Shulou(Shulou.com)06/01 Report--

What is the process of using istio? I believe many inexperienced people don't know what to do about it. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Install and install K8s strong insert advertisement

Three-step installation, not to mention

Install helm. It is recommended to install helm in the production environment. You can adjust the release address.

Such as the version 2.9.1 I use

Yum install-y socat # this will report an error [root@istiohost ~] # wget https://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz[root@istiohost ~] # tar zxvf helm-v2.9.1-linux-amd64.tar.gz [root@istiohost ~] # cp linux-amd64/helm / usr/bin

First create a service account to give administrator privileges to helm:

[root@istiohost ~] # cat helmserviceaccount.yamlapiVersion: v1kind: ServiceAccountmetadata: name: tiller namespace: kube-system---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: tiller-clusterrolebindingsubjects:- kind: ServiceAccount name: tiller namespace: kube-systemroleRef: kind: ClusterRole name: cluster-admin apiGroup: "kubectl create-f helmserviceaccount.yaml

Install the helm server tiller:

Helm init-- service-account tiller # if the update plus-- upgrade parameter helm list # is installed, nothing is returned to indicate success

Install istio

Curl-L https://git.io/getLatestIstio | sh-cd istio-1.0.0/export PATH=$PWD/bin:$PATH

Versions of helm prior to 2.10.0 need to install CRD:

Kubectl apply-f install/kubernetes/helm/istio/templates/crds.yamlkubectl apply-f install/kubernetes/helm/istio/charts/certmanager/templates/crds.yaml

Install istio, and since you don't have LB, use NodePort instead:

Helm install install/kubernetes/helm/istio-name istio--namespace istio-system-set gateways.istio-ingressgateway.type=NodePort-set gateways.istio-egressgateway.type=NodePort

Installation succeeded:

[root@istiohost istio-1.0.0] # kubectl get pod-n istio-systemNAME READY STATUS RESTARTS AGEistio-citadel-7d8f9748c5-ntqnp 1 to 1 Running 0 5mistio-egressgateway-676c8546c5-2w4cq 1 to 1 Running 0 5mistio-galley-5669f7c9b-mkxjg 1 to 1 Running 0 5mistio-ingressgateway-5475685bbb-96mbr 1 to 1 Running 0 5mistio-pilot-5795d6d695-gr4h5 2 to 2 Running 0 5mistio-policy-7f945bf487-gkpxr 2 to 2 Running 0 5mistio-sidecar-injector-d96cd9459-674pk 1 to 1 Running 0 5mistio-statsd-prom-bridge-549d687fd9-6cbzs 1 to 1 Running 0 5mistio-telemetry-6c587bdbc4-jndjn 2 istio-systemNAME TYPE CLUSTER-IP EXTERNAL-IP PORT 2 Running 0 5mprometheus-6ffc56584f-98mr9 1 Running 0 5m [root@istiohost istio-1.0.0] # kubectl get svc-n istio-systemNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEistio-citadel ClusterIP 10.108.253.89 8060/TCP 9093/TCP 5mistio-egressgateway NodePort 10.96.151.14 80:30830/TCP 443:30038/TCP 5mistio-galley ClusterIP 10.102.83.130 443/TCP 9093/TCP 5mistio-ingressgateway NodePort 10.99.194.13 80:31380/TCP,443:31390/TCP,31400:31400/TCP,15011:31577/TCP,8060:30037/TCP,15030:31855/TCP 15031:30775/TCP 5mistio-pilot ClusterIP 10.101.4.143 15010/TCP,15011/TCP,8080/TCP,9093/TCP 5mistio-policy ClusterIP 10.106.221.68 9091/TCP,15004/TCP 9093/TCP 5mistio-sidecar-injector ClusterIP 10.100.5.170 443/TCP 5mistio- Statsd-prom-bridge ClusterIP 10.107.28.242 9102/TCP 9125/UDP 5mistio-telemetry ClusterIP 10.105.66.20 9091/TCP,15004/TCP,9093/TCP 42422/TCP 5mprometheus ClusterIP 10.103.128.152 9090/TCP use tutorial official website example Bookinfo Application

Productpage calls details and reviews to render the page

Details contains book information

Reviews book feedback, call ratings service

Ratings Book Rental Information

There are three versions of the reviews service:

V1 does not request ratings

V2 requests ratings and returns 1 to 5 black stars

V3 requests ratings and returns 1 to 5 red stars

Data plane:

Install the application:

Kubectl apply-f Black Star-> Red Star switch, corresponding to three versions of review, the default policy is polling

Create destination rules, configure routing access rules, and still poll

Kubectl apply-f samples/bookinfo/networking/destination-rule-all.yaml Intelligent routing request routing request routing routing based on version

Switch all routes to v1 version

Kubectl apply-f samples/bookinfo/networking/virtual-service-all-v1.yaml

After this execution, no matter how we browse the page, we can't see the stars, because there are no stars in the v1 version.

You can see that destination looks like this:

Http:-route:-destination: host: details subset: v1

Just imagine how easy it will be for us to switch versions.

Based on user routing kubectl apply-f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml

You will find that you can see the black stars when you log in with jason users, while the pages you see in other ways are star-free.

Because this user has taken the v2 version, can it be powerful? Of course, it can be routed according to header or something, so I won't say much about it.

Http:-match:-headers: end-user: exact: jason route:-destination: host: reviews subset: v2-route:-destination: host: reviews subset: V1 Fault injection Fault injectionkubectl apply-f samples/bookinfo/networking/virtual-service-all-v1.yamlkubectl apply-f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml

Suppose there is a bug in the code, and the user jason and reviews:v2 will get stuck for 10s when they visit ratings. We still hope that the end-to-end test can be completed normally.

Kubectl apply-f samples/bookinfo/networking/virtual-service-ratings-test-delay.yaml

Injection error gives jason users a delay of 7s

Hosts:-ratings http:-fault: delay: fixedDelay: 7s percent: 100match:-headers: end-user: exact: jason route:-destination: host: ratings subset: V1-route:-destination: host: ratings subset: v1

There is obviously an error when visiting the page, because we hope to return within 7s, so we find a delayed bug

Error fetching product reviews!Sorry, product reviews are currently unavailable for this book.

So we may find these anomalies through fault injection.

Link handoff Traffic Shifting

We first send 50% traffic to reviews:v1, 50% traffic to v3, and then cut 100% of the traffic to v3.

Cut 100% traffic to v1kubectl apply-f samples/bookinfo/networking/virtual-service-all-v1.yaml

No matter how many times you brush it, there are no stars.

V1 v3 50% traffic kubectl apply-f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml-route:-destination: host: reviews subset: v1 weight: 50-destination: host: reviews subset: v3 weight: 50

At this time, there will be stars and there will be no stars, but it is no longer a polling algorithm.

Full cut v3kubectl apply-f samples/bookinfo/networking/virtual-service-reviews-v3.yaml

At this time, no matter how you brush it, it will be a red heart.

After reading the above, have you mastered the process of using istio? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.