當您需要對整條調用鏈路進行灰度發布或版本隔離時,可以使用嚴格模式的流量泳道,將應用的相關版本(或其他特征)隔離成獨立的運行環境,確保只有符合特定條件的流量被路由到新的服務版本,提高發布過程的穩定性和可控性。
前提條件
已創建ASM企業版或旗艦版實例,且版本為1.18.2.111及以上。具體操作,請參見創建ASM實例或升級ASM實例。
說明若您的實例版本為1.17.2.22及以上,1.18.2.111以下,請參見使用泳道模式下的流量管理功能。
已添加集群到ASM實例。具體操作,請參見添加集群到ASM實例。
已創建名稱為ingressgateway的ASM入口網關。具體操作,請參見創建入口網關服務。
已創建名稱為ingressgateway且命名空間為istio-system的網關規則。具體操作,請參見管理網關規則。
apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: ingressgateway namespace: istio-system spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - '*'
示例說明
本示例使用mocka、mockb、mockc三個服務創建代表服務調用鏈三個版本的三條泳道:s1、s2、s3。
步驟一:部署示例服務
為default命名空間啟用Sidecar網格代理自動注入。具體操作,請參見啟用自動注入。
關于自動注入的更多信息,請參見配置Sidecar注入策略。
在ACK集群中執行以下命令,部署示例服務。
kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v1/mock-v1.yaml kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v2/mock-v2.yaml kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v3/mock-v3.yaml
步驟二:創建泳道組和對應泳道
創建泳道組。
登錄ASM控制臺,在左側導航欄,選擇。
在網格管理頁面,單擊目標實例名稱,然后在左側導航欄,選擇。
在流量泳道頁面,單擊創建泳道組,在創建泳道組面板,配置相關信息,然后單擊確定。
配置項
說明
泳道組名稱
本示例配置為test。
入口網關
選擇ingressgateway。
泳道模式
選擇嚴格模式。
泳道服務
選擇目標Kubernetes集群和default命名空間,在下方列表中選中mocka、mockb和mockc服務,單擊
圖標,添加目標服務到已選擇區域。
創建s1、s2、s3泳道,并分別綁定v1、v2、v3版本。
在流量泳道頁面的流量規則定義區域,單擊創建泳道。
在創建泳道對話框,配置相關信息,然后單擊確定。
配置項
說明
泳道名稱
三條泳道分別配置為s1、s2、s3。
配置服務標簽
標簽名稱:選擇ASM_TRAFFIC_TAG。
標簽值:三條泳道分別選擇v1、v2、v3。
創建s1泳道的示例圖如下:
三條泳道創建完成后,示例效果如下:
三條泳道創建完成后,針對泳道組中的每個服務都將生成泳道規則對應的目標規則和虛擬服務。您可以在控制臺左側導航欄,選擇或虛擬服務進行查看。例如,針對mocka服務會自動創建如下目標規則和虛擬服務。
apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: labels: asm-system: 'true' provider: asm swimlane-group: test name: trafficlabel-dr-test-default-mocka namespace: istio-system spec: host: mocka.default.svc.cluster.local subsets: - labels: ASM_TRAFFIC_TAG: v1 name: s1 - labels: ASM_TRAFFIC_TAG: v2 name: s2 - labels: ASM_TRAFFIC_TAG: v3 name: s3apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: labels: asm-system: 'true' provider: asm swimlane-group: test name: trafficlabel-vs-test-default-mocka namespace: istio-system spec: hosts: - mocka.default.svc.cluster.local http: - match: - sourceLabels: ASM_TRAFFIC_TAG: v1 route: - destination: host: mocka.default.svc.cluster.local subset: s1 - match: - sourceLabels: ASM_TRAFFIC_TAG: v2 route: - destination: host: mocka.default.svc.cluster.local subset: s2 - match: - sourceLabels: ASM_TRAFFIC_TAG: v3 route: - destination: host: mocka.default.svc.cluster.local subset: s3
分別創建三條泳道對應的引流規則。
在流量泳道頁面的流量規則定義區域,單擊目標泳道右側操作列下的引流規則。
在添加引流規則對話框,配置相關信息,然后單擊確定。
本文以泳道服務對應入口API均為
/mock為例,為每條泳道配置相同的引流規則。配置項
說明
入口服務
選擇mocka.default.svc.cluster.local。
引流規則
配置名稱為r1,域名為*。
匹配請求的URI
配置匹配方式為精確,匹配內容為/mock。
添加Header匹配規則
單擊添加Header匹配規則,配置名稱為x-asm-prefer-tag,匹配方式為精確,三條泳道的匹配內容分別配置為s1、s2、s3。
