Traffic Management with Istio ( with Demo )

4cb5b950cfd0eabf5d6b828c951d4549?s=47 loftkun
August 08, 2019
Technology
0
170

Traffic Management with Istio ( with Demo )

2019/08/08 Thu

Cloud Native FUKUOKA #02 - connpass
https://cnjp.connpass.com/event/139837/

4cb5b950cfd0eabf5d6b828c951d4549?s=128

loftkun

August 08, 2019
Tweet

More Decks by loftkun

See All by loftkun
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
2
290
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
70
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
260
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
130
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
1
150
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
82
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
270
4cb5b950cfd0eabf5d6b828c951d4549?s=48 loftkun
0
110

Other Decks in Technology

See All in Technology
96e6721cf9462dfc15a564189a701d29?s=48 naoyasugita
0
150
Ca6281fff64797dc419b78f51f25c0a5?s=48 fujiwara3
4
760
D5173894fbe19c9c1e125cf4cf341ca5?s=48 mtkage
1
150
7cd783377515bdf8207062840b7b2f4e?s=48 soracom
0
100
3115a782126be714b5f94d24073c957d?s=48 oracle4engineer
1
100
7a1af5a69aeacaba5042ee2f332fdaf6?s=48 ahrkrak
0
450
9133b1e634392f8aeed5ad346a491973?s=48 sebastienmoreno
0
260
14c35b43867f0995b8052b1a6783c721?s=48 sugitk
1
110
D1dd88d67a1b17b9d2ad981b75d205f3?s=48 myamashii
0
570
20451295e0cb4dce2b2805b2a61cd92d?s=48 tnk4on
1
300
8434e5fcdb11033234455d4b2bfb6bb3?s=48 voyage_tech
0
320
7cd783377515bdf8207062840b7b2f4e?s=48 soracom
0
130

Featured

See All Featured
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
325
15k
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
100
11k
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
92
13k
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
237
23k
Aebc2d07a50011e2a30d38435fde564a?s=48 jrom
114
7k
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
119
7.8k
9128d500301ae51524e887bb680f471d?s=48 caitiem20
306
17k
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
14
1.4k
3d6ace9554821d552146413bcdf874f6?s=48 trishagee
18
1.6k
15f2b8221f247985a27a627d2ece72f0?s=48 pauljervisheath
195
15k
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
370k
D8fc2580cfaca035f666d9e4ee79a7f7?s=48 mongodb
23
3.7k

Transcript

  1. Traffic Management with Istio ( with Demo ) 2019/08/08 Cloud

    Native FUKUOKA #02 loftkun

  2. About me • @loftkun • ヤフー株式会社 SRE部 • 将棋好き •

    対局結果検索サイトなど公開してます • ⾳楽好き • ROCK IN JAPAN FESTIVAL ⾏きます • ピアノ習いたい • コンテナ好き、k8sは前職で使ってた、現職でも使いたい

  3. My k8s Environment

  4. Machine CPU Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz 6Core/12Threads RAM

    64GB OS Ubuntu 17.10 k8s minikube v1.2.0 ( Kubernetes v1.15.0 ) assign 12cpu & 40GB RAM kubectl v1.15.0 istio v1.2.2 helm v2.14.1

  5. minikube start vm-driver=virtualbox Container VM ( Node ) Minikube BareMetal

    ssh -fNL 12345:192.168.99.100:12345 loft@192.168.3.5 192.168.3.5 grafana service のnodePortが12345の場合 http://localhost:12345 でアクセスできるぞ 192.168.99.100 192.168.3.4 Minikube ssh でログイン可能

  6. minikube start vm-driver=none Container Minikube BareMetal 192.168.3.5 ( Node )

    grafana service のnodePortが12345の場合 http://192.168.3.5:12345 でアクセスできるぞ 192.168.3.4 tcpdump –i docker0 全Pod間の通信をキャプチャできるぞ

  7. Agenda Introduction How to use Bookinfo Traffic Management

  8. Introduction What is Istio?

  9. https://istio.io/ • サービスメッシュを構成するOSS • CNCF Platinum Member • Proxyコンテナ(Envoy)をSidecarとしてPod内にInjectionしてくれる •

