Istio 基于头部分流

分离部署istio下面的示例把数据平面和控制平面分开部署。

自动生成配置文件可以istioctl profile dump empty加上配置文档然后进行修改。

生产集群注意配置资源限制。

apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
  name: control-plane
spec:
  profile: default
  components:
    ingressGateways:
    - name: istio-ingressgateway
      enabled: false
    egressGateways:
    - name: istio-egressgateway
      enabled: false
  hub: harbor.kailinesb.com/ops

apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
  name: ingress-gateway
spec:
  profile: empty
  components:
    ingressGateways:
    - name: ingressgateway
      namespace: istio-system
      enabled: true
      label:
        istio: ingressgateway
      k8s:
        resources:
          requests:
            cpu: 100m
            memory: 160Mi
  hub: harbor.kailinesb.com/ops

加了这两个配置

root@dev-km-01-175:~/istio# kubectl  -n istio-system get cm istio -o yaml
apiVersion: v1
data:
  mesh: |-
    accessLogFile: /dev/stdout
    defaultConfig:
      discoveryAddress: istiod.istio-system.svc:15012
      tracing:    # <<< 这里
        sampling: 40
        zipkin:
          address: zipkin.istio-system:9411
    accessLogEncoding: "JSON"    # <<< 这里
......

创建两个版本的应用。一个是正常版本,另外一个是灰度版本。

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx-home
    version: nginx-home-prod
  name: nginx-home
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-home
      version: nginx-home-prod
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx-home
        version: nginx-home-prod
    spec:
      containers:
      - image: harbor.kailinesb.com/ops/nginx:1.22.1
        name: nginx
---
# 灰度版本app
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx-home
    version: nginx-home-gray
  name: nginx-home-gray
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-home
      version: nginx-home-gray
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx-home
        version: nginx-home-gray
    spec:
      containers:
      - image: harbor.kailinesb.com/ops/nginx:1.22.1
        name: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-home
  name: nginx-home
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-home
  type: ClusterIP


kubectl exec -it deploy/nginx-home-gray -- \
sed -i 's#nginx#nginx-gray#g' /usr/share/nginx/html/index.html

# 把部署的app打上如下的标签。
root@dev-km-01-175:~/istio# kubectl get deploy --show-labels
root@dev-km-01-175:~/istio# kubectl -n jian-butler-gray get deploy --show-labels
NAME              READY   UP-TO-DATE   AVAILABLE   AGE   LABELS
nginx-home        1/1     1            1           97s   app=nginx-home,version=nginx-home-prod
nginx-home-gray   1/1     1            1           33m   app=nginx-home,version=nginx-home-gray

# 现在访问svc会出现两种版本都出现的情况。

image

创建gw

cat 01-nginx-app-gw.yaml 
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: nginx-app-gw
spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "nginx-app.kailinesb.com"

创建vs

cat 02-nginx-app-vs.yaml 
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: nginx-app-vs
spec:
  hosts:
  - "nginx-app.kailinesb.com"
  gateways:
  - nginx-app-gw
  http:
  - route:
    - destination:
        host: nginx-home    # nginx-home是svc

通过从ingressgateway网关访问nginx-app.kailinesb.com现在会随机返回两个版本的内容。

192.168.21.175 nginx-app.kailinesb.com

image

image

通过dr声明版本之间的关系,这样vs才能分清楚流量分发到哪个版本。

root@dev-km-01-175:~/istio# cat dr.yaml
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: nginx-app-dr
spec:
  host: nginx-home 
  subsets:
  - name: version-prod
    labels:
      version: nginx-home-prod
  - name: version-gray
    labels:
      version: nginx-home-gray

更新vs

cat 02-nginx-app-vs.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: nginx-app-vs
spec:
  hosts:
  - "nginx-app.kailinesb.com"
  gateways:
  - nginx-app-gw
  http:
  - match:
    - headers:
        version:
          exact: "gray"
    route:
    - destination:
        host: nginx-home
        subset: version-gray
  - route:
    - destination:
        host: nginx-home
        subset: version-prod

访问测试。

[ops@deploy21-146 ~]$ curl -s http://192.168.21.175 -H 'version: gray'  -H 'Host: nginx-app.kailinesb.com' | grep Welco
<title>Welcome to nginx-gray!</title>
<h1>Welcome to nginx-gray!</h1>

[ops@deploy21-146 ~]$ curl -s http://192.168.21.175  -H 'Host: nginx-app.kailinesb.com' | grep Welco
<title>Welcome to nginx!</title>
<h1>Welcome to nginx!</h1>

Istio 监控部署

jaeger 流量追踪。

jaeger和zipkin会一起安装,jaeger兼容后者。

kiali 观察网格服务状态,这个调用zipkin把链路追踪的功能也集成了。

流量可观测jaeger和配置可观测kiali依赖grafana和prometheus。

posted @   Gshelldon  阅读(11)  评论(0编辑  收藏  举报
相关博文:
·  traefik 部署使用
·  argoCD 部署及常用功能和原理
·  安装Istio及基础用法
·  istio服务治理
·  istio
阅读排行:
· winform 绘制太阳,地球,月球 运作规律
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· AI 智能体引爆开源社区「GitHub 热点速览」
· Manus的开源复刻OpenManus初探
· 写一个简单的SQL生成工具
点击右上角即可分享
微信分享提示