GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → etiennetremel → Istio Cross Namespace Canary Release Demo

etiennetremel / Istio Cross Namespace Canary Release Demo

Cross-namespace canary release using Kubernetes, Istio and Helm

Labels

kubernetesmakefilehelmistio

Projects that are alternatives of or similar to Istio Cross Namespace Canary Release Demo

Helmfiles
Comprehensive Distribution of Helmfiles for Kubernetes
Stars: ✭ 205 (+561.29%)
Mutual labels:  makefile, helm
k8s-istio-webinar
Istio webinar
Stars: ✭ 18 (-41.94%)
Mutual labels:  helm, istio
Build Harness
🤖Collection of Makefiles to facilitate building Golang projects, Dockerfiles, Helm charts, and more
Stars: ✭ 236 (+661.29%)
Mutual labels:  makefile, helm
Helm Vsts Agent
Kubernetes Helm Chart for VSTS agent pool
Stars: ✭ 52 (+67.74%)
Mutual labels:  makefile, helm
KubeStitch
Kubernetes deployment stitcher
Stars: ✭ 19 (-38.71%)
Mutual labels:  helm, istio
Kubernetes Cicd
Demonstration of a Kubernetes-centric CI/CD workflow
Stars: ✭ 54 (+74.19%)
Mutual labels:  makefile, istio
jpetstore-kubernetes
Modernize and Extend: JPetStore on IBM Cloud Kubernetes Service
Stars: ✭ 21 (-32.26%)
Mutual labels:  helm, istio
examples
Examples to demonstrate how to use PipeCD
Stars: ✭ 21 (-32.26%)
Mutual labels:  helm, istio
azure-container-labs
Azure Container Labs - AKS, ACR, ACI, Web App for Containers, etc under frequent update
Stars: ✭ 24 (-22.58%)
Mutual labels:  helm, istio
k8s-istio-demo
Demo showing the capabilities of Istio
Stars: ✭ 22 (-29.03%)
Mutual labels:  helm, istio
Arkade
Open Source Kubernetes Marketplace
Stars: ✭ 2,343 (+7458.06%)
Mutual labels:  helm, istio
Helm Doc Zh Cn
Try to translate the helm official docs to Chinese. Helm官方文档中文翻译。如果大家觉得这个项目还可以,麻烦打一下右上角的Star按钮,谢谢。此网址查看更方便,欢迎大家提bug,
Stars: ✭ 319 (+929.03%)
Mutual labels:  makefile, helm
Kubernetes Vagrant Centos Cluster
Setting up a distributed Kubernetes cluster along with Istio service mesh locally with Vagrant and VirtualBox, only PoC or Demo use.
Stars: ✭ 1,750 (+5545.16%)
Mutual labels:  helm, istio
Istio Handbook
Istio Service Mesh Advanced Practical - Istio服务网格进阶实战 https://www.servicemesher.com/istio-handbook/
Stars: ✭ 1,646 (+5209.68%)
Mutual labels:  makefile, istio
multitenant-microservices-demo
Full Isolation in Multi-Tenant SaaS with Kubernetes + Istio
Stars: ✭ 57 (+83.87%)
Mutual labels:  helm, istio
K8s For Docker Desktop
为Docker Desktop for Mac/Windows开启Kubernetes和Istio。
Stars: ✭ 3,863 (+12361.29%)
Mutual labels:  helm, istio
Istio Handbook
Istio Handbook - Istio Service Mesh Advanced Practical(Istio 服务网格进阶实战) - https://jimmysong.io/istio-handbook
Stars: ✭ 374 (+1106.45%)
Mutual labels:  makefile, istio
Hubot Slack Docker
Docker container running Github Hubot.
Stars: ✭ 21 (-32.26%)
Mutual labels:  makefile
Ariane Sdk
Ariane SDK containing RISC-V tools and Buildroot
Stars: ✭ 28 (-9.68%)
Mutual labels:  makefile
Android Audioplayer
An AudioPlayer For Android Platform
Stars: ✭ 16 (-48.39%)
Mutual labels:  makefile
View All Similar Projects ➔

