Service Mesh (ASM) allows you to customize request headers and response headers by using the headers field of the VirtualService CustomResourceDefinition (CRD). The VirtualService CRD allows you to add, modify, or delete HTTP headers at the route level. This way, customized processing of header information is implemented.
Prerequisites
The HTTPBin application is deployed. For more information, see Deploy the HTTPBin application.
Step 1: Define the VirtualService CRD
VirtualService can meet most common header operation requirements, such as simple addition, modification, or deletion of request headers and response headers. For example, it can set header values to fixed static strings. In addition, it can dynamically generate request and response header values by using built-in expressions. These expressions are usually enclosed in the % symbol and can reference different dynamic content such as request attributes. All HTTP command operators used to access logs can be specified in custom request or response headers. For example, %UPSTREAM_CLUSTER% indicates the name of a service provider. For more information, see Command Operators.
You can customize the HTTP headers of requests and responses based on routing rules. This is useful in scenarios such as tracing, logging, adding security headers, or implementing specific service logic. The following section provides a configuration example of VirtualService. This example demonstrates how to customize request headers and response headers.
Type | Description |
Request headers |
|
Response headers |
|
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: httpbin-vs
spec:
gateways:
- httpbin
hosts:
- '*'
http:
- route:
- destination:
host: httpbin
port:
number: 8000
weight: 100
headers:
request:
add:
x-custom-request-header: "custom-value" # Add a custom request header.
x-dynamic-request-header: "%START_TIME%" # Add a custom request header.
set:
x-another-request-header: "another-value" # Modify or set the request header.
remove:
-x-unwanted-header # Remove the request header.
response:
add:
x-custom-response-header: "custom-response-value" # Add a custom response header.
set:
x-another-response-header: "another-response-value" # Modify or set the response header.
remove:
-x-unwanted-response-header # Remove the response header.
The VirtualService CRD can be used to set and modify HTTP headers. However, Envoy access logs do not record these changes if Envoy retains the default configurations of access logs. If you want to record custom headers in Envoy access logs, you must modify the log format of Envoy.
Step 2: View custom request headers and response headers in access logs
ASM allows you to customize log formats. The custom expressions of access logs can obtain values from request headers, response headers, and Envoy built-in values. For more information, see Customize the format of access logs.
The following table lists three new fields, which are used to display content in access logs.
Field | Type | Value |
my-x-custom-request-header | Request attribute | %REQ(x-custom-request-header)% |
my-x-dynamic-request-header | Request attribute | %REQ(x-dynamic-request-header)% |
my-x-custom-response-header | Response attribute | %RESP(x-custom-response-header)% |
In VirtualService, if the modification of response headers takes effect after logging, these modified response headers are not recorded in access logs.
Check the access logs of the gateway pod and you can see content similar to the following:
{ "bytes_received": "9", "bytes_sent": "33", "response_code": "200", "my-x-custom-request-header": "custom-value", "my-x-dynamic-request-header":"2024-01-16T14:49:21.187Z" "my-x-custom-response-header": "custom-response-value" }Check the access logs of the HTTPBin pod and you can see content similar to the following:
{ "bytes_received": "9", "bytes_sent": "33", "response_code": "200", "my-x-custom-request-header": "custom-value", "my-x-dynamic-request-header": "2024-01-16T14:49:21.187Z" "my-x-custom-response-header": "-" }