Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
Traffic Management with Istio ( with Demo ) 2019/08/08 Cloud Native FUKUOKA #02 loftkun
Slide 2
Slide 2 text
About me • @loftkun • ヤフー株式会社 SRE部 • 将棋好き • 対局結果検索サイトなど公開してます • ⾳楽好き • ROCK IN JAPAN FESTIVAL ⾏きます • ピアノ習いたい • コンテナ好き、k8sは前職で使ってた、現職でも使いたい
Slide 3
Slide 3 text
My k8s Environment
Slide 4
Slide 4 text
Machine CPU Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz 6Core/12Threads RAM 64GB OS Ubuntu 17.10 k8s minikube v1.2.0 ( Kubernetes v1.15.0 ) assign 12cpu & 40GB RAM kubectl v1.15.0 istio v1.2.2 helm v2.14.1
Slide 5
Slide 5 text
minikube start vm-driver=virtualbox Container VM ( Node ) Minikube BareMetal ssh -fNL 12345:192.168.99.100:12345
[email protected]
192.168.3.5 grafana service のnodePortが12345の場合 http://localhost:12345 でアクセスできるぞ 192.168.99.100 192.168.3.4 Minikube ssh でログイン可能
Slide 6
Slide 6 text
minikube start vm-driver=none Container Minikube BareMetal 192.168.3.5 ( Node ) grafana service のnodePortが12345の場合 http://192.168.3.5:12345 でアクセスできるぞ 192.168.3.4 tcpdump –i docker0 全Pod間の通信をキャプチャできるぞ
Slide 7
Slide 7 text
Agenda Introduction How to use Bookinfo Traffic Management
Slide 8
Slide 8 text
Introduction What is Istio?
Slide 9
Slide 9 text
https://istio.io/ • サービスメッシュを構成するOSS • CNCF Platinum Member • Proxyコンテナ(Envoy)をSidecarとしてPod内にInjectionしてくれる • 様々な制御をkubectl applyできる(後ほどご紹介) • 便利なOSS同梱 • メトリクス (Prometheus/Grafana) • トレース (Jaeger/Zipkin) • サービスメッシュグラフの可視化(Kiali)
Slide 10
Slide 10 text
https://github.com/cncf/trailmap
Slide 11
Slide 11 text
https://github.com/cncf/trailmap
Slide 12
Slide 12 text
How to use Install à Sidecar Injection à Apply traffic rules
Slide 13
Slide 13 text
3 steps Install Sidecar Injection Apply traffic rules
Slide 14
Slide 14 text
Install Use Helm? $ kubectl apply istio-demo.yaml Cluster has tiller? $ helm template istio | kubectl apply $ helm install istio Y Y おすすめはHelm使⽤。パラメタ設定が楽。 • incubator/istioはメンテが⽌まってるので使わない • istio.ioのdoc記載の最新版をdownloadして使おう N N
Slide 15
Slide 15 text
Sidecar Injection Manual istioctl kube-injectコマンドでSidecarを埋め込んだmanifestを出⼒する $ kubectl apply -f < ( istioctl kube-inject -f my-manifests.yaml ) Automatic 対象のnamespaceにラベルを設定しておくだけでOK! $ kubectl label ns my-ns istio-injection=enabled
Slide 16
Slide 16 text
Apply traffic rules kubectl apply –f my-virtualservice.yaml • VirtualService • a set of traffic routing rules • 宛先別に様々なruleを設定できる Istio setup is done, Letʼs Traffic Management !
Slide 17
Slide 17 text
Bookinfo Istioが提供するサンプルアプリ
Slide 18
Slide 18 text
Architecture https://istio.io/docs/examples/bookinfo/ load balancing ( by reviews service )
Slide 19
Slide 19 text
Demo
Slide 20
Slide 20 text
Traffic Management Routing, Fault Injection, etc
Slide 21
Slide 21 text
Request Routing https://istio.io/docs/examples/bookinfo/
Slide 22
Slide 22 text
Demo
Slide 23
Slide 23 text
review v1 (星なし)
Slide 24
Slide 24 text
Request Routing ( by header ) https://istio.io/docs/examples/bookinfo/
Slide 25
Slide 25 text
Demo
Slide 26
Slide 26 text
No content
Slide 27
Slide 27 text
Canary Release に使えそう︕ review v2 (⿊い星)
Slide 28
Slide 28 text
Fault Injection (delay ) Injected Delay : 7sec https://istio.io/docs/examples/bookinfo/
Slide 29
Slide 29 text
Demo
Slide 30
Slide 30 text
No content
Slide 31
Slide 31 text
https://istio.io/docs/examples/bookinfo/
Slide 32
Slide 32 text
hard-corded Timeout : 10sec Injected Delay : 7sec https://istio.io/docs/examples/bookinfo/
Slide 33
Slide 33 text
hard-corded Timeout : 3sec Retry : 1 hard-corded Timeout : 10sec Injected Delay : 7sec Chaos Engineering に使えそう︕ https://istio.io/docs/examples/bookinfo/
Slide 34
Slide 34 text
No content
Slide 35
Slide 35 text
Other Traffic Managements • Traffic Shifting • Circuit Breaking • Mirroring and more ! https://istio.io/docs/tasks/traffic-management/
Slide 36
Slide 36 text
Appendix
Slide 37
Slide 37 text
なぜヨット︖
Slide 38
Slide 38 text
いろいろ船関連だった Kubernetes 操舵手(ギリシャ語) Helm 舵 tiller 舵柄(かじを操作するレバー) Istio 帆(ギリシャ語) Spinnaker 大きな三角形の帆
Slide 39
Slide 39 text
Thank you for listening ! 福岡新着ITイベント @ITEventFukuoka
Slide 40
Slide 40 text
Appendix : commands for demo with my home k8s
Slide 41
Slide 41 text
ssh config • ~/.ssh/config • ログイン ssh my-k8s
Slide 42
Slide 42 text
ssh port forwarding INGRESS_HOST=192.168.99.100 INGRESS_PORT=31380 ssh -fNL ${INGRESS_PORT}:${INGRESS_HOST}:${INGRESS_PORT} my-k8s • ローカルの31380ポートをnode(MinikubeのVM) 内の 31380ポートにforwarding • BookInfoは localhost:31380/productpage で⾒れる
Slide 43
Slide 43 text
ref • Request Routing • https://istio.io/docs/tasks/traffic-management/request-routing/ • Fault Injection • https://istio.io/docs/tasks/traffic-management/fault-injection/
Slide 44
Slide 44 text
Appendix : BookInfo screenshot
Slide 45
Slide 45 text
review v1のレスポンス
Slide 46
Slide 46 text
reload
Slide 47
Slide 47 text
No content
Slide 48
Slide 48 text
review v2のレスポンス(⿊い星)
Slide 49
Slide 49 text
reload
Slide 50
Slide 50 text
No content
Slide 51
Slide 51 text
review v3のレスポンス(⾚い星)