当前位置:网站首页>How many of the 10 most common examples of istio traffic management do you know?
How many of the 10 most common examples of istio traffic management do you know?
2022-07-06 04:04:00 【Wanmao Society】
10 individual Istio Traffic management The most common example , Strongly recommended Collection get up , For a rainy day .
For ease of understanding , With Istio Official Bookinfo Application example , extraction Istio Common examples of traffic management .
Bookinfo The application architecture is shown below :
among , Contains four separate microservices :
productpage
: calldetails
andreviews
Two services , Used to generate pages .details
: Contains information about books .reviews
: Contains reviews of books . It also calls ratings Microservices .rating
: Contains rating information consisting of book reviews .
among ,reviews
The service has 3 A version :
- v1 Version will not call
ratings
service . - v2 Version will call
ratings
service , And use 1 To 5 individual black Star icon to display rating information . - v3 Version will call
ratings
service , And use 1 To 5 individual Red Star icon to display rating information .
Flow transfer
The goal is 1: hold
reviews
All traffic from the service is routed to v1 edition .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
The goal is 2: hold
reviews
Service 50% The flow is transferred to v3 edition .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v1
weight: 50
- destination:
host: reviews
subset: v3
weight: 50
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
The goal is 3: hold
reviews
All traffic from the service is routed to v3 edition .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
User identity based routing
The goal is : From a company named OneMore All traffic from users of are routed to v2 edition , Other traffic is routed to v1 edition .
Istio There is no special built-in mechanism for user identity . In the application example ,productpage
Service in all to reviews
Service HTTP A custom... Is added to the request end-user
Request header , Its value is user name .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: OneMore
route:
- destination:
host: reviews
subset: v2
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
Inject HTTP Delay fault
The goal is : user OneMore During the interview ,
ratings
The service injects a 2 Second delay ,productpage
The page is about 2 Seconds load complete with no errors .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ratings
spec:
hosts:
- ratings
http:
- match:
- headers:
end-user:
exact: OneMore
fault:
delay:
percentage:
value: 100.0
fixedDelay: 2s
route:
- destination:
host: ratings
subset: v1
- route:
- destination:
host: ratings
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: ratings
spec:
host: ratings
subsets:
- labels:
version: v1
name: v1
Inject HTTP Abort fault
The goal is : user OneMore During the interview ,
ratings
The service injects a 503 Abort failure of ,productpage
Pages can be loaded immediately , Show at the same time “Ratings service is currently unavailable” Such news .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ratings
spec:
hosts:
- ratings
http:
- fault:
abort:
httpStatus: 503
percentage:
value: 100
match:
- headers:
end-user:
exact: OneMore
route:
- destination:
host: ratings
subset: v1
- route:
- destination:
host: ratings
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: ratings
spec:
host: ratings
subsets:
- labels:
version: v1
name: v1
Set request timeout
First , user OneMore During the interview , ratings
The service injects a 2 Second delay ,productpage
The page is about 2 Seconds load complete with no errors .
As above Inject HTTP Delay fault To operate , I won't repeat .
The goal is : user OneMore During the interview ,
reviews
The request timeout for the service is set to 1 second , Show at the same time “Sorry, product reviews are currently unavailable for this book.” Such news .
kind: VirtualService
apiVersion: networking.istio.io/v1alpha3
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: OneMore
route:
- destination:
host: reviews
subset: v2
timeout: 1s
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
stay Jaeger You can see the specific call chain as follows :
Set request retry
First , user OneMore During the interview , ratings
The service injects a 2 Second delay ,productpage
The page is about 2 Seconds load complete with no errors .
As above Inject HTTP Delay fault To operate , I won't repeat .
The goal is : user OneMore During the interview ,
reviews
The number of request retries for the service is 2 Time , Retry timeout is 0.5 second , Show at the same time “Sorry, product reviews are currently unavailable for this book.” Such an error message .
kind: VirtualService
apiVersion: networking.istio.io/v1alpha3
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: OneMore
route:
- destination:
host: reviews
subset: v2
retries:
attempts: 2
perTryTimeout: 0.5s
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
Reject target IP Request
The goal is : except IP by
10.201.240.131
Your client can access/api/v1/products/1
, Other clients reject the request .
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: deny-by-ip
spec:
selector:
matchLabels:
app: productpage
action: DENY
rules:
- to:
- operation:
paths: ["/api/v1/products/1"]
when:
- key: remote.ip
notValues: ["10.201.240.131"]
Fuse
The goal is : Set up
details
The upper limit of service concurrency is 1.
