Istio金丝雀

  • 灰度发布也叫金丝雀部署,是指通过控制流量的比例,实现新老版本的逐步更替。比如对于服务 A 有 version1 、 version2 两个版本 当前两个版本同时部署,但是 version1 比例90% version2 比例 10% ,看运行效果,如果效果好逐步调整流量占比 80 20 7030 ·····10 90 0 100 ,最终 version1 版本下线。

测试yaml

[root@k8s-master-1 example1]# cat deployment.yaml 
apiVersion: v1
kind: Namespace
metadata:
  name: canary
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: busybox-httpd-v1
  namespace: canary
spec:
  replicas: 1
  selector:
    matchLabels:
      app: v1
      apply: canary
  template:
    metadata:
      labels:
        app: v1
        apply: canary
    spec:
      containers:
      - name: busybox
        image: busybox:1.28
        imagePullPolicy: IfNotPresent
        command: ["/bin/sh","-c","echo 'this is busybox-httpd-v1' > /var/www/index.html;httpd -f -h /var/www"]
        ports:
        - containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: busybox-httpd-v2
  namespace: canary
spec:
  replicas: 1
  selector:
    matchLabels:
      app: v2
      apply: canary
  template:
    metadata:
      labels:
        app: v2
        apply: canary
    spec:
      containers:
      - name: busybox
        image: busybox:1.28
        imagePullPolicy: IfNotPresent
        command: ["/bin/sh","-c","echo 'this is busybox-httpd-v2' > /var/www/index.html;httpd -f -h /var/www"]
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: busybox-canary
  namespace: canary 
spec:
  type: ClusterIP
  selector:
    apply: canary
  ports:
  - name: httpd
    port: 80
    targetPort: 80

istio yaml

[root@k8s-master-1 example1]# cat istio.yaml 
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: canary-gateway
  namespace: canary
spec:
  selector:
    istio: ingressgateway
  servers:
  - port: 
      name: http
      number: 80  # ingress-gateway port num
      protocol: HTTP
    hosts:
    - "*"
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: canary
  namespace: canary
spec:
  gateways:
  - canary-gateway
  hosts:
  - "*"
  http:
  - route:
    - destination:
        host: busybox-canary.canary.svc.cluster.local
        subset: v1  
      weight: 70
    - destination:
        host: busybox-canary.canary.svc.cluster.local
        subset: v2
      weight: 30
---
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: canary
  namespace: canary
spec:
  host: busybox-canary.canary.svc.cluster.local
  subsets:
  - name: v1 #对进入名为canary的子集的所有流量使用权重负载均衡策略,该子集由带有标签app:v1 的endpoints(如Pod)组成
    labels:
      app: v1
  - name: v2
    labels:
      app: v2 #对进入名为canary的子集的所有流量使用权重负载均衡策略,该子集由带有标签app:v2 的endpoints(如Pod)组成
部署
# istio注入并部署测试deployment
[root@k8s-master-1 example1]# istioctl kube-inject -f deployment.yaml | kubectl apply -f -
namespace/canary created
deployment.apps/busybox-httpd-v1 created
deployment.apps/busybox-httpd-v2 created
service/busybox-canary created


# istio相关部署
[root@k8s-master-1 example1]# kubectl apply -f istio.yaml 
gateway.networking.istio.io/canary-gateway created
virtualservice.networking.istio.io/canary created
destinationrule.networking.istio.io/canary created

# 查看gateway访问地址
[root@k8s-master-1 example1]# kubectl get svc -n istio-system
NAME                   TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                                             
istio-egressgateway    ClusterIP      10.0.253.161   <none>         80/TCP,443/TCP                                       
istio-ingressgateway   LoadBalancer   10.0.83.120    192.168.0.15   15021:38405/TCP,80:49967/TCP,443:49290/TCP,31400:38905/TCP,15443:36855/TCP 
istiod                 ClusterIP      10.0.99.239    <none>         15010/TCP,15012/TCP,443/TCP,15014/TCP               
kiali                  NodePort       10.0.234.37    <none>         20001:40640/TCP,9090:36639/TCP                       
prometheus             NodePort       10.0.132.174   <none>         9090:30086/TCP                                       


# 访问192.168.0.10:49967即可将流量传递给后端POD,通过下面可见大致实现了流量3-7分布,即金丝雀发布
[root@k8s-master-1 example1]# for i in `seq 1 10`; do curl 192.168.0.10:49967 ; done
this is busybox-httpd-v1
this is busybox-httpd-v1
this is busybox-httpd-v2
this is busybox-httpd-v1
this is busybox-httpd-v2
this is busybox-httpd-v1
this is busybox-httpd-v2
this is busybox-httpd-v1
this is busybox-httpd-v1
this is busybox-httpd-v1
  • istio-kiali显示(后端进行一万次curl访问),通过下面可见流量大致按照3-7分布了
    在这里插入图片描述
Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