-files/traffic-management/ratelimiting.yaml，配置进行访问次数限制的时候报错，如下：

Error from server: error when creating "ratelimiting.yaml": admission webhook "validation.istio.io" denied the request: unrecognized type memquota
Error from server: error when creating "ratelimiting.yaml": admission webhook "validation.istio.io" denied the request: unrecognized type quota

请帮忙回答一下这个问题是什么引起？我的kubernetes是1.15版本，istio是1.5版本。

@x15zhang @liuhewei @idouba @kevin-wangzefeng @fisherxu

第三章 3.1.4 灰度发布金丝雀发布

灰度发布技术上的核心要求是要提供一种机制满足多不版本同时在线

weather-gateway

ds:
namespaces: weather

no matches for kind "metric" in version "config.istio.io/v1alpha2" 问题解决

istio的metric创建指南

https://istio.io/docs/reference/config/policy-and-telemetry/templates/metric/

customer-request-count.yaml我改成了如下所示

apiVersion: "config.istio.io/v1alpha2"
kind: instance
metadata:
  name: customerrequestcount
  namespace: istio-system
spec:
  compiledTemplate: metric
  params:
    value: "1"
    dimensions:
      method: request.method | "unknown"
      path: request.path | "unknown"
      useragent: request.useragent | "unknown"
      destination: destination.service.name | "unknown"
      code: response.code | 200
    monitored_resource_type: '"UNSPECIFIED"'
---
apiVersion: "config.istio.io/v1alpha2"
kind: handler
metadata:
  name: prometheus
  namespace: istio-system
spec:
  compiledAdapter: prometheus
  params:
    metrics:
    - name: customer_request_count
      instance_name: customerrequestcount.instance.istio-system
      kind: COUNTER
      label_names:
      - method
      - path
      - useragent
      - destination
      - code
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
  name: customerprom
  namespace: istio-system
spec:
  actions:
  - handler: prometheus
    instances: [ customerrequestcount ]

请问weather forecast示例几个服务的源代码在哪里下载？

几个服务分别是：frontend、advertisement、forecast、recommendation
不知源代码是在哪里下载， install目录只有部署配置文件。

第4章 4.1.4 Mixer的配置模型

第144页
Instance包括如下几个重要字段
template：必要字段
正确的应该是 “非必要字段” 吧

frontend组合条件路由问题

`
http:

match:
- headers:
  User-Agent:
  regex: .((Android)).
  route:
- destination:
  host: frontend
  subset: v1
  weight: 50
- destination:
  host: frontend
  subset: v2
  weight: 50
route:
- destination:
  host: frontend
  subset: v1
  `

如果安卓header匹配到了路由有50%访问v1 50%访问v2 。如果html访问v1 那么html配套的js就是v1版本的js xxxx.js ，那么请求这个js的时候同样匹配到了并路由到v2版本那么v2版本是不存在xxxx.js的会出现404.真实的生产环境我们也遇到这个问题请问怎么解决呢？前端和接口不一样 html镶嵌了很多css js ，css js也会走这种路有逻辑，那么就会出现404.

unable to recognize "install/weather-v1.yaml": no matches for kind "Deployment" in version "extensions/v1beta2"

请教下，运行示例时候报错：
k8s version: 1.16.2
kubectl apply -f install/weather-v1.yaml -n weather

unable to recognize "install/weather-v1.yaml": no matches for kind "Deployment" in version "extensions/v1beta2"
unable to recognize "install/weather-v1.yaml": no matches for kind "Deployment" in version "extensions/v1beta2"
unable to recognize "install/weather-v1.yaml": no matches for kind "Deployment" in version "extensions/v1beta2"

访问控制章节blacklist.yaml报错

访问控制12.2章节checknothing.spec 为空报错：

# kubectl apply -f blacklist.yaml
denier.config.istio.io/denycustomerhandler created
error: error validating "blacklist.yaml": error validating data: unknown object type "nil" in checknothing.spec; if you choose to ignore these errors, turn validation off with --validate=false

第8章 8.4.2 Weather Forecast 部署

第258页
$ kubectl apply -f install/weather-gateway.yaml
文件weather-gateway.yaml, 缺少DestinationRule
@fisherxu

P18数据不一致问题

P18 1.5.2 第2节，

更避免了在Kubernetes上运行时服务发现数据不一致的问题

这里的数据不一致问题具体是指什么？能否详细解释？谢谢！

P5错别字

P5，14行，“以灰度发现为例”，应为“以灰度发布为例”

