Careful!

You are browsing documentation for a version of Kuma that is not the latest release.

MeshTCPRoute

This policy uses new policy matching algorithm. It’s recommended to migrate from TrafficRoute. See “Interactions with TrafficRoute” section for more information.

The MeshTCPRoute policy allows you to alter and redirect TCP requests depending on where the request is coming from and where it’s going to.

TargetRef support matrix

targetRef Allowed kinds
targetRef.kind Mesh, MeshSubset, MeshService, MeshServiceSubset
to[].targetRef.kind MeshService

For more information, see the matching docs.

Configuration

Unlike other outbound policies, MeshTCPRoute doesn’t contain default directly in the to array. The default section is nested inside rules, so the policy structure looks like the following:

spec:
  targetRef: # top-level targetRef selects a group of proxies to configure
    kind: Mesh|MeshSubset|MeshService|MeshServiceSubset 
  to:
    - targetRef: # targetRef selects a destination (outbound listener)
        kind: MeshService
        name: backend
      rules:
        - default: # configuration applied for the matched TCP traffic
            backendRefs: [...]

Default configuration

The following describes the default configuration settings of the MeshTCPRoute policy:

  • backendRefs: (Optional) List of destinations for the request to be redirected to
    • kind: One of MeshService, MeshServiceSubset
    • name: The service name
    • tags: Service tags. These must be specified if the kind is MeshServiceSubset.
    • weight: When a request matches the route, the choice of an upstream cluster is determined by its weight. Total weight is a sum of all weights in the backendRefs list.

Gateways

In order to route TCP traffic for a MeshGateway, you need to target the MeshGateway in spec.targetRef and set spec.to[].targetRef.kind: Mesh.

Interactions with MeshHTTPRoute

MeshHTTPRoute takes priority over MeshTCPRoute when both are defined for the same service, and the matching MeshTCPRoute is ignored.

Interactions with TrafficRoute

MeshTCPRoute takes priority over TrafficRoute when a proxy is targeted by both policies.

All legacy policies like Retry, TrafficLog, Timeout etc. only match on routes defined by TrafficRoute. All new recommended policies like MeshRetry, MeshAccessLog, MeshTimeout etc. match on routes defined by MeshTCPRoute and TrafficRoute.

If you don’t use legacy policies, it’s recommended to remove any existing TrafficRoute. Otherwise, it’s recommended to migrate to new policies and then removing TrafficRoute.

Examples

Traffic split

You can use MeshTCPRoute to split TCP traffic between services with different tags and implement A/B testing or canary deployments.

Here’s an example of a MeshTCPRoute that splits the traffic from frontend_kuma-demo_svc_8080 to backend_kuma-demo_svc_3001 between versions:

apiVersion: kuma.io/v1alpha1
kind: MeshTCPRoute
metadata:
  name: tcp-route-1
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: MeshSubset
    tags:
      app: frontend
  to:
  - targetRef:
      kind: MeshService
      name: backend_kuma-demo_svc_3001
    rules:
    - default:
        backendRefs:
        - kind: MeshServiceSubset
          name: backend_kuma-demo_svc_3001
          tags:
            version: v0
          weight: 90
        - kind: MeshServiceSubset
          name: backend_kuma-demo_svc_3001
          tags:
            version: v1
          weight: 10

Traffic redirection

You can use MeshTCPRoute to redirect outgoing traffic from one service to another.

Here’s an example of a MeshTCPRoute that redirects outgoing traffic originating at frontend_kuma-demo_svc_8080 from backend_kuma-demo_svc_3001 to external-backend:

apiVersion: kuma.io/v1alpha1
kind: MeshTCPRoute
metadata:
  name: tcp-route-1
  namespace: kuma-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: MeshSubset
    tags:
      app: frontend
  to:
  - targetRef:
      kind: MeshService
      name: backend_kuma-demo_svc_3001
    rules:
    - default:
        backendRefs:
        - kind: MeshService
          name: external-backend_kuma-demo_svc_8080

Route policies with different types targeting the same destination

If multiple route policies with different types (MeshTCPRoute and MeshHTTPRoute for example) target the same destination, only a single route type with the highest specificity will be applied.

