Traffic Shifting Lab📜
Version 2 of the customers
service is complete and ready to deploy to production. Version 1 presented a list of customer names, while version 2 included the city of each customer.
Deploying customers, v2📜
We want to launch the new service but still need to be ready to handle the traffic.
It is advisable to separate the task of deploying the new service from the task of directing traffic to it.
Labels📜
The customers
service is labeled with app=customers
.
Verify this with:
kubectl get pod -Lapp,version
Note the selector on the customers
service:
kubectl get svc customers -o wide
If we deploy v2, the selector will match both versions.
DestinationRules📜
We can inform Istio that two distinct subsets of the customers
service exist, and we can use the version
label as the discriminator.
customers-destinationrule.yaml | |
---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
|
-
Apply the above destination rule to the cluster.
-
Verify that it has been applied.
kubectl get destinationrule
VirtualServices📜
With the VirtualService
custom resource, we can easily set up a routing rule to direct all traffic to the v1 subset. This resource has two distinct destinations for more flexibility in managing our traffic.
customers-virtualservice.yaml | |
---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
Above, note how the route specifies subset v1.
-
Apply the virtual service to the cluster.
-
Verify that it’s been applied.
kubectl get virtualservice
Finally deploy customers, v2📜
Apply the following Kubernetes deployment to the cluster.
customers-v2.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
|
Check that traffic routes strictly to v1📜
-
Generate traffic.
siege --delay=3 --concurrent=3 --time=20M http://$GATEWAY_IP/
-
Open a separate terminal, launch the
Kiali
dashboard, and open a new browser tab,kiali.bigbang.dev
.
Look at the graph, and select the default
namespace.
The graph should show all traffic going to v1.
Route to customers, v2📜
Proceed with caution. Before customers can see version 2, we need to ensure the service functions properly.
Expose “debug” traffic to v2📜
Review this proposed updated routing specification.
customers-v2-debug.yaml | |
---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
|
We are telling Istio to check an HTTP header: If the user-agent
is set to debug
, the route is directed to v2. Otherwise, it is directed to v1.
Open a new terminal and apply the above resource to the cluster. Applying the resource to the cluster helps overwrite the current defined VirtualService
as both yamls use the same resource name.
kubectl apply -f customers-v2-debug.yaml
Testing📜
Open a browser and visit the application.
If you need it
GATEWAY_IP=$(kubectl get svc -n istio-system istio-ingressgateway -ojsonpath='{.status.loadBalancer.ingress[0].ip}')
The main difference between v1 and v2 is that customer names and cities are separate and split into two columns in v2.
If you’re using Chrome or Firefox, you can customize the user-agent
header as follows:
- Open the browser’s developer tools by pressing F12.
- Open the “three dots” menu, and select More tools –> Network conditions.
- The network conditions panel will open.
- Under User agent, uncheck Use browser default.
- Select Custom… and in the text field enter
debug
.
Refresh the page. Traffic should direct to v2.
Tip
Use siege
again and then wait ~15-30 seconds, you should see some of that v2 traffic in Kiali:
siege --delay=3 --concurrent=3 --time=20M --user-agent=debug http://$GATEWAY_IP/
Canary📜
The outlook for V2 seems optimistic. Therefore we can proceed with its release to the public.
Start by siphoning 10% of traffic over to v2.
customers-v2-canary.yaml | |
---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
|
Above, note the weight
field specifying 10% of traffic to v2. Kiali
should now show traffic going to both v1 and v2.
- Apply the above resource.
- In your browser: Undo the
user-agent
customization and refresh the page several times.
Most of the requests still go to v1, but some are directed to v2.
Check Grafana📜
Before opening the floodgates, we need to assess how v2 performs. Open grafana.bigbang.dev
in a new browser tab.
In Grafana, visit the Istio Workload Dashboard and specifically look at the customers
v2 workload. Look at the request rate, incoming success rate, and latencies.
If everything looks good, increase the percentage from 90/10 to 50/50.
Observe the changes in request volume by clicking the “refresh dashboard” button in the upper right-hand corner.
Finally, switch all traffic over to v2.
customers-virtualservice-final.yaml | |
---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
After you apply the above yaml, go to your browser and make sure all requests land on v2 (2-column output). Within a minute, the Kiali
dashboard should also reflect that all traffic goes to the customers
v2 service.
Though it no longer receives traffic, we leave v1 running longer before retiring it.