526互联

Argo Rollouts Canary结合Istio进行流量迁移实例

发布时间 2023-12-17 13:39:41作者: 小吉猫

环境说明

用argo rollouts 金丝雀发布策略更新nginx服务。
发布过程结合Isito和analysis。

创建 ns argo-demo

# kubectl create ns argo-demo
namespace/argo-demo created

启用Istio自动注入功能

# kubectl label namespace argo-demo istio-injection=enabled
namespace/argo-demo labeled

nginx 环境部署

argo-rollouts-nginx-with-analysis.yaml

apiVersion: argoproj.io/v1alpha1
kind: AnalysisTemplate
metadata:
  name: success-rate
spec:
  args:
  - name: service-name
  metrics:
  - name: success-rate
    # NOTE: prometheus queries return results in the form of a vector.
    # So it is common to access the index 0 of the returned array to obtain the value
    successCondition: result[0] >= 0.95
    interval: 20s
    count: 3
    failureLimit: 3
    provider:
      prometheus:
        address: http://prometheus.istio-system.svc.wgs.local:9090
        query: |
          sum(irate(
            istio_requests_total{reporter="source",destination_service=~"{{args.service-name}}",response_code!~"5.*"}[1m]
          )) /
          sum(irate(
            istio_requests_total{reporter="source",destination_service=~"{{args.service-name}}"}[1m]
          ))
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: nginx-rollout-vsvc
spec:
  #gateways:
  #- istio-rollout-gateway
  hosts:
  - nginx
  http:
  - name: primary
    route:
    - destination:
        host: nginx
        subset: stable
      weight: 100
    - destination:
        host: nginx
        subset: canary
      weight: 0
---
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: nginx-rollout-destrule
spec:
  host: nginx
  subsets:
  - name: canary
    labels:
      app: nginx
  - name: stable
    labels:
      app: nginx
---
apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
  name: rollouts-nginx-with-analysis
spec:
  replicas: 10 
  strategy:
    canary:
      trafficRouting:
        istio:
          virtualService: 
            name: nginx-rollout-vsvc
            routes:
            - primary
          destinationRule:
            name: nginx-rollout-destrule
            canarySubsetName: canary
            stableSubsetName: stable
      steps:
      - setWeight: 5
      - pause: {duration: 2m}
      - analysis:
          templates:
          - templateName: success-rate
          args:
          - name: service-name
            value: nginx.argo-demo.svc.wgs.local
      - setWeight: 10
      - pause: {duration: 1m}
      - setWeight: 30
      - pause: {duration: 1m}
      - setWeight: 60
      - pause: {duration: 1m}
  revisionHistoryLimit: 5
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.24-alpine
        ports:
        - name: http
          containerPort: 80
          protocol: TCP
        resources:
          requests:
            memory: 32Mi
            cpu: 50m
        livenessProbe:
          httpGet:
            path: '/'
            port: 80
            scheme: HTTP
        readinessProbe:
          httpGet:
            path: '/'
            port: 80
            scheme: HTTP
          initialDelaySeconds: 5
---
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  ports:
  - port: 80
    targetPort: http
    protocol: TCP
    name: http
  selector:
    app: nginx

创建环境

# kubectl apply -f argo-rollouts-nginx-with-analysis.yaml -n argo-demo
analysistemplate.argoproj.io/success-rate created
virtualservice.networking.istio.io/nginx-vsvc created
destinationrule.networking.istio.io/nginx-rollout-destrule created
rollout.argoproj.io/rollouts-nginx-with-analysis created
service/spring-boot-helloworld created

查看部署结果

访问测试

创建客户端

# kubectl apply -f istio/samples/sleep/ -n argo-demo
serviceaccount/notsleep created
service/notsleep created
deployment.apps/notsleep created
serviceaccount/sleep created
service/sleep created
deployment.apps/sleep created
serviceaccount/sleep unchanged
service/sleep unchanged
deployment.apps/sleep configured

登录客户端

# kubectl exec -it sleep-7656cf8794-l4vgv -n argo-demo -- /bin/sh
/ $

访问nginx服务

/ $ while true;do curl nginx -I ; sleep 1;done
HTTP/1.1 200 OK
server: envoy
date: Fri, 15 Dec 2023 09:03:23 GMT
content-type: text/html
content-length: 615
last-modified: Tue, 11 Apr 2023 17:21:57 GMT
etag: "64359735-267"
accept-ranges: bytes
x-envoy-upstream-service-time: 6

更新nginx服务

# kubectl argo rollouts set image rollouts-nginx-with-analysis nginx=nginx:1.25-alpine -n argo-demo
rollout "rollouts-nginx-with-analysis" image updated

查看更新过程

查看流量比例动态调整

# kubectl get vs -n argo-demo -o yaml
apiVersion: v1
items:
- apiVersion: networking.istio.io/v1beta1
  kind: VirtualService
  metadata:
    annotations:
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"networking.istio.io/v1beta1","kind":"VirtualService","metadata":{"annotations":{},"name":"nginx-rollout-vsvc","namespace":"argo-demo"},"spec":{"hosts":["nginx"],"http":[{"name":"primary","route":[{"destination":{"host":"nginx","subset":"stable"},"weight":100},{"destination":{"host":"nginx","subset":"canary"},"weight":0}]}]}}
    creationTimestamp: "2023-12-15T08:37:29Z"
    generation: 3
    name: nginx-rollout-vsvc
    namespace: argo-demo
    resourceVersion: "8750553"
    uid: 7a4eaf4d-0dfa-49a1-9344-fd71dcb664c2
  spec:
    hosts:
    - nginx
    http:
    - name: primary
      route:
      - destination:
          host: nginx
          subset: stable
        weight: 90
      - destination:
          host: nginx
          subset: canary
        weight: 10     # 动态调整
kind: List
metadata:
  resourceVersion: ""