kubernetes istio

Table of Contents

1. Deployment

2. Deploy sample applications

3. Deploy telemetry components

4. Traffic management

5. Melting

---

Official website: https://istio.io/latest/zh/about/service-mesh/

1. Deployment

Prepare documents in advance

tar zxf 15t10-1.19.3-linux-amd64.tar.gz
cd 15t10-1.19.3/
export PATH=$PWD/bin:$PATH

istioctl install --set profile=demo -y
kubectl get pod -A

Add a label to the namespace to instruct Istio to automatically inject the Envoy sidecar proxy when deploying the application.

2. Deploy sample application

kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

3. Deploy telemetry components

kubectl apply -f samples/addons

After the plug-in is deployed, modify the access method of the kiali service to Loadbalancer

Visit kiali: http://192.168.67.125:20001/

4. Traffic Management

Route all traffic to the v1 version of each microservice

kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml
kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml

All traffic from the user named Jason will be routed to the service reviews:v2

kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml

Create a fault injection rule to delay traffic from test user jason

kubectl apply -f samples/bookinfo/networking/virtual-service-ratings-test-delay.yaml

User jason logged in to the /productpage page, and a problem occurred: an error message was displayed in the Reviews section.

Set up traffic diversion to divert all traffic to reviews:v3

vim samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml
kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml

Modify the delay rule to any value lower than 2.5 seconds, e.g. 2 seconds

vim samples/bookinfo/networking/virtual-service-ratings-test-delay.yaml
kubectl apply -f samples/bookinfo/networking/virtual-service-ratings-test-delay.yaml

Move 50% of the traffic from reviews:v1 to reviews:v3, half v1 and half v3

kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml

When the reviews:v3 microservice is stable, 100% of the traffic can be routed to reviews:v3 by applying Virtual Service rules:

kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-v3.yaml

Cleanup:

samples/bookinfo/platform/kube/cleanup.sh

5. Meltdown

Deploy httpbin service

kubectl apply -f samples/httpbin/httpbin.yaml

Configure circuit breaker rules

kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: httpbin
spec:
  host: httpbin
  trafficPolicy:
    connectionPool:
      tcp:
        maxConnections: 1
      http:
        http1MaxPendingRequests: 1
        maxRequestsPerConnection: 1
    outlierDetection:
      consecutive5xxErrors: 1
      interval: 1s
      baseEjectionTime: 3m
      maxEjectionPercent: 100
EOF

Add a client

kubectl apply -f samples/httpbin/sample-client/fortio-deploy.yaml

Log in to the client Pod and use the Fortio tool to call the httpbin service

export fortio-deploy-6cf68cc4c-qfcb=$(kubectl get pods -l app=fortio -o 'jsonpath={.items[0].metadata.name}')

kubectl exec "fortio-deploy-6cf68cc4c-qfcb" -c fortio -- /usr/bin/fortio curl -quiet http://httpbin:8000/get

trip fuse

Send a connection with a concurrency of 2 (-c 2) and request 20 times (-n 20)

kubectl exec "fortio-deplov-6cf68cc4c-abfcb" -c fortio -- /usr/bin/fortio load -c 2 -qps 0 -n 20 -loglevel Warning http://httpbin:8000/get< /pre>
        
        istio-proxy
         Some errors are indeed allowed
        
       <p><img alt="" height="352" src="//i2.wp.com/img-blog.csdnimg.cn/a07f4964aa394fa2936df1ef57566d14.png" width="1200"></p>
       
      
     
    
   
  
 
<p> <img alt="" height="184" src="//i2.wp.com/img-blog.csdnimg.cn/3a0aae6ed0e646748a599e42a90bf3e7.png" width="388"></p>
 
 
  
  <p>Increase the number of concurrent connections to 3</p>
  <pre>kubectl exec "fortio-deploy-6cf68cc4c-qbfcb" -c fortio -- /usr/bin/fortio load -c 3 -qps 0 -n 30 -loglevel Warning http://httpbin:8000/get

Increase the number of concurrent connections to 5, all of which are intercepted by the circuit breaker.

kubectl exec "fortio-deploy-6cf68cc4c-qbfcb" -c fortio -- /usr/bin/fortio load -c 5 -qps 0 -n 30 -loglevel Warning http://httpbin:8000/get< /pre>
  <p><img alt="" height="307" src="//i2.wp.com/img-blog.csdnimg.cn/26c77ea74ac94b5cbe8ec264d1bea23b.png" width="1200"></p>
  
 
<p> clean up</p>
<pre>kubectl delete destinationrule httpbin

kubectl delete -f samples/httpbin/sample-client/fortio-deploy.yaml
kubectl delete -f samples/httpbin/httpbin.yaml

recycling istio

istioctl uninstall -y --purge
kubectl label namespace default istio-injection-

The knowledge points of the article match the official knowledge archives, and you can further learn relevant knowledge. Cloud native entry-level skills treeService grid (istio)ServiceMesh introduction 17065 people are learning the system