I’ve asked about this before, and there has been at least one response talking about prototype solutions, but I’m wondering whether anyone has moved forward with a more practical solution.
The thing I’m naming here, “VirtualService Injection Leases”, refers to the fact that it’s possible to manually add additional routes in a VirtualService, routing to a service based on a http header value. Among other reasons, this could be used so that a developer could debug a complex application “in the cluster” if they can set a specific cookie that gets translated to a header that is checked in the route table. It would route to a “clone” of the service that they would connect to with a “port-forward” from their desktop. It would even be possible to integrate the Telepresence framework to allow them to test uncommitted changes, again “in the cluster”, using a variation of the same mechanism.
The problem with this is that those routes need to be added to the VirtualService manually, for each “developer” and “service” pair, not to mention removing them when debugging is complete. Configurations like this are usually only intended for a development or test environment, and not for production.
These factors make it awkward to take full advantage of these ideas.
I feel like this would be more usable if these “injected routes” were defined as custom k8s objects, which I refer to as a “VirtualService Injection Lease”. These would have an expiration date, and will only be valid in specific conditions, like specific clusters. These would be automatically used by the VirtualService routing logic, without having to add specific routes to the VirtualService. Separating these into separate objects makes it easier to omit them in production environments.