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: details
spec:
host: details
trafficPolicy:
connectionPool:
tcp:
maxConnections: 1
http:
http1MaxPendingRequests: 1
maxRequestsPerConnection: 1
have access to Fortio Load test , The number of concurrent messages sent is 2 The connection of (-c 2
), request 20 Time (-n 2
0):
kubectl exec fortio-deploy-684b6b47f8-tzsg8 -c fortio -- /usr/bin/fortio load -c 3 -qps 0 -n 20 -loglevel Warning http://details:9080/details/0
among ,fortio-deploy-684b6b47f8-tzsg8 yes Fortio Of Pod name , The effect is as follows :
Traffic image
The goal is : Route all traffic to reviews Service v2 edition , Then mirror all the traffic to v3 edition .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v2
mirror:
host: reviews
subset: v3
mirrorPercentage:
value: 100.0
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- labels:
version: v1
name: v1
- labels:
version: v2
name: v2
- labels:
version: v3
name: v3
Execute the following command to view reviews
service v3 Version of Envoy Access log :
kubectl logs -l app=reviews,version=v3 -c istio-proxy
You can see reviews
service v3 Log of version being called :
{
"authority": "reviews-shadow:9080",
"bytes_received": 0,
"bytes_sent": 375,
"connection_termination_details": null,
"downstream_local_address": "10.1.1.64:9080",
"downstream_remote_address": "10.1.1.59:0",
"duration": 1914,
"method": "GET",
"path": "/reviews/0",
"protocol": "HTTP/1.1",
"request_id": "b79cefe6-1277-9c39-b398-f94a704840cc",
"requested_server_name": "outbound_.9080_.v3_.reviews.default.svc.cluster.local",
"response_code": 200,
"response_code_details": "via_upstream",
"response_flags": "-",
"route_name": "default",
"start_time": "2022-06-27T07:34:19.129Z",
"upstream_cluster": "inbound|9080||",
"upstream_host": "10.1.1.64:9080",
"upstream_local_address": "127.0.0.6:59837",
"upstream_service_time": "1913",
"upstream_transport_failure_reason": null,
"user_agent": "curl/7.79.1",
"x_forwarded_for": "10.1.1.59"
}
Ingress The routing
The goal is : Request header
app-id
bydetails
All traffic is routed todetails
In service .
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- '*'
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
- match:
- headers:
app-id:
exact: details
route:
- destination:
host: details
port:
number: 9080
Use curl Command to verify :
curl -H "app-id: details" -v http://127.0.0.1/details/2
The results are as follows :
* Trying 127.0.0.1:80...
* Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
> GET /details/2 HTTP/1.1
> Host: 127.0.0.1
> User-Agent: curl/7.79.1
> Accept: */*
> app-id: details
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< content-type: application/json
< server: istio-envoy
< date: Tue, 28 Jun 2022 07:14:40 GMT
< content-length: 178
< x-envoy-upstream-service-time: 4
<
{"id":2,"author":"William Shakespeare","year":1595,"type":"paperback","pages":200,"publisher":"PublisherA","language":"English","ISBN-10":"1234567890","ISBN-13":"123-1234567890"}
* Connection #0 to host 127.0.0.1 left intact
The return result shows , What I visited was details
service .
Last , Thank you for being so handsome , Give it back to me. give the thumbs-up .
边栏推荐
- Codeforces Round #770 (Div. 2) B. Fortune Telling
- Stc8h development (XII): I2C drive AT24C08, at24c32 series EEPROM storage
- C#(二十八)之C#鼠标事件、键盘事件
- Pandora IOT development board learning (HAL Library) - Experiment 9 PWM output experiment (learning notes)
- Ipv4中的A 、B、C类网络及子网掩码
- [Key shake elimination] development of key shake elimination module based on FPGA
- Global and Chinese markets for patent hole oval devices 2022-2028: Research Report on technology, participants, trends, market size and share
- cookie,session,Token 这些你都知道吗?
- 潘多拉 IOT 开发板学习(HAL 库)—— 实验9 PWM输出实验(学习笔记)
- C#(二十九)之C#listBox checkedlistbox imagelist
猜你喜欢
简易博客系统
[adjustable delay network] development of FPGA based adjustable delay network system Verilog
math_极限&微分&导数&微商/对数函数的导函数推导(导数定义极限法)/指数函数求导公式推导(反函数求导法则/对数求导法)
在 .NET 6 中使用 Startup.cs 更简洁的方法
Ipv4中的A 、B、C类网络及子网掩码
Do you know cookies, sessions, tokens?
Database, relational database and NoSQL non relational database
C#(二十九)之C#listBox checkedlistbox imagelist
math_ Derivative function derivation of limit & differential & derivative & derivative / logarithmic function (derivative definition limit method) / derivative formula derivation of exponential functi
[analysis of variance] single factor analysis and multi factor analysis
随机推荐
Chinese brand hybrid technology: there is no best technical route, only better products
Global and Chinese market of aircraft anti icing and rain protection systems 2022-2028: Research Report on technology, participants, trends, market size and share
51nod 1130 n factorial length V2 (Stirling approximation)
WPF效果第一百九十一篇之框选ListBox
Conditionally [jsonignore]
[optimization model] Monte Carlo method of optimization calculation
DM8 archive log file manual switching
cookie,session,Token 这些你都知道吗?
Differential GPS RTK thousand search
[analysis of variance] single factor analysis and multi factor analysis
C (thirty) C combobox listview TreeView
潘多拉 IOT 开发板学习(HAL 库)—— 实验9 PWM输出实验(学习笔记)
Hashcode and equals
Viewing and verifying backup sets using dmrman
Blue Bridge Cup - Castle formula
自动化测试怎么规范部署?
Detailed explanation of serialization and deserialization
User datagram protocol UDP
math_极限&微分&导数&微商/对数函数的导函数推导(导数定义极限法)/指数函数求导公式推导(反函数求导法则/对数求导法)
2/10 parallel search set +bfs+dfs+ shortest path +spfa queue optimization