    様々な制御をkubectl applyできる(後ほどご紹介) • 便利なOSS同梱 • メトリクス (Prometheus/Grafana) • トレース (Jaeger/Zipkin) • サービスメッシュグラフの可視化(Kiali)

  10. https://github.com/cncf/trailmap

  11. https://github.com/cncf/trailmap

  12. How to use Install à Sidecar Injection à Apply traffic

    rules

  13. 3 steps Install Sidecar Injection Apply traffic rules

  14. Install Use Helm? $ kubectl apply istio-demo.yaml Cluster has tiller?

    $ helm template istio | kubectl apply $ helm install istio Y Y おすすめはHelm使⽤。パラメタ設定が楽。 • incubator/istioはメンテが⽌まってるので使わない • istio.ioのdoc記載の最新版をdownloadして使おう N N

  15. Sidecar Injection Manual istioctl kube-injectコマンドでSidecarを埋め込んだmanifestを出⼒する $ kubectl apply -f <

    ( istioctl kube-inject -f my-manifests.yaml ) Automatic 対象のnamespaceにラベルを設定しておくだけでOK! $ kubectl label ns my-ns istio-injection=enabled

  16. Apply traffic rules kubectl apply –f my-virtualservice.yaml • VirtualService •

    a set of traffic routing rules • 宛先別に様々なruleを設定できる Istio setup is done, Letʼs Traffic Management !

  17. Bookinfo Istioが提供するサンプルアプリ

  18. Architecture https://istio.io/docs/examples/bookinfo/ load balancing ( by reviews service )

  19. Demo

  20. Traffic Management Routing, Fault Injection, etc

  21. Request Routing https://istio.io/docs/examples/bookinfo/

  22. Demo

  23. review v1 (星なし)

  24. Request Routing ( by header ) https://istio.io/docs/examples/bookinfo/

  25. Demo

  26. None

  27. Canary Release に使えそう︕ review v2 (⿊い星)

  28. Fault Injection (delay ) Injected Delay : 7sec https://istio.io/docs/examples/bookinfo/

  29. Demo

  30. None

  31. https://istio.io/docs/examples/bookinfo/

  32. hard-corded Timeout : 10sec Injected Delay : 7sec https://istio.io/docs/examples/bookinfo/

  33. hard-corded Timeout : 3sec Retry : 1 hard-corded Timeout :

    10sec Injected Delay : 7sec Chaos Engineering に使えそう︕ https://istio.io/docs/examples/bookinfo/
  34. None

  35. Other Traffic Managements • Traffic Shifting • Circuit Breaking •

    Mirroring and more ! https://istio.io/docs/tasks/traffic-management/

  36. Appendix

  37. なぜヨット︖

  38. いろいろ船関連だった Kubernetes 操舵手(ギリシャ語) Helm 舵 tiller 舵柄(かじを操作するレバー) Istio 帆(ギリシャ語) Spinnaker

    大きな三角形の帆

  39. Thank you for listening ! 福岡新着ITイベント @ITEventFukuoka

  40. Appendix : commands for demo with my home k8s

  41. ssh config • ~/.ssh/config • ログイン ssh my-k8s

  42. ssh port forwarding INGRESS_HOST=192.168.99.100 INGRESS_PORT=31380 ssh -fNL ${INGRESS_PORT}:${INGRESS_HOST}:${INGRESS_PORT} my-k8s •

    ローカルの31380ポートをnode(MinikubeのVM) 内の 31380ポートにforwarding • BookInfoは localhost:31380/productpage で⾒れる

  43. ref • Request Routing • https://istio.io/docs/tasks/traffic-management/request-routing/ • Fault Injection •

    https://istio.io/docs/tasks/traffic-management/fault-injection/

  44. Appendix : BookInfo screenshot

  45. review v1のレスポンス

  46. reload

  47. None

  48. review v2のレスポンス(⿊い星)

  49. reload

  50. None

  51. review v3のレスポンス(⾚い星)