Istio Tasks; Traffic Management - Mirroring

--- apiVersion: apps/v1 kind: Deployment metadata: name: httpbin-v1 spec: replicas: 1 selector: matchLabels: app: httpbin version: v1 template: metadata: labels: app: httpbin version: v1 spec: containers: - image: docker.io/kennethreitz/httpbin imagePullPolicy: IfNotPresent name: httpbin command: ["gunicorn", "--access-logfile", "-", "-b", "0.0.0.0:80", "httpbin:app"] ports: - containerPort: 80 --- apiVersion: apps/v1 kind: Deployment metadata: name: httpbin-v2 spec: replicas: 1 selector: matchLabels: app: httpbin version: v2 template: metadata: labels: app: httpbin version: v2 spec: containers: - image: docker.io/kennethreitz/httpbin imagePullPolicy: IfNotPresent name: httpbin command: ["gunicorn", "--access-logfile", "-", "-b", "0.0.0.0:80", "httpbin:app"] ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: httpbin labels: app: httpbin spec: ports: - name: http port: 8000 targetPort: 80 selector: app: httpbin --- apiVersion: apps/v1 kind: Deployment metadata: name: sleep spec: replicas: 1 selector: matchLabels: app: sleep template: metadata: labels: app: sleep spec: containers: - name: sleep image: curlimages/curl command: ["/bin/sleep","3650d"] imagePullPolicy: IfNotPresent

apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: httpbin spec: hosts: - httpbin http: - route: - destination: host: httpbin subset: v1 weight: 100 --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: httpbin spec: host: httpbin subsets: - name: v1 labels: version: v1 - name: v2 labels: version: v2

❯ k exec $(k get po -l app=sleep -oyaml | yq .items[0].metadata.name) -c sleep -- curl -sS http://httpbin:8000/headers { "headers": { "Accept": "*/*", "Host": "httpbin:8000", "User-Agent": "curl/8.5.0", "X-B3-Parentspanid": "ec56eb535fd80806", "X-B3-Sampled": "0", "X-B3-Spanid": "451ae65e56d0fdf4", "X-B3-Traceid": "cd1609e289db9f3cec56eb535fd80806", "X-Envoy-Attempt-Count": "1", "X-Forwarded-Client-Cert": "By=spiffe://cluster.local/ns/default/sa/default;Hash=6096145df3f8a0d6982a8d7be0109e4ea0632910db60c2ba8f83a1e8a527d804;Subject=\"\";URI=spiffe://cluster.local/ns/default/sa/default" } } # v1 logs ❯ k logs $(k get po -l app=httpbin,version=v1 -oyaml | yq .items[0].metadata.name) [2024-01-07 00:57:28 +0000] [1] [INFO] Starting gunicorn 19.9.0 [2024-01-07 00:57:28 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1) [2024-01-07 00:57:28 +0000] [1] [INFO] Using worker: sync [2024-01-07 00:57:28 +0000] [8] [INFO] Booting worker with pid: 8 127.0.0.6 - - [07/Jan/2024:00:57:31 +0000] "GET /headers HTTP/1.1" 200 524 "-" "curl/8.5.0" # v2 logs ❯ k logs $(k get po -l app=httpbin,version=v2 -oyaml | yq .items[0].metadata.name) [2024-01-07 00:57:28 +0000] [1] [INFO] Starting gunicorn 19.9.0 [2024-01-07 00:57:28 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1) [2024-01-07 00:57:28 +0000] [1] [INFO] Using worker: sync [2024-01-07 00:57:28 +0000] [9] [INFO] Booting worker with pid: 9

$ k apply -f - <<EOF apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: httpbin spec: hosts: - httpbin http: - route: - destination: host: httpbin subset: v1 weight: 100 mirror: host: httpbin subset: v2 mirrorPercentage: value: 100.0 EOF

❯ k diff -f - <<EOF apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: httpbin spec: hosts: - httpbin http: - route: - destination: host: httpbin subset: v1 weight: 100 mirror: host: httpbin subset: v2 mirrorPercentage: value: 100.0 EOF diff -u -N /var/folders/4s/w6k_cdvd52s1hst64dr_yw540000gn/T/LIVE-4019362111/networking.istio.io.v1alpha3.VirtualService.default.httpbin /var/folders/4s/w6k_cdvd52s1hst64dr_yw540000gn/T/MERGED-1971230782/networking.istio.io.v1alpha3.VirtualService.default.httpbin --- /var/folders/4s/w6k_cdvd52s1hst64dr_yw540000gn/T/LIVE-4019362111/networking.istio.io.v1alpha3.VirtualService.default.httpbin 2024-01-07 10:03:19.879651504 +0900 +++ /var/folders/4s/w6k_cdvd52s1hst64dr_yw540000gn/T/MERGED-1971230782/networking.istio.io.v1alpha3.VirtualService.default.httpbin 2024-01-07 10:03:19.879870879 +0900 @@ -5,7 +5,7 @@ kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"networking.istio.io/v1alpha3","kind":"VirtualService","metadata":{"annotations":{},"name":"httpbin","namespace":"default"},"spec":{"hosts":["httpbin"],"http":[{"route":[{"destination":{"host":"httpbin","subset":"v1"},"weight":100}]}]}} creationTimestamp: "2024-01-07T00:57:14Z" - generation: 1 + generation: 2 name: httpbin namespace: default resourceVersion: "289751" @@ -14,7 +14,12 @@ hosts: - httpbin http: - - route: + - mirror: + host: httpbin + subset: v2 + mirrorPercentage: + value: 100 + route: - destination: host: httpbin subset: v1

# v1 logs ❯ k logs $(k get po -l app=httpbin,version=v1 -oyaml | yq .ite ms[0].metadata.name) [2024-01-07 11:36:03 +0000] [1] [INFO] Starting gunicorn 19.9.0 [2024-01-07 11:36:03 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1) [2024-01-07 11:36:04 +0000] [1] [INFO] Using worker: sync [2024-01-07 11:36:04 +0000] [9] [INFO] Booting worker with pid: 9 127.0.0.6 - - [07/Jan/2024:11:36:13 +0000] "GET /headers HTTP/1.1" 200 524 "-" "curl/8.5.0" 127.0.0.6 - - [07/Jan/2024:11:37:51 +0000] "GET /headers HTTP/1.1" 200 524 "-" "curl/8.5.0"

# v2 logs ❯ k logs $(k get po -l app=httpbin,version=v2 -oyaml | yq .items[0].metadata.name) [2024-01-07 11:36:04 +0000] [1] [INFO] Starting gunicorn 19.9.0 [2024-01-07 11:36:04 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1) [2024-01-07 11:36:04 +0000] [1] [INFO] Using worker: sync [2024-01-07 11:36:04 +0000] [9] [INFO] Booting worker with pid: 9 127.0.0.6 - - [07/Jan/2024:11:37:51 +0000] "GET /headers HTTP/1.1" 200 564 "-" "curl/8.5.0"