Progressive Delivery with Istio and Argo Rollouts

Transcript

1. Progressive Delivery with Istio and Argo Rollouts

2. Alex Soto (lordofthejars.com) • @alexsotob • [email protected] • Currently Red

   Hat’s Director of Developer Experience • Featured speaker at technology events around the globe • A Java Champion since 2017 • Writer, University Professor, Radio collaborator • A big fan of testing and continuous delivery in 21st century

3. @kevindubois Kevin Dubois • Principal Developer Advocate at Red Hat

   • 18+ years of experience building and delivering software applications • Speak English, Dutch, French, Italian • Passionate about improving Dev Experience with Open Source @[email protected] youtube.com/@thekevindubois linkedin.com/in/kevindubois github.com/kdubois

4. @alexsotob @alexsotob Today’s Objectives Progressive Delivery Delivery Techniques Kubernetes Let’s

   Wind Down

5. @alexsotob @alexsotob Progressive Delivery

6. @alexsotob @alexsotob What is Progressive Delivery? Build Test Security Checks

   Release Deploy Stage Deploy Prod Continuous Integration Continuous Delivery

7. @alexsotob @alexsotob What is Progressive Delivery? • No Big Bang

   • Deploy != Release • Metrics • Subset of Users

8. @alexsotob @alexsotob Why Progressive Delivery? • Decreases Downtime • Limits

   the tragedy • Put to production faster

9. @alexsotob @alexsotob Delivery Techniques

10. @alexsotob @alexsotob 10

11. @alexsotob @alexsotob Blue Green Deployment • All Or Nothing •

    Quick Rollback 11

12. @alexsotob @alexsotob Canary Releases • Small Percentage • Increase depending

    on the metrics 12

13. @alexsotob @alexsotob Dark Launches • Mirroring Traffic • Dark Canaries

    • Feature Flags 13

14. @alexsotob @alexsotob 14

15. @alexsotob @alexsotob 15 Production is not sacrosanct anymore

16. @alexsotob @alexsotob The New ¿Pyramid? 16

17. @alexsotob @alexsotob 17

18. @alexsotob @alexsotob Kubernetes

19. @alexsotob @alexsotob Blue - Green 19 apiVersion: v1 kind: Service

    metadata: name: my-service labels: app: mystuff spec: ports: - name: http port: 8000 selector: inservice: mypods type: LoadBalancer apiVersion: apps/v1 kind: Deployment metadata: name: mynode-deployment spec: replicas: 1 selector: matchLabels: app: mynode template: metadata: labels: app: mynode spec: containers: - name: mynode image: quay.io/rhdevelopers/mynode:v1 ports: - containerPort: 8000 kubectl label pod -l app=mypython inservice=mypods

20. @alexsotob @alexsotob Canary Releases kubectl scale deployment myapp-v1 --replicas=3 kubectl

    scale deployment myapp-v2 --replicas=1 20

21. @alexsotob @alexsotob Canary Release 21 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata:

    name: recommendation spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 weight: 75 - destination: host: recommendation subset: version-v2 weight: 25

22. @alexsotob @alexsotob Shadowing Traffic 22 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata:

    name: recommendation spec: hosts: - recommendation http: - route: - destination: host: recommendation subset: version-v1 mirror: host: recommendation subset: version-v2

23. @alexsotob @alexsotob Dark Canary 23 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata:

    name: recommendation spec: hosts: - recommendation http: - match: - headers: end-user: exact: Alexandra route: - destination: host: recommendation subset: version-v2 - route: - destination: host: recommendation subset: version-v1
24. None

25. @alexsotob @alexsotob Next Generation Microservices - Service Mesh 25 Code

    Independent (Polyglot) • Intelligent Routing and Load-Balancing • Smarter Canary Releases • Dark Launch • Chaos: Fault Injection • Resilience: Circuit Breakers • Observability & Telemetry: Metrics and Tracing • Security: Encryption & Authorization • Fleet wide policy enforcement

26. @alexsotob @alexsotob Sidecar Container 26

27. @alexsotob Sidecar Container Pod Container JVM Service A Sidecar Container

    Pod Container JVM Service C Sidecar Container Pod Container JVM Service B Sidecar Container With Istio The sidecar intercepts all network traffic

28. Live Demo

29. @alexsotob @alexsotob The most asked question in Istio sessions 29

30. @alexsotob @alexsotob 30 Argo Rollouts

31. @alexsotob @alexsotob Argo Rollouts 31 kubectl apply rollout Monitors Data

32. @alexsotob @alexsotob Rolling out automatically 32 apiVersion: argoproj.io/v1alpha1 kind: Rollout

    metadata: name: bubblebackend labels: app: bubblebackend spec: strategy: canary: steps: - setWeight: 20 - pause: duration: "1m" - setWeight: 50 - pause: duration: "2m" canaryService: bubble-backend-canary stableService: bubble-backend trafficRouting: istio: virtualService: name: bubble-backend routes: - primary …

33. Live Demo

34. @alexsotob @alexsotob Let’s Wind Down

35. @alexsotob @alexsotob Final Notes • State is always hard, start

    with stateless • Step by Step • Embrace GitOps • If you haven’t automatically destroyed something by mistake, you aren’t automating enough • Demos ◦ https://dn.dev/istio-tutorial ◦ https://github.com/redhat-developer-demos/bubbles-progressive-delivery 35