Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Traffic Management with Istio ( with Demo )

loftkun
August 08, 2019
Technology
0
330

Traffic Management with Istio ( with Demo )

2019/08/08 Thu

Cloud Native FUKUOKA #02 - connpass
https://cnjp.connpass.com/event/139837/

loftkun

August 08, 2019
Tweet

More Decks by loftkun

See All by loftkun
OpenShiftのリリースノートを整理してみた
loftkun
2
530
OpenShiftのサポートを始めるぞ!高頻度で更新されるOSSを効果的にキャッチアップする仕組みを考えました!
loftkun
1
700
Demo of write slides and books with VSCode + Markdown
loftkun
1
480
Write slides and books in VSCode + Markdown
loftkun
4
1.2k
OpenShift from Easy way to Hard ? Way
loftkun
1
940
Kubernetes The Hard Way をやってみた
loftkun
2
430
Operator reading and writing with Operator SDK
loftkun
1
130
HPA with custom metrics
loftkun
1
940
Getting Started with Graph Database with Python
loftkun
1
370

Other Decks in Technology

See All in Technology
6G/テラヘルツの取り組み
sbtechnight
PRO
0
380
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
udzura
2
280
AmebaにおけるQAコスト改善施策〜テスト項目の整理とAutify for Mobileによる自動化
sosuiiii
0
160
ノーコードAI開発プラットフォーム「AIMINA」のシステム設計コンセプトと技術的チャレンジ
sbtechnight
PRO
0
290
マネーフォワードエックスカンパニーとGo言語の歩み
jtaka1012
2
130
DevRel/Japan CONFERENCE 2023
1ftseabass
PRO
0
400
excite_techcon2023__RDS_performance_insightと実行計画 との付き合い方__DBとINDEXを学ぼう
excitejp
PRO
3
540
失敗例から学ぶAWSセキュリティサービスの導入
yhana
0
3k
新卒入社から1500人規模のCTOに: エンジニアが圧倒的に成長する3つのコツ / 技育祭2023春
carta_engineering
0
600
[k8sjp #56] Kustomize v5 を含む最新機能とテクニックの紹介
koba1t
0
320
DevRelの考え方を学んでエンジニア採用に生かす/devreljapan2023 #devreljp
nishiuma
0
510
生成AIで文化を創造する(ChatGPT作成タイトル)
sbtechnight
PRO
0
310

Featured

See All Featured
Producing Creativity
orderedlist
PRO
335
38k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
24
5.1k
Imperfection Machines: The Place of Print at Facebook
scottboms
254
12k
Code Reviewing Like a Champion
maltzj
508
38k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Six Lessons from altMBA
skipperchong
15
2.4k
What’s in a name? Adding method to the madness
productmarketing
PRO
13
2k
Raft: Consensus for Rubyists
vanstee
130
5.7k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
657
120k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
14
1.2k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
15
1.2k
The Mythical Team-Month
searls
210
40k

Transcript

  1. Traffic Management
    with Istio ( with Demo )
    2019/08/08 Cloud Native FUKUOKA #02
    loftkun

    View Slide

  2. About me
    • @loftkun
    • ヤフー株式会社 SRE部
    • 将棋好き
    • 対局結果検索サイトなど公開してます
    • ⾳楽好き
    • ROCK IN JAPAN FESTIVAL ⾏きます
    • ピアノ習いたい
    • コンテナ好き、k8sは前職で使ってた、現職でも使いたい

    View Slide

  3. My k8s Environment

    View Slide

  4. Machine
    CPU Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
    6Core/12Threads
    RAM 64GB
    OS Ubuntu 17.10
    k8s
    minikube v1.2.0 ( Kubernetes v1.15.0 )
    assign 12cpu & 40GB RAM
    kubectl v1.15.0
    istio v1.2.2
    helm v2.14.1

    View Slide

  5. minikube start vm-driver=virtualbox
    Container
    VM ( Node )
    Minikube
    BareMetal
    ssh -fNL 12345:192.168.99.100:12345 [email protected]
    192.168.3.5
    grafana service のnodePortが12345の場合
    http://localhost:12345 でアクセスできるぞ
    192.168.99.100
    192.168.3.4
    Minikube ssh
    でログイン可能

    View Slide

  6. minikube start vm-driver=none
    Container
    Minikube
    BareMetal
    192.168.3.5
    ( Node )
    grafana service のnodePortが12345の場合
    http://192.168.3.5:12345 でアクセスできるぞ
    192.168.3.4
    tcpdump –i docker0
    全Pod間の通信をキャプチャできるぞ

    View Slide

  7. Agenda
    Introduction
    How to use
    Bookinfo
    Traffic Management

    View Slide

  8. Introduction
    What is Istio?

    View Slide

  9. https://istio.io/
    • サービスメッシュを構成するOSS
    • CNCF Platinum Member
    • Proxyコンテナ(Envoy)をSidecarとしてPod内にInjectionしてくれる
    • 様々な制御をkubectl applyできる(後ほどご紹介)
    • 便利なOSS同梱
    • メトリクス (Prometheus/Grafana)
    • トレース (Jaeger/Zipkin)
    • サービスメッシュグラフの可視化(Kiali)

