1. Istio Bookinfo示例
1.1 部署Bookinfo
# kubectl apply -f /apps/istio/samples/bookinfo/platform/kube/bookinfo.yaml -n hr
1.2 确认Bookinfo已经部署正常
先确认以下pod和service已经被正确创建
# kubectl get pods -n hr
NAME READY STATUS RESTARTS AGE
details-v1-79f774bdb9-k7mqb 2/2 Running 0 7m45s
productpage-v1-6b746f74dc-bx8ml 2/2 Running 0 7m44s
ratings-v1-b6994bb9-p8794 2/2 Running 0 7m45s
reviews-v1-545db77b95-vftz4 2/2 Running 0 7m44s
reviews-v2-7bf8c9648f-gxknq 2/2 Running 0 7m44s
reviews-v3-84779c7bbc-lghnn 2/2 Running 0 7m44s
sleep-557747455f-xrt55 2/2 Running 0 154m
# kubectl get -n hr svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
details ClusterIP 10.200.210.141 <none> 9080/TCP 4m7s
productpage ClusterIP 10.200.180.58 <none> 9080/TCP 4m6s
ratings ClusterIP 10.200.158.218 <none> 9080/TCP 4m7s
reviews ClusterIP 10.200.82.81 <none> 9080/TCP 4m7s
sleep ClusterIP 10.200.210.162 <none> 80/TCP 6d19h
再确认Bookinfo工作已经正常
由于我将Bookinfo放在hr的namespace中,如果使用default命名空间或者其他命名空间,将-n hr部分替换即可
# kubectl exec -n hr "$(kubectl get pod -n hr -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>
1.3 定义gateway
# kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml -n hr
gateway.networking.istio.io/bookinfo-gateway created
virtualservice.networking.istio.io/bookinfo created
配置分析
# istioctl analyze -n hr
✔ No validation issues found when analyzing namespace: hr.
1.4 访问测试
访问 192.168.31.163/productpage
补充:192.168.31.163的地址来自于之前配置的ingress,具体设置步骤就不在这里赘述了.
# kubectl get svc -n istio-system |grep ingress
istio-ingressgateway LoadBalancer 10.200.116.152 192.168.31.163 15021:36408/TCP,80:32291/TCP,443:46749/TCP,31400:60601/TCP,15443:57185/TCP,20001:52713/TCP 5d4h
1.5 kiali
2. Request Routing测试
2.1 划分子集
# kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml -n hr
reviews,ratings,details分别划分了v1,v2,v3三个子集
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: productpage
spec:
host: productpage
subsets:
- name: v1
labels:
version: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v3
labels:
version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: ratings
spec:
host: ratings
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v2-mysql
labels:
version: v2-mysql
- name: v2-mysql-vm
labels:
version: v2-mysql-vm
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: details
spec:
host: details
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
---
2.2 将所有流量转到v1子集
samples/bookinfo/networking/virtual-service-all-v1.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: productpage
spec:
hosts:
- productpage
http:
- route:
- destination:
host: productpage
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ratings
spec:
hosts:
- ratings
http:
- route:
- destination:
host: ratings
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: details
spec:
hosts:
- details
http:
- route:
- destination:
host: details
subset: v1
---
# kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml -n hr
virtualservice.networking.istio.io/productpage created
virtualservice.networking.istio.io/reviews created
virtualservice.networking.istio.io/ratings created
virtualservice.networking.istio.io/details created
3. Route based on user identity
定义一个vs,名字是reviews.
如果标头是end-user,值是jason,那么就路由给reviews的v2
否则调度给reviews的v1
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: jason
route:
- destination:
host: reviews
subset: v2
- route:
- destination:
host: reviews
subset: v1
# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml -n hr
virtualservice.networking.istio.io/reviews created
测试访问
默认访问任然是v1
当用jason用户名sign in后就显示v2
这部分用jason登录的流量就走了v2,其他不是jason header的流量任然走的v1
4. Traffic Shifting
有50%的流量交给v1,其余50%的流量交给v3
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v1
weight: 50
- destination:
host: reviews
subset: v3
weight: 50
# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml -n hr
virtualservice.networking.istio.io/reviews configured
多次刷新时,有50%概率刷新出来是v1,50%概率刷新到v3
将流量设置成v1 20%,v3 80%后,v1和v3的流量比逐渐变为1:4
# vi samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml
root@k8s-master-01:/apps/istio# kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml -n hr
virtualservice.networking.istio.io/reviews configured
如果实际生产中,在两个版本并行一段时间后,可以将所有流量切换到v3上.