cookie-based virtual service routing does not work

Question

We followed the instruction https://istio-releases.github.io/v0.1/docs/concepts/traffic-management/rules-configuration.html to setup routing rule based on a cookie.

There is the actual istio virtual service configuration:

apiVersion: networking.istio.io/v1beta1

kind: VirtualService

metadata:

annotations:

meta.helm.sh/release-name: prodstagingistio

meta.helm.sh/release-namespace: istio-system

creationTimestamp: "2022-07-14T16:12:56Z"

generation: 22

labels:

app.kubernetes.io/managed-by: Helm

name: api-gateway-virtualservice

namespace: istio-system

resourceVersion: "149056406"

uid: a5be0a58-6fd8-467c-9a98-5de9ac71b1dd

spec:

gateways:

• api-gateway

hosts:

• api0-prod.dev.domain.com

• api0-staging.dev.domain.com

http:

• match:

  • authority:

    exact: api0-prod.dev.domain.com

    headers:

    cookie:

     regex: ^(.*;.)?(feature-b=true)(;.*)?$

  route:

  • destination:

    host: api-gateway.blue.svc.cluster.local

• match:

  • authority:

    exact: api0-prod.dev.domain.com

  route:

  • destination:

    host: api-gateway.green.svc.cluster.local

• match:

  • authority:

    exact: api0-staging.dev.domain.com

  route:

  • destination:

    host: api-gateway.orange.svc.cluster.local

Supposedly, when accessing https://api0-prod.dev.domain.com with cookie value (feature-b=true) in http header, the traffic should be redirected to api-gateway.blue.svc.cluster.local. But regardless of the cookie setting, the traffic was sent to api-gateway.green.svc.cluster.local.

But I can't find anything wrong according to the document.

Can anything help taking a look of the config and see why the cookie setting doesn't work?

Answer 1

The virtual service routes should be like below to match cookie. Similarly you need to add for green.

http:
- match:
  - headers:
      cookie:
        regex: ^(.*;.)?(feature-b=true)(;.*)?$
  route:
  - destination:
      host: api-gateway.blue.svc.cluster.local 
      subset: blue-sub