首页 kubernetes 正文

istio初入

小破站老大 2022-08-23 AM 583℃ 0条

istio学习笔记

官网

https://istio.io/latest/docs/setup/getting-started/

安装

环境 : Centos7 x86_64

#下载istio
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.12.5 TARGET_ARCH=x86_64 sh -
#将istio目录加入到环境变量中,你也可以将istio-1.12.5/bin目录下istioctl文件放置到/usr/local/bin/
echo 'export PATH="$PATH:/root/istio/istio-1.12.5/bin"' >> /etc/profile
#重载生效
source /etc/profile
##验证
istioctl version
#[root@master]# istioctl version
#client version: 1.12.5
#control plane version: 1.12.5
#data plane version: 1.12.5 (2 proxies)

一个例子

front workload通过svc访问bill workload

bill workload有v1 v2两个版本

按照kube-proxy策略,会均衡分发到v1和v2两个版本各50%的机率

部署清单文件

front-tomcat-dp1-v1.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: front-tomcat-v1
  namespace: istio-demo
  labels:
    app: front-tomcat
    version: v1
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: front-tomcat
        version: v1
    spec:
      containers:
        - name: front-tomcat
          image: consol/tomcat-7.0:latest
          imagePullPolicy: IfNotPresent
      restartPolicy: Always
  selector:
    matchLabels:
      app: front-tomcat
      version: v1

bill-service-dp1-v1.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    service: bill-service
    version: v1
  name: bill-service-v1
  namespace: istio-demo
spec:
  replicas: 1
  selector:
    matchLabels:
      service: bill-service
      version: v1
  template:
    metadata:
      labels:
        service: bill-service
        version: v1
    spec:
      containers:
        - image: nginx:alpine
          name: bill-service
          command: [ "/bin/sh","-c","echo 'this is bill service v1'>/usr/share/nginx/html/index.html;nginx -g 'daemon off;'" ]

bill-service-dp1-v2.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    service: bill-service
    version: v2
  name: bill-service-v2
  namespace: istio-demo
spec:
  replicas: 1
  selector:
    matchLabels:
      service: bill-service
      version: v2
  template:
    metadata:
      labels:
        service: bill-service
        version: v2
    spec:
      containers:
        - image: nginx:alpine
          name: bill-service
          command: [ "/bin/sh","-c","echo 'this is bill service v2'>/usr/share/nginx/html/index.html;nginx -g 'daemon off;'" ]

bill-service-svc.yaml

apiVersion: v1
kind: Service
metadata:
  name: bill-service
  namespace: istio-demo
spec:
  selector:
    service: bill-service
  ports:
    - name: http
      port: 9999
      protocol: TCP
      targetPort: 80
  type: ClusterIP

创建工作负载

kubectl create ns istio-demo
kubectl apply -f front-tomcat-dp1-v1.yaml
kubectl apply -f bill-service-dp1-v1.yaml
kubectl apply -f bill-service-dp1-v2.yaml
kubectl apply -f bill-service-svc.yaml

从front workload pod访问bill workload

kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999

结果基本50%

this is bill service v1
{22:32}~ ➭ kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999
this is bill service v2
{22:32}~ ➭ kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999
this is bill service v1
{22:32}~ ➭ kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999
this is bill service v2
{22:32}~ ➭ kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999
this is bill service v1
{22:32}~ ➭ kubectl -n istio-demo  exec po/front-tomcat-v1-fccd7fff9-t8rpl -- curl -s  bill-service:9999
this is bill service v2

使用istioctl工具进行sidecar注入

要使用流量治理,熔断等功能,需要将你的业务托管到网格内部,需要进行sidecar注入

# 该步骤生成文件可进行观察
istioctl kube-inject -f front-tomcat-dp1-v1.yaml > front-tomcat-dp1-v1-inject.yaml
istioctl kube-inject -f bill-service-dp1-v1.yaml > bill-service-dp1-v1-inject.yaml
istioctl kube-inject -f bill-service-dp1-v2.yaml > bill-service-dp1-v2-inject.yaml

在集群中应用sidecar注入

kubectl apply -f front-tomcat-dp1-v1-inject.yaml
kubectl apply -f bill-service-dp1-v1-inject.yaml 
kubectl apply -f bill-service-dp1-v2-inject.yaml

理解Envoy

想实现90%流程分发到v1,10流量分发到v2
让流量按照我们期望的比例,这其实就是一条路由规则

需要解决的问题

  • 如何定义路由规则
  • 如何区分两个版本的服务

两个新的资源类型

  • virtualService
  • destinationRule

定义路由

bill-service-destnation-rule.yaml

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: dest-bill-service
  namespace: istio-demo
spec:
  host: bill-service
  subsets:
  - name: v1
    label:
      version: v1
  - name: v2
    label:
      version: v2

定义规则

bill-service-virtualservice.yaml

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: vs-bill-service
  namespace: istio-demo
spec:
  hosts:
  - bill-serivce
  http:
  - name: bill-service-route
    route:
    - destination:
        host: bill-service
        subset: v1
      weight: 80
    - destination:
        host: bill-service
        subset: v2
      weight: 20

部署dr 和 vs

kubectl apply -f bill-service-virtualservice.yaml
kubectl apply -f bill-service-destnation-rule.yaml
标签: k8s, istio, mesh, cloud

非特殊说明,本博所有文章均为博主原创。

上一篇 使用Docker/Kubernetes部署Mincraft我的世界服务端
下一篇 Docker 部署Caddy 目录浏览

评论啦~


栏目分类

标签云

linuxcloud网盘资源forgejsdelivr电影istio资源更新极客时间剧集kubernetesk8sm3u8ipv6typechomeshprometheusjavacaddycanvas网盘设计minecraftcadvisormaster笔记本node画布nginx我的世界

广而告之

友情链接

莲梦青语 九思学舍 IP归属地查询 影视资源搜索 好玩画布 在线笔记本
© 2024 一个小破站 www.runc.fun