    View Slide

  10. https://github.com/cncf/trailmap

    View Slide

  11. https://github.com/cncf/trailmap

    View Slide

  12. How to use
    Install à Sidecar Injection à Apply traffic rules

    View Slide

  13. 3 steps
    Install
    Sidecar Injection
    Apply traffic rules

    View Slide

  14. Install
    Use Helm? $ kubectl apply istio-demo.yaml
    Cluster has
    tiller? $ helm template istio | kubectl apply
    $ helm install istio
    Y
    Y
    おすすめはHelm使⽤。パラメタ設定が楽。
    • incubator/istioはメンテが⽌まってるので使わない
    • istio.ioのdoc記載の最新版をdownloadして使おう
    N
    N

    View Slide

  15. Sidecar Injection
    Manual
    istioctl kube-injectコマンドでSidecarを埋め込んだmanifestを出⼒する
    $ kubectl apply -f < ( istioctl kube-inject -f my-manifests.yaml )
    Automatic
    対象のnamespaceにラベルを設定しておくだけでOK!
    $ kubectl label ns my-ns istio-injection=enabled

    View Slide

  16. Apply traffic rules
    kubectl apply –f my-virtualservice.yaml
    • VirtualService
    • a set of traffic routing rules
    • 宛先別に様々なruleを設定できる
    Istio setup is done, Letʼs Traffic Management !

    View Slide

  17. Bookinfo
    Istioが提供するサンプルアプリ

    View Slide

  18. Architecture
    https://istio.io/docs/examples/bookinfo/
    load balancing
    ( by reviews service )

    View Slide

  19. Demo

    View Slide

  20. Traffic Management
    Routing, Fault Injection, etc

    View Slide

  21. Request Routing
    https://istio.io/docs/examples/bookinfo/

    View Slide

  22. Demo

    View Slide

  23. review v1 (星なし)

    View Slide

  24. Request Routing ( by header )
    https://istio.io/docs/examples/bookinfo/

    View Slide

  25. Demo

    View Slide

  26. View Slide

  27. Canary Release に使えそう︕ review v2 (⿊い星)

    View Slide

  28. Fault Injection (delay )
    Injected
    Delay : 7sec
    https://istio.io/docs/examples/bookinfo/

    View Slide

  29. Demo

    View Slide

  30. View Slide

  31. https://istio.io/docs/examples/bookinfo/

    View Slide

  32. hard-corded
    Timeout : 10sec
    Injected
    Delay : 7sec
    https://istio.io/docs/examples/bookinfo/

    View Slide

  33. hard-corded
    Timeout : 3sec
    Retry : 1
    hard-corded
    Timeout : 10sec
    Injected
    Delay : 7sec
    Chaos Engineering に使えそう︕ https://istio.io/docs/examples/bookinfo/

    View Slide

  34. View Slide

  35. Other Traffic Managements
    • Traffic Shifting
    • Circuit Breaking
    • Mirroring
    and more !
    https://istio.io/docs/tasks/traffic-management/

    View Slide

  36. Appendix

    View Slide

  37. なぜヨット︖

    View Slide

  38. いろいろ船関連だった
    Kubernetes 操舵手(ギリシャ語)
    Helm 舵
    tiller 舵柄(かじを操作するレバー)
    Istio 帆(ギリシャ語)
    Spinnaker 大きな三角形の帆

    View Slide

  39. Thank you for listening !
    福岡新着ITイベント
    @ITEventFukuoka

    View Slide

  40. Appendix :
    commands for demo
    with my home k8s

    View Slide

  41. ssh config
    • ~/.ssh/config
    • ログイン
    ssh my-k8s

    View Slide

  42. ssh port forwarding
    INGRESS_HOST=192.168.99.100
    INGRESS_PORT=31380
    ssh -fNL ${INGRESS_PORT}:${INGRESS_HOST}:${INGRESS_PORT} my-k8s
    • ローカルの31380ポートをnode(MinikubeのVM) 内の
    31380ポートにforwarding
    • BookInfoは localhost:31380/productpage で⾒れる

    View Slide

  43. ref
    • Request Routing
    • https://istio.io/docs/tasks/traffic-management/request-routing/
    • Fault Injection
    • https://istio.io/docs/tasks/traffic-management/fault-injection/

    View Slide

  44. Appendix :
    BookInfo screenshot

    View Slide

  45. review v1のレスポンス

    View Slide

  46. reload

    View Slide

  47. View Slide

  48. review v2のレスポンス(⿊い星)

    View Slide

  49. reload

    View Slide

  50. View Slide

  51. review v3のレスポンス(⾚い星)

    View Slide