In this example, both MeshTCPRoute and MeshHTTPRoute target the same destination:

MeshTCPRoute:

# [...]
targetRef:
  kind: MeshSubset
  tags:
    app: frontend
to:
  - targetRef:
      kind: MeshService
      name: backend_kuma-demo_svc_3001
    rules:
      - default:
          backendRefs:
            - kind: MeshService
              name: other-tcp-backend

MeshHTTPRoute:

# [...]
targetRef:
  kind: MeshSubset
  tags:
    app: frontend
to:
  - targetRef:
      kind: MeshService
      name: backend_kuma-demo_svc_3001
    rules:
      - matches:
          - path:
              type: PathPrefix
              value: "/"
        default:
          backendRefs:
            - kind: MeshService
              name: other-http-backend_kuma-demo_svc_8080

Depending on the backend’s protocol:

  • MeshHTTPRoute will be applied if http, http2, or grpc are specified
  • MeshTCPRoute will be applied if tcp or kafka is specified, or when nothing is specified

All policy configuration settings

Spec is the specification of the Kuma MeshTCPRoute resource.

Type: object

Properties

  • targetRef required
    • TargetRef is a reference to the resource the policy takes an effect on.The resource could be either a real store object or virtual resourcedefined in-place.
    • Type: object
    • Properties
      • kind
        • Kind of the referenced resource
        • Type: string
        • The value is restricted to the following:
          1. "Mesh"
          2. "MeshSubset"
          3. "MeshGateway"
          4. "MeshService"
          5. "MeshServiceSubset"
          6. "MeshHTTPRoute"
      • mesh
        • Mesh is reserved for future use to identify cross mesh resources.
        • Type: string
      • name
        • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
        • Type: string
      • proxyTypes
        • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.
        • Type: array
        • Item Count: ≥ 1
          • Items
          • Type: string
          • The value is restricted to the following:
            1. "Sidecar"
            2. "Gateway"
      • tags
        • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
        • Type: object
        • This schema accepts additional properties.
        • Properties
  • to
    • To list makes a match between the consumed services and correspondingconfigurations
    • Type: array
    • Item Count: ≥ 1
      • Items
      • Type: object
      • Properties
        • rules
          • Rules contains the routing rules applies to a combination of top-leveltargetRef and the targetRef in this entry.
          • Type: array
          • Item Count: ≤ 1
            • Items
            • Type: object
            • Properties
              • default required
                • Default holds routing rules that can be merged with rules from otherpolicies.
                • Type: object
                • Properties
                  • backendRefs required
                    • Type: array
                    • Item Count: ≥ 1
                      • Items
                      • BackendRef defines where to forward traffic.
                      • Type: object
                      • Properties
                        • kind
                          • Kind of the referenced resource
                          • Type: string
                          • The value is restricted to the following:
                            1. "Mesh"
                            2. "MeshSubset"
                            3. "MeshGateway"
                            4. "MeshService"
                            5. "MeshServiceSubset"
                            6. "MeshHTTPRoute"
                        • mesh
                          • Mesh is reserved for future use to identify cross mesh resources.
                          • Type: string
                        • name
                          • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
                          • Type: string
                        • port
                          • Port is only supported when this ref refers to a real MeshService object
                          • Type: integer
                        • proxyTypes
                          • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.
                          • Type: array
                          • Item Count: ≥ 1
                            • Items
                            • Type: string
                            • The value is restricted to the following:
                              1. "Sidecar"
                              2. "Gateway"
                        • tags
                          • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
                          • Type: object
                          • This schema accepts additional properties.
                          • Properties
                        • weight
                          • Type: integer
                          • Default: 1
                          • Range: ≥ 0
        • targetRef required
          • TargetRef is a reference to the resource that represents a group ofdestinations.
          • Type: object
          • Properties
            • kind
              • Kind of the referenced resource
              • Type: string
              • The value is restricted to the following:
                1. "Mesh"
                2. "MeshSubset"
                3. "MeshGateway"
                4. "MeshService"
                5. "MeshServiceSubset"
                6. "MeshHTTPRoute"
            • mesh
              • Mesh is reserved for future use to identify cross mesh resources.
              • Type: string
            • name
              • Name of the referenced resource. Can only be used with kinds: MeshService,MeshServiceSubset and MeshGatewayRoute
              • Type: string
            • proxyTypes
              • ProxyTypes specifies the data plane types that are subject to the policy. When not specified,all data plane types are targeted by the policy.
              • Type: array
              • Item Count: ≥ 1
                • Items
                • Type: string
                • The value is restricted to the following:
                  1. "Sidecar"
                  2. "Gateway"
            • tags
              • Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset and MeshServiceSubset
              • Type: object
              • This schema accepts additional properties.
              • Properties

Generated with json-schema-md-doc