為s1泳道添加引流規則的示例圖如下:
三條泳道的引流規則創建成功后,示例效果如下:
創建成功后,會自動生成每條泳道的引流規則,即虛擬服務。例如,針對s1泳道會生成如下的虛擬服務。
apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: labels: asm-system: 'true' provider: asm swimlane-group: test name: swimlane-ingress-vs-test-s1 namespace: istio-system spec: gateways: - istio-system/ingressgateway hosts: - '*' http: - match: - headers: x-asm-prefer-tag: exact: s1 uri: exact: /mock name: r1 route: - destination: host: mocka.default.svc.cluster.local subset: s1
步驟三:驗證全鏈路灰度功能是否生效
獲取ASM網關的公網IP。具體操作,請參見獲取ASM網關地址。
執行以下命令,設置環境變量。
xxx.xxx.xxx.xxx為上一步獲取的IP。export ASM_GATEWAY_IP=xxx.xxx.xxx.xxx驗證全鏈路灰度功能是否生效。
執行以下命令,查看s1泳道的訪問效果。
x-asm-prefer-tag對應的值s1為步驟二中第2步創建s1泳道時配置的泳道名稱。for i in {1..100}; do curl -H 'x-asm-prefer-tag: s1' http://${ASM_GATEWAY_IP}/mock ; echo ''; sleep 1; done;預期輸出:
-> mocka(version: v1, ip: 172.17.0.54)-> mockb(version: v1, ip: 172.17.0.129)-> mockc(version: v1, ip: 172.17.0.130)由預期輸出得到,通過設置HTTP標頭
x-asm-prefer-tag: s1聲明的流量流向s1泳道下的相關服務,符合預期。執行以下命令,查看s2泳道的訪問效果。
x-asm-prefer-tag對應的值s2為步驟二中第2步創建s2泳道時配置的泳道名稱。for i in {1..100}; do curl -H 'x-asm-prefer-tag: s2' http://${ASM_GATEWAY_IP}/mock ; echo ''; sleep 1; done;預期輸出:
-> mocka(version: v2, ip: 172.17.0.9)-> mockb(version: v2, ip: 172.17.0.126)-> mockc(version: v2, ip: 172.17.0.128)由預期輸出得到,通過設置HTTP標頭
x-asm-prefer-tag: s2聲明的流量流向s2泳道下的相關服務,符合預期。執行以下命令,查看s3泳道的訪問效果。
x-asm-prefer-tag對應的值s3為步驟二中第2步創建s3泳道時配置的泳道名稱。for i in {1..100}; do curl -H 'x-asm-prefer-tag: s3' http://${ASM_GATEWAY_IP}/mock ; echo ''; sleep 1; done;預期輸出:
-> mocka(version: v3, ip: 172.17.0.132)-> mockb(version: v3, ip: 172.17.0.127)-> mockc(version: v3, ip: 172.17.0.69)由預期輸出得到,通過設置HTTP標頭
x-asm-prefer-tag: s3聲明的流量流向s3泳道下的相關服務,符合預期。
通過自定義虛擬服務為嚴格模式的泳道引流
流量泳道預置了配置引流規則的功能。通過為泳道創建引流規則,可以在流量泳道對應的網關上創建虛擬服務,從而實現通過ASM入口網關向不同泳道引流(即轉發請求)的效果。
流量泳道的引流規則包含針對請求頭以及請求路徑的匹配規則,您可以通過自定義虛擬服務的方式來實現更復雜的匹配規則或者自定義請求路由的需求。
說明
在使用自定義虛擬服務為泳道引流時,不建議創建泳道的引流規則,因為自定義虛擬服務和泳道內置的引流規則可能會發生沖突,從而導致流量分發過程出現異常或不可預期的情況。
基于ASM網關創建自定義虛擬服務
以文中場景為例,在步驟二的第3步:分別創建三個泳道對應的引流規則,將創建引流規則的步驟,改為使用以下內容創建虛擬服務。具體操作,請參見管理虛擬服務。
apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: swimlane-ingress-vs-custom namespace: istio-system spec: gateways: - istio-system/ingressgateway hosts: - '*' http: - match: # 這條匹配規則表示精準匹配形如 env: dev 的請求頭 - headers: env: exact: dev name: dev-route route: - destination: host: mocka.default.svc.cluster.local # 流量轉發的目標服務 subset: s2 # subset 填寫泳道的名稱 weight: 50 - destination: host: mocka.default.svc.cluster.local # 流量轉發的目標服務 subset: s3 # subset 填寫泳道的名稱 weight: 50 - name: base-route route: - destination: host: mocka.default.svc.cluster.local # 流量轉發的目標服務 subset: s1 # subset 填寫泳道的名稱執行步驟三:驗證全鏈路灰度功能是否生效中的命令,訪問s1、s2、s3三條泳道的預期輸出如下:
-> mocka(version: v1, ip: 192.168.0.50)-> mockb(version: v1, ip: 192.168.0.46)-> mockc(version: v1, ip: 192.168.0.48)執行以下命令,驗證在訪問s1泳道時帶有header
env: dev的效果。for i in {1..100}; do curl -H 'x-asm-prefer-tag: s1' -H 'env: dev' http://${ASM_GATEWAY_IP}/mock ; echo ''; sleep 1; done;預期輸出:
-> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45)可以看到帶有header
env: dev時訪問泳道s1返回的是v2和v3的鏈路,比例大約50:50左右。即對于帶有env: dev請求頭的請求,請求將會以50:50的比例轉發到s2和s3泳道,其余請求將會被轉發到s1泳道。
上述的虛擬服務在ASM網關上指定了一個自定義的路由規則,從而將流量轉發到不同的流量泳道。當通過自定義虛擬服務為嚴格模式的泳道引流時,想要將請求發往某條泳道,只需要在虛擬服務的路由目標subset字段中填寫泳道名稱即可。當請求發往一條流量泳道后,后續的流量調用將保持在該泳道內部。
基于Sidecar創建自定義虛擬服務
除了在ASM網關上指定自定義路由規則外,您也可以通過生效在所有Sidecar上的虛擬服務來指定集群內部服務訪問流量泳道內服務的引流規則。與ASM網關自定義路由規則不同,Sidecar虛擬服務不再需要gateway字段,且hosts中填寫的是mocka服務的集群本地服務域名。示例YAML如下:
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: swimlane-ingress-vs-custom
namespace: istio-system
spec:
hosts:
- mocka.default.svc.cluster.local
http:
- match: # 這條匹配規則表示精準匹配形如 env: dev 的請求頭
- headers:
env:
exact: dev
name: dev-route
route:
- destination:
host: mocka.default.svc.cluster.local # 流量轉發的目標服務
subset: s2 # subset 填寫泳道的名稱
weight: 50
- destination:
host: mocka.default.svc.cluster.local # 流量轉發的目標服務
subset: s3 # subset 填寫泳道的名稱
weight: 50
- name: base-route
route:
- destination:
host: mocka.default.svc.cluster.local # 流量轉發的目標服務
subset: s1 # subset 填寫泳道的名稱執行以下命令,驗證Sidecar模式下不帶
env: dev請求頭時訪問mocka服務。kubectl exec -it deploy/sleep -c sleep -- sh -c 'for i in $(seq 1 100); do curl http://mocka:8000; echo ""; sleep 1; done;'預期輸出:
-> mocka(version: v1, ip: 192.168.0.50)-> mockb(version: v1, ip: 192.168.0.46)-> mockc(version: v1, ip: 192.168.0.48)可以看到,不帶
env: dev請求頭時訪問所有泳道返回的都是v1鏈路,說明流量全部進入了s1泳道。執行以下命令,驗證Sidecar模式下帶有
env: dev請求頭時訪問mocka服務。kubectl exec -it deploy/sleep -c sleep -- sh -c 'for i in $(seq 1 100); do curl -H "env: dev" http://mocka:8000; echo ""; sleep 1; done;'預期輸出:
-> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v2, ip: 192.168.0.47)-> mockb(version: v2, ip: 192.168.0.49)-> mockc(version: v2, ip: 192.168.0.43) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45) -> mocka(version: v3, ip: 192.168.0.44)-> mockb(version: v3, ip: 192.168.0.42)-> mockc(version: v3, ip: 192.168.0.45)可以看到,以上預期輸出與基于ASM網關創建自定義虛擬服務中的預期輸出一致,帶有
env: dev請求頭時訪問mocka服務,流量會以50:50的比例進入s2和s3泳道。
與基于ASM網關創建自定義虛擬服務原理相同,當集群內其它服務調用泳道內的mocka服務時,后續的請求調用鏈將一直保持在泳道內部。
相關文檔
流量泳道分為嚴格與寬松兩種模式。關于兩種模式的說明和差異,請參見流量泳道概述。
當您的應用程序在調用鏈路中存在透傳請求頭的行為時,寬松模式可以實現更為靈活的泳道使用場景,例如只發布了調用鏈路中的部分服務的新版本,基于這些新版本服務構建測試環境。具體操作,請參見使用寬松模式流量泳道實現全鏈路流量管理。
您可以基于VirtualService和DestinationRule等流量規則實現流量泳道,同時通過配置流量降級,在某個版本(或者其他特征)的應用不可用時,將流量發往一個指定的降級版本(或其他特征)的應用。具體操作,請參見基于流量規則配置實現流量泳道和流量降級。
關于虛擬服務的詳細CRD定義,請參見虛擬服務(Virtual Service)CRD說明。
文檔內容是否對您有幫助?