envoy03-故障注入
root@user:/opt/servicemesh_in_practise/HTTP-Connection-Manager/fault-injection# cat README.md # HTTP Request Mirror Demo ### 环境说明 ##### Envoy Mesh使用的网络: 172.31.62.0/24 ##### 四个Service: - envoy:Front Proxy,地址为172.31.62.10 - 3个后端服务 - service_blue:对应于Envoy中的blue_abort集群,带有abort故障注入配置 - service_red:对应于Envoy中的red_delay集群,带有delay故障注入配置 - service_green:对应于Envoy中的"green集群 ##### 使用的abort配置 ``` http_filters: - name: envoy.filters.http.fault typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault max_active_faults: 100 abort: http_status: 503 percentage: numerator: 10 # 向10%的请求注入503中断 denominator: HUNDRED ``` ##### 使用的delay配置 ``` http_filters: - name: envoy.filters.http.fault typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault max_active_faults: 100 delay: fixed_delay: 10s percentage: numerator: 10 # 向10%的请求注入10秒钟的延迟 denominator: HUNDRED ``` ### 运行和测试 1. 创建并运行容器 ``` docker-compose up ``` 2. 测试注入的delay故障 ``` # 反复向/service/red发起多次请求,被注入延迟的请求,会有较长的响应时长; curl -w"@curl_format.txt" -o /dev/null -s "http://172.31.62.10/service/red" #被后端Envoy注入了delay的请求,将被Front-Envoy响应以类似如下内容: time_namelookup: 0.000054 time_connect: 0.000261 time_appconnect: 0.000000 time_pretransfer: 0.000349 time_redirect: 0.000000 time_starttransfer: 10.007628 ---------- time_total: 10.007820 ``` 3. 测试注入的abort故障 ``` # 反复向/service/blue发起多次请求,被注入中断的请求,则响应以503代码; curl -o /dev/null -w '%{http_code}\n' -s "http://172.31.62.10/service/blue" ``` 4. 发往/service/green的请求,将无故障注入 5. 发往/的请求,会被调度至red_delay、blue_abort和green三个集群,它们有的可能被延迟、有的可能被中断;
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat docker-compose.yaml version: '3' services: front-envoy: image: envoyproxy/envoy-alpine:v1.11.2 volumes: - ./front-envoy.yaml:/etc/envoy/envoy.yaml networks: - envoymesh expose: # Expose ports 80 (for general traffic) and 9901 (for the admin server) - "80" - "9901" service_blue: image: ikubernetes/servicemesh-app:latest volumes: - ./service-envoy-fault-injection-abort.yaml:/etc/envoy/envoy.yaml networks: envoymesh: aliases: - service_blue - colored environment: - SERVICE_NAME=blue expose: - "80" service_green: image: ikubernetes/servicemesh-app:latest networks: envoymesh: aliases: - service_green - colored environment: - SERVICE_NAME=green expose: - "80" service_red: image: ikubernetes/servicemesh-app:latest volumes: - ./service-envoy-fault-injection-delay.yaml:/etc/envoy/envoy.yaml networks: envoymesh: aliases: - service_red - colored environment: - SERVICE_NAME=red expose: - "80" networks: envoymesh: {}
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat front-envoy.yaml admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 9901 static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 80 name: listener_http filter_chains: - filters: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: backend domains: - "*" routes: - match: prefix: "/service/blue" route: cluster: blue_abort - match: prefix: "/service/red" route: cluster: red_delay - match: prefix: "/service/green" route: cluster: green - match: prefix: "/" route: cluster: mycluster http_filters: - name: envoy.router clusters: - name: red_delay connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: red_delay endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service_red port_value: 80 - name: blue_abort connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: blue_abort endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service_blue port_value: 80 - name: green connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: green endpoints: - lb_endpoints: - endpoint: address: socket_address: address: service_green port_value: 80 - name: mycluster connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN load_assignment: cluster_name: mycluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: colored port_value: 80
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy-fault-injection-abort.yaml admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 9901 static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 80 filter_chains: - filters: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.fault config: abort: http_status: 503 percentage: numerator: 10 denominator: HUNDRED - name: envoy.router config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy-fault-injection-delay.yaml admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 9901 static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 80 filter_chains: - filters: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.fault config: delay: type: fixed fixed_delay: 10s percentage: numerator: 10 denominator: HUNDRED - name: envoy.router config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy.yaml admin: access_log_path: "/dev/null" address: socket_address: address: 0.0.0.0 port_value: 9901 static_resources: listeners: - address: socket_address: address: 0.0.0.0 port_value: 80 filter_chains: - filters: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: service domains: - "*" routes: - match: prefix: "/" route: cluster: local_service http_filters: - name: envoy.router typed_config: {} clusters: - name: local_service connect_timeout: 0.25s type: strict_dns lb_policy: round_robin load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080
root@user:/opt/servicemesh_in_practise/HTTP-Connection-Manager/fault-injection# curl -w"@curl_format.txt" -o /dev/null -s "http://172.20.0.3/service/red" time_namelookup: 0,000018 time_connect: 0,000209 time_appconnect: 0,000000 time_pretransfer: 0,000255 time_redirect: 0,000000 time_starttransfer: 10,009607 ---------- time_total: 10,009683
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# curl -o /dev/null -w '%{http_code}\n' -s "http://172.20.0.2/service/blue" 200 root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# curl -o /dev/null -w '%{http_code}\n' -s "http://172.20.0.2/service/blue" 503