Istio实战（七）- Bookinfo 部署

1. Istio Bookinfo示例

1.1 部署Bookinfo

# kubectl apply -f /apps/istio/samples/bookinfo/platform/kube/bookinfo.yaml -n hr

1.2 确认Bookinfo已经部署正常

先确认以下pod和service已经被正确创建

# kubectl get pods -n hr
NAME                              READY   STATUS    RESTARTS   AGE
details-v1-79f774bdb9-k7mqb       2/2     Running   0          7m45s
productpage-v1-6b746f74dc-bx8ml   2/2     Running   0          7m44s
ratings-v1-b6994bb9-p8794         2/2     Running   0          7m45s
reviews-v1-545db77b95-vftz4       2/2     Running   0          7m44s
reviews-v2-7bf8c9648f-gxknq       2/2     Running   0          7m44s
reviews-v3-84779c7bbc-lghnn       2/2     Running   0          7m44s
sleep-557747455f-xrt55            2/2     Running   0          154m
# kubectl get -n hr svc
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
details       ClusterIP   10.200.210.141   <none>        9080/TCP   4m7s
productpage   ClusterIP   10.200.180.58    <none>        9080/TCP   4m6s
ratings       ClusterIP   10.200.158.218   <none>        9080/TCP   4m7s
reviews       ClusterIP   10.200.82.81     <none>        9080/TCP   4m7s
sleep         ClusterIP   10.200.210.162   <none>        80/TCP     6d19h

再确认Bookinfo工作已经正常

由于我将Bookinfo放在hr的namespace中,如果使用default命名空间或者其他命名空间,将-n hr部分替换即可

# kubectl exec -n hr "$(kubectl get pod -n hr -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>

1.3 定义gateway

# kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml -n hr
gateway.networking.istio.io/bookinfo-gateway created
virtualservice.networking.istio.io/bookinfo created

配置分析

# istioctl analyze -n hr

✔ No validation issues found when analyzing namespace: hr.

1.4 访问测试

访问 192.168.31.163/productpage

补充:192.168.31.163的地址来自于之前配置的ingress,具体设置步骤就不在这里赘述了.

# kubectl get svc -n istio-system |grep ingress
istio-ingressgateway   LoadBalancer   10.200.116.152   192.168.31.163   15021:36408/TCP,80:32291/TCP,443:46749/TCP,31400:60601/TCP,15443:57185/TCP,20001:52713/TCP   5d4h

1.5 kiali

2. Request Routing测试

2.1 划分子集

# kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml -n hr

reviews,ratings,details分别划分了v1,v2,v3三个子集

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: productpage
spec:
  host: productpage
  subsets:
  - name: v1
    labels:
      version: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: reviews
spec:
  host: reviews
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v3
    labels:
      version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: ratings
spec:
  host: ratings
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v2-mysql
    labels:
      version: v2-mysql
  - name: v2-mysql-vm
    labels:
      version: v2-mysql-vm
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: details
spec:
  host: details
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
---

2.2 将所有流量转到v1子集

samples/bookinfo/networking/virtual-service-all-v1.yaml

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: productpage
spec:
  hosts:
  - productpage
  http:
  - route:
    - destination:
        host: productpage
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: ratings
spec:
  hosts:
  - ratings
  http:
  - route:
    - destination:
        host: ratings
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: details
spec:
  hosts:
  - details
  http:
  - route:
    - destination:
        host: details
        subset: v1
---

# kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml -n hr
virtualservice.networking.istio.io/productpage created
virtualservice.networking.istio.io/reviews created
virtualservice.networking.istio.io/ratings created
virtualservice.networking.istio.io/details created

3. Route based on user identity

定义一个vs,名字是reviews.

如果标头是end-user,值是jason,那么就路由给reviews的v2

否则调度给reviews的v1

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
    - reviews
  http:
  - match:
    - headers:
        end-user:
          exact: jason
    route:
    - destination:
        host: reviews
        subset: v2
  - route:
    - destination:
        host: reviews
        subset: v1

# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml -n hr
virtualservice.networking.istio.io/reviews created

测试访问

默认访问任然是v1

当用jason用户名sign in后就显示v2

这部分用jason登录的流量就走了v2,其他不是jason header的流量任然走的v1

4. Traffic Shifting

有50%的流量交给v1,其余50%的流量交给v3

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
    - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1
      weight: 50
    - destination:
        host: reviews
        subset: v3
      weight: 50

# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml -n hr
virtualservice.networking.istio.io/reviews configured

多次刷新时,有50%概率刷新出来是v1,50%概率刷新到v3

将流量设置成v1 20%,v3 80%后,v1和v3的流量比逐渐变为1:4

# vi samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml
root@k8s-master-01:/apps/istio# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml -n hr
virtualservice.networking.istio.io/reviews configured

如果实际生产中,在两个版本并行一段时间后,可以将所有流量切换到v3上.