Introduction
We will demonstrate how to perform a traffic split between two Kubernetes services. Specifically, we’ll divide the traffic sent to the root bookstore service between the bookstore-v1 and bookstore-v2 backends, also referred to as leaf services.
Requirements
- Azure subscription
- VS Code
- Azure CLI
Configure Traffic Split between Two Services
- First create a resource group inside your Azure portal by running
az group create -l [region] -n [resource-group-name]
- Create Azure Kubernetes Service (AKS) cluster by running
az aks create -g [resource-group-name] -n [cluster-name] -a open-service-mesh --generate-ssh-keys
The -a switch is used to add any add-ons and in this case to install open service mesh.
Set the default group to the resource group created by running
az configure --defaults group=[resource-group-name]
Merge your credentials with your local profile using
az aks get-Credentials --name [aks-name]
- Check your current context to be sure it is set to your aks cluster
kubectl config current-context
- Create three namespaces: bookstore, bookbuyer and bookwarehouse.
kubectl create ns bookbuyer
kubectl create ns bookstore
kubectl create ns bookwarehouse
- Confirm that the namespaces were created using
kubectl get ns
- Add the namespaces to the open service mesh control plane by going to Azure portal and open your AKS cluster, click Add
- Select the three namespaces and click Add
- Confirm that the namespaces has been added.
- Deploy three bookstore apps using the yaml file located here
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/apps/bookbuyer.yaml
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/apps/bookstore.yaml
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/apps/bookwarehouse.yaml
- In order to see the changes in action, use one of the pod in any of the namespaces, I will be using bookbuyer. To do this, run
kubectl get pod -n bookbuyer
- Copy the name of the pod and use
kubectl port-forward [name-of-pod] -n bookbuyer 8081:14001to map the app to your local machine on port 8081. - Open your browser and search for
localhost:8081this piped via the terminal.
As you can see, the version 1 of the app is seeing traffic which is simulated by the app.
NOTE: The OSM traffic policy is set to deny by default. We can see the services talking to each other and the bookbuyer service is able to access bookstore app.
- Turn enablePermissiveTrafficPolicyMode off using Azure portal. Navigate to your AKS in Azure portal and select Open Service Mesh and click Edit configuration
- Change it to false and click Review+create
- Tick confirm manifest changes and select Save
- As soon as you save the manifest changes, back on the portal, transaction stops.
- You can fix this by applying allow traffic policy which explicitly allow traffic across these services using
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/access/traffic-access-v1.yaml
- If you check your localhost browser, you will notice that the sales has resumed.
- Run the last command which is deploying the version 2 of the bookstore using
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/apps/bookstore-v2.yaml
- Traffic is now directed to version 2 of the bookstore app.
- Deploy the SMI TrafficSplit policy to route 100% of the traffic from the root bookstore service to the bookstore-v1 service backend. This ensures that all traffic is initially served by version v1 of the bookstore app, which corresponds to the pods behind bookstore-v1. Later, the TrafficSplit configuration will be updated to gradually route a portion of the traffic to version v2 via the bookstore-v2 service.
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/split/traffic-split-v1.yaml
- The count for the books sold from the bookstore-v2 browser window should stop incrementing. This is because the current traffic split policy is weighted 100 for bookstore-v1 which exludes pods backing the bookstore-v2 service. You can verify the traffic split policy by running the following and viewing the Backends properties:
kubectl describe trafficsplit bookstore-split -n bookstore
- Update the SMI Traffic Split policy to direct 50 percent of the traffic sent to the root bookstore service to the bookstore service and 50 perfect to bookstore-v2 service by adding the bookstore-v2 backend to the spec and modifying the weight fields.
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/split/traffic-split-50-50.yaml
- Update the bookstore-split TrafficSplit to configure all traffic to go to bookstore-v2:
kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.2/manifests/split/traffic-split-v2.yaml
Thanks for staying till the end
Top comments (0)