From 233c855fc14c347ab8de1bbb7caae799d4097182 Mon Sep 17 00:00:00 2001 From: Oriol Date: Tue, 11 Apr 2023 17:12:43 +0100 Subject: [PATCH] backup, need to fill READMEs --- Istio/cert-manager/README.md | 5 + Istio/ingress.yaml | 15 - Istio/istio-classic/README.md | 11 + Istio/istio-classic/ingress.yaml | 65 +++++ Istio/istio-classic/monitoring/tmp.yaml | 4 + .../README.md | 15 +- .../deployment.yaml | 0 .../gateway.yaml | 0 .../README.md | 142 ++++++++++ .../deployment.yaml | 0 .../gateway.yaml | 0 .../README.md | 261 ++++++++++++++++++ .../deployment.yaml | 0 .../gateway.yaml | 3 +- .../01-namespace.yaml | 8 + .../README.md | 123 +++++++++ .../deployment.yaml | 86 ++++++ .../gateway.yaml | 61 ++++ .../05-hello_world_1_Service_Entry/README.md | 10 + .../deployment.yaml | 57 ++++ .../gateway.yaml | 52 ++++ Istio/istio-classic/simple/README.md | 19 ++ .../01-2_deployments_method/README.md | 11 + .../01-2_deployments_method/deployment.yaml | 102 +++++++ .../01-2_deployments_method/gateway.yaml | 85 ++++++ .../02-DirectResponse-HTTP-Body/README.md | 7 + .../deployment.yaml | 40 +++ .../02-DirectResponse-HTTP-Body/gateway.yaml | 46 +++ .../03-HTTPRewrite/README.md | 50 ++++ .../03-HTTPRewrite/deployment.yaml | 40 +++ .../03-HTTPRewrite/gateway.yaml | 36 +++ .../05a-FaultInjection-delay/README.md | 7 + .../05a-FaultInjection-delay/deployment.yaml | 40 +++ .../05a-FaultInjection-delay/gateway.yaml | 41 +++ .../05b-FaultInjection-abort/README.md | 11 + .../05b-FaultInjection-abort/deployment.yaml | 40 +++ .../05b-FaultInjection-abort/gateway.yaml | 41 +++ Istio/simple/README.md | 6 - .../README.md | 182 ------------ .../README.md | 139 ---------- README.md | 2 +- 41 files changed, 1515 insertions(+), 348 deletions(-) create mode 100644 Istio/cert-manager/README.md delete mode 100644 Istio/ingress.yaml create mode 100644 Istio/istio-classic/README.md create mode 100644 Istio/istio-classic/ingress.yaml create mode 100644 Istio/istio-classic/monitoring/tmp.yaml rename Istio/{simple/hello_world_1_service_1_deployment => istio-classic/simple/01-hello_world_1_service_1_deployment}/README.md (84%) rename Istio/{simple/hello_world_1_service_1_deployment => istio-classic/simple/01-hello_world_1_service_1_deployment}/deployment.yaml (100%) rename Istio/{simple/hello_world_1_service_1_deployment => istio-classic/simple/01-hello_world_1_service_1_deployment}/gateway.yaml (100%) create mode 100644 Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md rename Istio/{simple/hello_world_1_service_2_deployments_unmanaged => istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged}/deployment.yaml (100%) rename Istio/{simple/hello_world_1_service_2_deployments_unmanaged => istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged}/gateway.yaml (100%) create mode 100644 Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md rename Istio/{simple/hello_world_1_service_2_deployments_managed_version => istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version}/deployment.yaml (100%) rename Istio/{simple/hello_world_1_service_2_deployments_managed_version => istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version}/gateway.yaml (93%) create mode 100644 Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml create mode 100644 Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md create mode 100644 Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml create mode 100644 Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml create mode 100644 Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md create mode 100644 Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml create mode 100644 Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml create mode 100644 Istio/istio-classic/simple/README.md create mode 100644 Istio/istio-classic/traffic_management/01-2_deployments_method/README.md create mode 100644 Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml create mode 100644 Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml create mode 100644 Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md create mode 100644 Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml create mode 100644 Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml create mode 100644 Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md create mode 100644 Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml create mode 100644 Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml create mode 100644 Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md create mode 100644 Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml create mode 100644 Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml create mode 100644 Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md create mode 100644 Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml create mode 100644 Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml delete mode 100644 Istio/simple/README.md delete mode 100644 Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md delete mode 100644 Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md diff --git a/Istio/cert-manager/README.md b/Istio/cert-manager/README.md new file mode 100644 index 0000000..17ace85 --- /dev/null +++ b/Istio/cert-manager/README.md @@ -0,0 +1,5 @@ +https://istio.io/latest/docs/tasks/security/cert-management/ + +https://istio.io/latest/docs/ops/integrations/certmanager/ + +https://medium.com/@rd.petrusek/kubernetes-istio-cert-manager-and-lets-encrypt-c3e0822a3aaf \ No newline at end of file diff --git a/Istio/ingress.yaml b/Istio/ingress.yaml deleted file mode 100644 index bbc6e81..0000000 --- a/Istio/ingress.