代码更新

您好，你们的代码已经老了，新版本k8s有很多问题，这样会对新读者产生很大的困扰，为什么不能更新一下代码呢？

11.3.2 地域负载均衡故障转移实战演练 dr 的hosts应该是写错了

书中内容为：

spec:
  host: advertisement.weather.svc.cluster.local
  trafficPolicy:
    connectionPool:
      http:
        maxRequestsPerConnection: 1

实际上 hosts 应该是 recommendataion.weather.svc.cluster.local 才对，因为你此时是对recommendataion服务的访问。

6.3章总结疑惑

   你好，在读到本书6.3章总结时有些疑惑，总结最后有提到，”Sidecar Injector 在注入容器时，会自动解析业务容器的容器端口，设置 Readiness Probe。同时，如果未给 Pod 实例创建相应的 Service，那么 Sidecar 健康检查会失败，即Pod永远处于NotReady状态。”
   我试着在weather命名空间下新加了个Deployment，没有给它创建相应的Service，但并没有出现永远处于NotReady状态。这个Deployment内的POD也可以正常访问weather下的其他服务。

书中说到Istio治理的是服务间的访问，治理的对象不一定非要是服务提供者吧。如果有个Deployment只是服务消费者，并不是服务提供者，也就没必要给它创建Service，那就无法使用Istio治理其对其他服务的访问了吗？

第8章基础环境搭不起来

[root@localhost data]# minikube start --memory=8192 --cpus=4 --kubernetes-version=v1.11.0

minikube v1.3.1 on Centos 7.6.1810
! Please don't run minikube as root or with 'sudo' privileges. It isn't necessary with virtualbox driver.
Downloading VM boot image ...
minikube-v1.3.0.iso.sha256: 65 B / 65 B [--------------------] 100.00% ? p/s 0s
minikube-v1.3.0.iso: 131.07 MiB / 131.07 MiB [------] 100.00% 10.39 MiB p/s 13s
Creating virtualbox VM (CPUs=4, Memory=8192MB, Disk=20000MB) ...
Preparing Kubernetes v1.11.0 on Docker 18.09.8 ...
E0902 12:47:33.179830 3169 start.go:558] Error caching images: Caching images for kubeadm: caching images: caching image /root/.minikube/cache/images/k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64_1.14.8: fetching remote image: Get https://k8s.gcr.io/v2/: dial tcp 64.233.187.82:443: i/o timeout
Unable to load cached images: loading cached images: loading image /root/.minikube/cache/images/gcr.io/k8s-minikube/storage-provisioner_v1.8.1: stat /root/.minikube/cache/images/gcr.io/k8s-minikube/storage-provisioner_v1.8.1: no such file or directory
Downloading kubeadm v1.11.0
Downloading kubelet v1.11.0
Pulling images ...
Unable to pull images, which may be OK: running cmd: sudo kubeadm config images pull --config /var/lib/kubeadm.yaml: command failed: sudo kubeadm config images pull --config /var/lib/kubeadm.yaml
stdout:
stderr: I0902 04:48:23.083470 2681 feature_gate.go:230] feature gates: &{map[]}
failed to pull image "k8s.gcr.io/kube-apiserver-amd64:v1.11.0": exit status 1
: Process exited with status 1
Launching Kubernetes ...