Cross-namespace canary release using Kubernetes, Istio and Helm

Demo of a cross-namespace canary release using Istio service mesh with mutual TLS enabled and Helm charts. It makes use of the new Istio v1alpha3 routing API.

cross-namespace-canary-release

Overview

.
├── Makefile
├── istio.yaml                      // Istio chart configuration
├── nginx                           // nginx is used as an example of microservice
│   ├── Dockerfile
│   ├── charts
│   │   ├── templates
│   │   │   ├── _helpers.tpl
│   │   │   ├── deployment.yaml
│   │   │   └── service.yaml
│   │   ├── Chart.yaml
│   │   └── values.yaml
│   └── default.conf
├── services                        // all microservices should be defined in this directory as subchart
│   ├── Chart.yaml
│   ├── requirements.yaml
│   └── values.yaml
└── traffic-manager                 // chart with all the Istio configuration.
    ├── templates
    │   ├── _helpers.tpl
    │   ├── gateway.yaml            // ingress configuration
    │   └── virtualservice.yaml     // routing
    ├── Chart.yaml
    └── values.yaml

Getting started

Requirements

Play yourself

# start Minikube with necessary flags to get started with Istio mTLS and automatic sidecar injection
$ minikube start --kubernetes-version=v1.10.0 --memory 8192 --cpus 2

# install Tiller
$ kubectl apply -f ./tiller-rbac.yaml
$ helm init --service-account tiller --upgrade --wait

# install Istio with mTLS
$ make deployistio

# update Helm subcharts
$ cd services && helm dep update --skip-refresh && cd ../

# build nginx container which contains curl
# if using Istio with mTLS, we need to use curl to run the probe
# ref: https://github.com/istio/istio/issues/1194
$ make buildnginx

#
# Deploy services v1
#

# create namespace and enable automatic sidecar injection
$ kubectl create ns services-v1
$ kubectl label ns services-v1 istio-injection=enabled

$ helm upgrade -i services-v1 --namespace=services-v1 ./services

# deploy Istio routing via traffic manager
$ helm upgrade -i traffic-manager ./traffic-manager


# To test if the release was successful:
$ ingress_gateway=$(minikube service istio-ingressgateway -n istio-system --url | head -n1)
$ curl $ingress_gateway -H 'Host: search.local'
Host: search-77f9697d44-l8dtc


#
# Deploy services v2
#

$ kubectl create ns services-v2
$ kubectl label ns services-v2 istio-injection=enabled
$ helm upgrade -i services-v2 --namespace=services-v2 ./services


#
# Canary
#

# shift 10% of the traffic to services-v2
$ helm upgrade traffic-manager --set canary.enabled=true ./traffic-manager

$ ingress_gateway=$(minikube service istio-ingressgateway -n istio-system --url | head -n1)
$ while sleep 0.1; do curl $ingress_gateway -v -H 'Host: search.local'; done
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc
Host: search-6b8cc5d6f7-pzwcb
Host: search-77f9697d44-l8dtc
Host: search-77f9697d44-l8dtc


#
# Full rollout
#

# when we are ready, shift 100%
$ helm upgrade traffic-manager \
    --reset-values \
    --set stable.serviceName=search.services-v2.svc.cluster.local \
    ./traffic-manager


#
# Rollback
#

# shift 100% traffic back to services-v1
$ helm upgrade traffic-manager \
    --reset-values \
    ./traffic-manager


#
# Cleanup
#
$ helm del --purge services-v1

Access release based on Headers

If you want to run end-to-end tests against a new release in a "production" environment, you can configure Istio to match traffic based on HTTP Headers.

You can enable it in the traffic-manager values.yaml file. Then redeploy:

$ helm upgrade -i traffic-manager \
    --set canary.enabled=true \
    ./traffic-manager
$ ingress_gateway=$(minikube service istio-ingressgateway -n istio-system --url | head -n1)
$ curl $ingress_gateway -v -H 'Host: proxy.local' -H 'X-Track: canary'
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].