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: istio-ingress - labels: - istio: ingress -spec: - type: LoadBalancer - ports: - - port: 80 - name: http - - port: 443 - name: https - selector: - istio: ingress diff --git a/Istio/istio-classic/README.md b/Istio/istio-classic/README.md new file mode 100644 index 0000000..0699900 --- /dev/null +++ b/Istio/istio-classic/README.md @@ -0,0 +1,11 @@ + +Multiple Ingress + +https://youtu.be/QIkryA8HnQ0 + + + +https://github.com/redkubes/otomi-core/blob/main/charts/team-ns/templates/istio-gateway.yaml + + +https://istio.io/latest/docs/ops/diagnostic-tools/proxy-cmd/ \ No newline at end of file diff --git a/Istio/istio-classic/ingress.yaml b/Istio/istio-classic/ingress.yaml new file mode 100644 index 0000000..ac5512a --- /dev/null +++ b/Istio/istio-classic/ingress.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Service +metadata: + name: istio-lb + namespace: istio-system + labels: + istio: istio-ingress +spec: + type: LoadBalancer + ports: + - port: 80 + name: http + - port: 443 + name: https + selector: + istio: istio-ingress +--- +apiVersion: install.istio.io/v1alpha1 +kind: IstioOperator +metadata: + namespace: istio-system + name: my-istio-operator +spec: +# profile: default + profile: empty + components: + ingressGateways: + - name: istio-ingress + enabled: true + label: + istio: my-istio-ingress +--- +#apiVersion: install.istio.io/v1alpha1 +#kind: IstioOperator +#spec: +# components: +# ingressGateways: +# - name: istio-ingress +# enabled: true +## - name: istio-ingressgateway-staging +# namespace: staging +# enabled: true +--- +#apiVersion: install.istio.io/v1alpha1 +#kind: IstioOperator +#metadata: +# namespace: istio-system +# name: istio-operator +#spec: +# profile: default +# components: +# ingressGateways: +# - name: istio-ingress +# enabled: true +# - namespace: default +# name: istio-ingressgateway-private +# enabled: true +# k8s: +# serviceAnnotations: +# service.kubernetes.io/ibm-load-balancer-cloud-provider-ip-type: "private" +# values: +# gateways: +# istio-ingressgateway: +# sds: +# enabled: true \ No newline at end of file diff --git a/Istio/istio-classic/monitoring/tmp.yaml b/Istio/istio-classic/monitoring/tmp.yaml new file mode 100644 index 0000000..ee7c1c7 --- /dev/null +++ b/Istio/istio-classic/monitoring/tmp.yaml @@ -0,0 +1,4 @@ + + +#kiali +#istio-system \ No newline at end of file diff --git a/Istio/simple/hello_world_1_service_1_deployment/README.md b/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md similarity index 84% rename from Istio/simple/hello_world_1_service_1_deployment/README.md rename to Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md index b76f3a2..4f61d0e 100644 --- a/Istio/simple/hello_world_1_service_1_deployment/README.md +++ b/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md @@ -1,5 +1,7 @@ ##### https://github.com/istio/istio/tree/master/samples/helloworld +### Base simple template + # Simple Hello World - 1 Service @@ -11,10 +13,6 @@ https://istio.io/latest/docs/reference/config/networking/destination-rule/#Traff https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings - -Relies in automatic sidecar injection. - - > Contains service account configurations, yet they are commented as not "necessary". @@ -57,10 +55,19 @@ hosts: "*" ###### Configuration + + ```yaml hosts: "*" uri: "/helloworld" +rewrite: + uri: "/" ``` +- Allows the traffic from that have any domain. + +- Only allows traffic that has as a destination the directory/path `/helloworld`. + +- `rewrite.uri` allows to redirect the traffic towards the root directory of the service, as the service(s) used don't have any directory named `helloworld` but are configured to work at the root base level. # Run example diff --git a/Istio/simple/hello_world_1_service_1_deployment/deployment.yaml b/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/deployment.yaml similarity index 100% rename from Istio/simple/hello_world_1_service_1_deployment/deployment.yaml rename to Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/deployment.yaml diff --git a/Istio/simple/hello_world_1_service_1_deployment/gateway.yaml b/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/gateway.yaml similarity index 