X Error starting cluster: cmd failed: sudo /usr/bin/kubeadm init --config /var/lib/kubeadm.yaml --ignore-preflight-errors=DirAvailable--etc-kubernetes-manifests,DirAvailable--data-minikube,FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml,FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml,FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml,FileAvailable--etc-kubernetes-manifests-etcd.yaml,Port-10250,Swap,SystemVerification
I0902 04:48:39.949361 2797 feature_gate.go:230] feature gates: &{map[]}
[init] using Kubernetes version: v1.11.0
[preflight] running pre-flight checks
[WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service'
I0902 04:48:40.387547 2797 kernel_validator.go:81] Validating kernel version
I0902 04:48:40.391461 2797 kernel_validator.go:96] Validating kernel config
[preflight] The system verification failed. Printing the output from the verification:
[WARNING SystemVerification]: unsupported docker version: 18.09.8
KERNEL_VERSION: 4.15.0
CONFIG_NAMESPACES: enabled
CONFIG_NET_NS: enabled
CONFIG_PID_NS: enabled
CONFIG_IPC_NS: enabled
CONFIG_UTS_NS: enabled
CONFIG_CGROUPS: enabled
CONFIG_CGROUP_CPUACCT: enabled
CONFIG_CGROUP_DEVICE: enabled
CONFIG_CGROUP_FREEZER: enabled
CONFIG_CGROUP_SCHED: enabled
CONFIG_CPUSETS: enabled
CONFIG_MEMCG: enabled
CONFIG_INET: enabled
CONFIG_EXT4_FS: enabled
CONFIG_PROC_FS: enabled
CONFIG_NETFILTER_XT_TARGET_REDIRECT: enabled (as module)
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled (as module)
CONFIG_OVERLAY_FS: enabled (as module)
CONFIG_AUFS_FS: not set - Required for aufs.
CONFIG_BLK_DEV_DM: enabled
DOCKER_VERSION: 18.09.8
OS: Linux
CGROUPS_CPU: enabled
CGROUPS_CPUACCT: enabled
CGROUPS_CPUSET: enabled
CGROUPS_DEVICES: enabled
CGROUPS_FREEZER: enabled
CGROUPS_MEMORY: enabled
[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
[preflight/images] Pulling images required for setting up a Kubernetes cluster
[preflight/images] This might take a minute or two, depending on the speed of your internet connection
[preflight/images] You can also perform this action in beforehand using 'kubeadm config images pull'
[preflight] Some fatal errors occurred:
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-apiserver-amd64:v1.11.0]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-controller-manager-amd64:v1.11.0]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-scheduler-amd64:v1.11.0]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-proxy-amd64:v1.11.0]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/pause-amd64:3.1]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/etcd-amd64:3.2.18]: exit status 1
[ERROR ImagePull]: failed to pull image [k8s.gcr.io/coredns:1.1.3]: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with --ignore-preflight-errors=...

: Process exited with status 2
*

Sorry that minikube crashed. If this was unexpected, we would love to hear from you:

1.错误信息如下

错信息不一样

2.virtual service配置如下

3.gateway 配置如下

4.svc配置如下

5.pod配置如下，确认istio-injection没有问题

第8章 8.1.3 安装Istio

第251页
Pilot的默认请求内存为2048MiB
kubernetes的资源限制的内存单位是Ki、Mi、Gi、Ti
没有字母B

部署weather-gateway的时候错误

istio 我参考官方使用helm进行安装，版本是1.2.8的。
参考第8章部署weather的时候没问题，在部署weather-gateway的时候提示错误

# kubectl apply -f install/weather-gateway.yaml 
Error from server (Timeout): error when creating "install/weather-gateway.yaml": Timeout: request did not complete within requested timeout 30s
Error from server (Timeout): error when creating "install/weather-gateway.yaml": Timeout: request did not complete within requested timeout 30s
Error from server (Timeout): error when creating "install/weather-gateway.yaml": Timeout: request did not complete within requested timeout 30s

在使用istio官方的例子来部署gateway的时候也是提示这个，搞不明白这是什么问题，k8s是1.14.6的，在自己本地使用虚拟机用二进制方式来进行部署的。
这是我安装istio的时候使用的参数，

helm install install/kubernetes/helm/istio --wait \
    --name istio \
    --namespace istio-system \
    --set global.mtls.enabled=true \
    --set kiali.enabled=true \
    --set tracing.enabled=true \
    --set grafana.enabled=true \
    --set servicegraph.enabled=true \
    --set global.k8sIngress.enabled=true \
    --set global.k8sIngress.gatewayName=ingressgateway \
    --set kiali.createDemoSecret=true \
    --set kiali.contextPath=/ \
    --set "kiali.dashboard.jaegerURL=http://jaeger-query:16686" \
    --set "kiali.dashboard.grafanaURL=http://grafana:3000" \
    --set gateways.istio-ingressgateway.type=NodePort \
    --set gateways.istio-egressgateway.type=NodePort \
    --set sidecarInjectorWebhook.enabled=true

chapter 8.4.2 最后一步访问 htpp://localhost无法访问

前边几步都正常，到最后一步访问 htpp://localhost无法访问

不是应该访问 virtualbox 中的IP才行么？是映射到本地了么？

但是我查了一下本地 80端口没有监听

第3章97页【http2MaxRequests: 最大请求数】

第3章97页
【http2MaxRequests：最大请求数，】

一开始的理解是http一共只能接收这么多请求，看了后面的意思好像是最大并发，这里能不能改成最大并发请求数。