100% rename from Istio/simple/hello_world_1_service_1_deployment/gateway.yaml rename to Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/gateway.yaml diff --git a/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md b/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md new file mode 100644 index 0000000..65bc6b3 --- /dev/null +++ b/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md @@ -0,0 +1,142 @@ +##### https://github.com/istio/istio/tree/master/samples/helloworld + +# Simple Hello World + +- 1 Service +- 2 Versions + +Iterates between the versions without any specific policy. (actually doesn't use the version for anything) + +By default uses `Round Robin` + +https://istio.io/latest/docs/concepts/traffic-management/#load-balancing-options + +> Contains service account configurations, yet they are commented as not "necessary". + + +# Changes + +## File + +- deployment.yaml +- gateway.yaml + +> Files used maintains from the last version + +## deployment.yaml + +### Creates + +#### Service + +- helloworld + +> Service used maintains from the last version + +#### Deployments + +- helloworld-v1 (Nginx) +- helloworld-v2 (Apache) + +> Renamed the old deployment from `helloworld-nginx` to `helloworld-v1`.\ +> Created a secondary deployment using apache named `helloworld-v2`. + +## gateway.yaml + +### Creates + +#### Gateway + +##### helloworld-gateway + +###### Configuration + +```yml +port: 80 +istio-ingress: ingressgateway +hosts: "*" +``` + +#### VirtualService + +##### helloworld-vs + +###### Configuration + +```yaml +hosts: "*" +uri: "/helloworld" +``` + + + + + + +# Run example + +## Deploy resources + +```shell +$ kubectl apply -f ./ +service/helloworld created +deployment.apps/helloworld-v1 created +deployment.apps/helloworld-v2 created +deployment.apps/helloworld-v2 unchanged +gateway.networking.istio.io/helloworld-gateway created +virtualservice.networking.istio.io/helloworld-vs created +``` + +## Wait for the pods to be ready + +(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment) + +```shell +$ kubectl get deployment helloworld-v{1..2} -w +NAME READY UP-TO-DATE AVAILABLE AGE +helloworld-v1 1/1 1 1 4m1s +helloworld-v2 1/1 1 1 4m1s +``` + +## Test the service + +### Get LB IP + +```shell +$ kubectl get svc istio-ingressgateway -n istio-system +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h +``` + +### Curl + +Iterates randomly between Nginx and Apache + +```shell +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+``` diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/deployment.yaml b/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml similarity index 100% rename from Istio/simple/hello_world_1_service_2_deployments_unmanaged/deployment.yaml rename to Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/gateway.yaml b/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml similarity index 100% rename from Istio/simple/hello_world_1_service_2_deployments_unmanaged/gateway.yaml rename to Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml diff --git a/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md b/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md new file mode 100644 index 0000000..cd7063c --- /dev/null +++ b/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md @@ -0,0 +1,261 @@ +##### https://github.com/istio/istio/tree/master/samples/helloworld + +https://istio.io/latest/blog/2017/0.1-canary/ + + +# Continues from + +- 01-hello_world_1_service_1_deployment + +# Simple Hello World + +- 1 Service +- 2 Versions + +Iterates between the versions without any specific policy. (actually doesn't use the version for anything) + + +> Contains service account configurations, yet they are commented as not "necessary". + +## Quick note + +On this version I have "started" to use the full service name instead of the shorten version, aka: + +```yaml + route: + - destination: + host: helloworld +``` + +Will be: + +```yaml + route: + - destination: + host: helloworld.default.svc.cluster.local +``` + +It's overall a good practice to have, so not much of a reason to not do it. + +https://istio.io/latest/docs/reference/config/networking/destination-rule/#DestinationRule + + +# Changes + +## File + +- deployment.yaml +- gateway.yaml + +> Files used maintains from the last version + +## deployment.yaml + +### Creates + +#### Service + +- helloworld + +> Service used maintains from the last version + +#### Deployments + +- helloworld-v1 (Nginx) +- helloworld-v2 (Apache) + +> Renamed the old deployment from `helloworld-nginx` to `helloworld-v1`.\ +> Created a secondary deployment using apache named `helloworld-v2`. + +## gateway.yaml + +#### VirtualService + +##### helloworld-vs + +###### Configuration + + + +```yaml +... + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + subset: v1 + weight: 20 + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + subset: v2 + weight: 80 +... +``` + +> Distributed the traffic between 2 versions (`subsets`), setting a `25%` to the subset `v1` and a `75%` to the subset `v2`. + +> As previously mentioned, the section `http.route.host` points to `helloworld.default.svc.cluster.local`, which is the service we created, on the `default` namespace. + + + + +#### Destination Rule + +###### Declaration configuration + +```yaml +apiVersion: networking.istio.io/v1alpha3 +kind: DestinationRule +metadata: + name: helloworld.default.svc.cluster.local # Destination that will "interject" +``` + +> Here we need to put the `path/destination/service` that we want this rule to interject and manage. + +###### Traffic Configuration + +```yaml + host: helloworld.default.svc.cluster.local + subsets: + - name: v1 + labels: + version: v1 + - name: v2 + labels: + version: v2 +``` + +> On the `Destination Rule` declared the subsets. Each subset has different labels. This will be used to select the deployments within the destination service. + +# Run example + +## Deploy resources + +```shell +$ kubectl apply -f ./ +service/helloworld created +deployment.apps/helloworld-v1 created +deployment.apps/helloworld-v2 created +gateway.networking.istio.io/helloworld-gateway created +virtualservice.networking.istio.io/helloworld-vs created +destinationrule.networking.istio.io/helloworld-destinationrule created +``` + +## Wait for the pods to be ready + +(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment) + +```shell +$ kubectl get deployment helloworld-v{1..2} -w +NAME READY UP-TO-DATE AVAILABLE AGE +helloworld-v1 1/1 1 1 4m1s +helloworld-v2 1/1 1 1 4m1s +``` + +## Test the service + +### Get LB IP + +```shell +$ kubectl get svc istio-ingressgateway -n istio-system +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h +``` + +### Curl + +Iterates between Nginx and Apache. Somwhat close to the ratio configured. + +> Nginx instances (v1): 2 \ +> Apache instances (v2): 9 + +```shell +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+ +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

Welcome to nginx!

+``` + +## Check istio configs + +```sh +$ istioctl x describe pod `kubectl get pod -l app=helloworld,version=v1 -o jsonpath='{.items[0].metadata.name}'` +Pod: helloworld-v1-7454b56b86-4cksf + Pod Revision: default + Pod Ports: 80 (helloworld), 15090 (istio-proxy) +-------------------- +Service: helloworld + Port: http 80/HTTP targets pod port 80 +DestinationRule: helloworld for "helloworld.default.svc.cluster.local" + Matching subsets: v1 + (Non-matching subsets v2) + No Traffic Policy +-------------------- +Effective PeerAuthentication: + Workload mTLS mode: PERMISSIVE + + +Exposed on Ingress Gateway http://192.168.1.50 +VirtualService: helloworld-vs + Weight 20% + /helloworld +``` + + +```shell +$ istioctl x describe pod `kubectl get pod -l app=helloworld,version=v2 -o jsonpath='{.items[0].metadata.name +Pod: helloworld-v2-64b5656d99-5bwgr + Pod Revision: default + Pod Ports: 80 (helloworld), 15090 (istio-proxy) +-------------------- +Service: helloworld + Port: http 80/HTTP targets pod port 80 +DestinationRule: helloworld for "helloworld.default.svc.cluster.local" + Matching subsets: v2 + (Non-matching subsets v1) + No Traffic Policy +-------------------- +Effective PeerAuthentication: + Workload mTLS mode: PERMISSIVE + + +Exposed on Ingress Gateway http://192.168.1.50 +VirtualService: helloworld-vs + Weight 80% + /helloworld +``` \ No newline at end of file diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/deployment.yaml b/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml similarity index 100% rename from Istio/simple/hello_world_1_service_2_deployments_managed_version/deployment.yaml rename to Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml b/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml similarity index 93% rename from Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml rename to Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml index fbdc82d..62a63a5 100644 --- a/Istio/simple/hello_world_1_service_2_deployments_managed_version/gateway.yaml +++ b/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml @@ -48,7 +48,8 @@ spec: apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: - name: helloworld + # name: helloworld + name: helloworld.default.svc.cluster.local # Destination that will "interject" spec: # host: helloworld # destination service host: helloworld.default.svc.cluster.local # Full destination service, lil better for consistency diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml new file mode 100644 index 0000000..775855d --- /dev/null +++ b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: defaultnt + labels: + istio-injection: "false" +# istio-injection: "enabled" +--- \ No newline at end of file diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md new file mode 100644 index 0000000..2bba7e8 --- /dev/null +++ b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md @@ -0,0 +1,123 @@ +##### https://github.com/istio/istio/tree/master/samples/helloworld + +https://istio.io/latest/blog/2017/0.1-canary/ + + +# Simple Hello World + +- 1 Service +- 2 Versions + +Iterates between the versions without any specific policy. (actually doesn't use the version for anything) + +I think that by default uses `RANDOM`. + +https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy + +https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings + + +Manually allows the sidecar injection through the label in the pod + + +https://istio.io/latest/docs/setup/additional-setup/sidecar-injection/#controlling-the-injection-policy + +## Files + +- deployment.yaml +- gateway.yaml + +## deployment.yaml + +### Creates + +#### Service + +- helloworld + +#### Deployments + +- helloworld-v1 (Nginx) +- helloworld-v2 (Apache) + +## gateway.yaml + +### Creates + +#### Gateway + +##### helloworld-gateway + +###### Configuration + +```yml +port: 80 +istio-ingress: ingressgateway +hosts: "*" +``` + +#### VirtualService + +##### helloworld-vs + +###### Configuration + +```yaml +hosts: "*" +uri: "/helloworld" +versions: + v1: + weight: "50%" + v2: + weight: "50%" +``` + +#### Destination Rule + +###### Configuration + +```yaml +host: helloworld.defaultnt.svc.cluster.local # Full destination service, lil better for consistency +subsets: +- name: v1 + labels: + version: v1 +- name: v2 + labels: + version: v2 +``` + + +# Run example + +## Deploy resources + +```shell +$ +``` + +## Wait for the pods to be ready + +(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment) + +```shell + +``` + +## Test the service + +### Get LB IP + +```shell +$ kubectl get svc istio-ingressgateway -n istio-system +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h +``` + +### Curl + + +```shell +$ curl 192.168.1.50/helloworld -s | grep "

.*

" +

It works!

+``` \ No newline at end of file diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml new file mode 100644 index 0000000..beb308d --- /dev/null +++ b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml @@ -0,0 +1,86 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml + +--- +apiVersion: v1 +kind: Service +metadata: + name: helloworld + namespace: defaultnt + labels: + app: helloworldll + service: helloworld + sidecar.istio.io/inject: "false" +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +#apiVersion: v1 +#kind: ServiceAccount +#metadata: +# name: istio-helloworld +# labels: +# account: +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-v1 + namespace: defaultnt + labels: + app: helloworld + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + version: v1 + template: + metadata: + labels: + app: helloworld + version: v1 + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-v2 + namespace: defaultnt + labels: + app: helloworld + version: v2 +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + version: v2 + template: + metadata: + labels: + app: helloworld + version: v2 + spec: + containers: + - name: helloworld + image: httpd + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 +--- \ No newline at end of file diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml new file mode 100644 index 0000000..8dbe334 --- /dev/null +++ b/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml @@ -0,0 +1,61 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway + namespace: defaultnt +spec: + selector: + istio: istio-ingress # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs + namespace: defaultnt +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld.defaultnt.svc.cluster.local + port: + number: 80 + subset: v1 + weight: 50 + - destination: + host: helloworld.defaultnt.svc.cluster.local + port: + number: 80 + subset: v2 + weight: 50 + rewrite: + uri: "/" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: DestinationRule +metadata: + name: helloworld + namespace: defaultnt +spec: + host: helloworld.defaultnt.svc.cluster.local # Full destination service, lil better for consistency + subsets: + - name: v1 + labels: + version: v1 + - name: v2 + labels: + version: v2 diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md new file mode 100644 index 0000000..0d3e011 --- /dev/null +++ b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md @@ -0,0 +1,10 @@ +# Continues from + +- 01-hello_world_1_service_1_deployment + + +https://github.com/istio/istio/issues/29463 + + + +Funny example I guess. diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml new file mode 100644 index 0000000..7bee5e1 --- /dev/null +++ b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml @@ -0,0 +1,57 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 +--- +apiVersion: networking.istio.io/v1alpha3 +kind: ServiceEntry +metadata: + name: external-svc +spec: + hosts: + - help.websiteos.com + # /websiteos/example_of_a_simple_html_page.htm +# - http://help.websiteos.com/websiteos/example_of_a_simple_html_page.htm + ports: + - number: 80 + name: http + protocol: HTTP + resolution: DNS + location: MESH_EXTERNAL +--- \ No newline at end of file diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml new file mode 100644 index 0000000..48332c1 --- /dev/null +++ b/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml @@ -0,0 +1,52 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld + port: + number: 80 + rewrite: + uri: "/" + + - timeout: 3s + match: + - uri: + - exact: "/external" + route: + - destination: + host: help.websiteos.com + port: + number: 80 + rewrite: + uri: "/websiteos/example_of_a_simple_html_page.htm" + headers: + request: + set: + HOST: "help.websiteos.com" \ No newline at end of file diff --git a/Istio/istio-classic/simple/README.md b/Istio/istio-classic/simple/README.md new file mode 100644 index 0000000..5ae94de --- /dev/null +++ b/Istio/istio-classic/simple/README.md @@ -0,0 +1,19 @@ +# Simple examples + + +# Traffic path + +## Istio Ingress Controller ---> Gateway -> Virtual Service (-> Destination Route) -> Ingress -> Deployment + + +# Examples + + + +## 01-hello_world_1_service_1_deployment + +## 02-hello_world_1_service_2_deployments_unmanaged + +## 03-hello_world_1_service_2_deployments_managed_version + +## 04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace \ No newline at end of file diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/README.md b/Istio/istio-classic/traffic_management/01-2_deployments_method/README.md new file mode 100644 index 0000000..575c5da --- /dev/null +++ b/Istio/istio-classic/traffic_management/01-2_deployments_method/README.md @@ -0,0 +1,11 @@ +##### https://github.com/istio/istio/tree/master/samples/helloworld + +https://istio.io/latest/blog/2017/0.1-canary/ + +# Note, VirtualService match rule order MATTERS + +Leave the "default/wildcard" rule at the bottom + +# Continues from + +- 03-hello_world_1_service_1_deployment diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml b/Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml new file mode 100644 index 0000000..de79e86 --- /dev/null +++ b/Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml @@ -0,0 +1,102 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-v0 + labels: + app: helloworld + version: v0 +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + version: v0 + template: + metadata: + labels: + app: helloworld + version: v0 + spec: + containers: + - name: helloworld + image: containous/whoami + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-v1 + labels: + app: helloworld + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + version: v1 + template: + metadata: + labels: + app: helloworld + version: v1 + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-v2 + labels: + app: helloworld + version: v2 +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + version: v2 + template: + metadata: + labels: + app: helloworld + version: v2 + spec: + containers: + - name: helloworld + image: httpd + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 +--- \ No newline at end of file diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml b/Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml new file mode 100644 index 0000000..2f3c8a8 --- /dev/null +++ b/Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml @@ -0,0 +1,85 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - name: firefox + match: + - uri: + exact: /helloworld + headers: + user-agent: + regex: '.*Firefox.*' + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + subset: nginx + rewrite: + uri: "/" + - name: curl + match: + - headers: + user-agent: + regex: '.*curl.*' + uri: + exact: /helloworld + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + subset: apache + rewrite: + uri: "/" + - name: default + match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + subset: default + rewrite: + uri: "/" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: DestinationRule +metadata: + name: helloworld.default.svc.cluster.local # Destination that will "interject" +spec: + host: helloworld.default.svc.cluster.local # Full destination service, lil better for consistency + subsets: + - name: default + labels: + version: v0 + - name: nginx + labels: + version: v1 + - name: apache + labels: + version: v2 diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md new file mode 100644 index 0000000..43b6ce0 --- /dev/null +++ b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md @@ -0,0 +1,7 @@ +https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPDirectResponse +https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPBody + + +# Continues from + +- 01-hello_world_1_service_1_deployment diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml new file mode 100644 index 0000000..01dd2b0 --- /dev/null +++ b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml @@ -0,0 +1,40 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml new file mode 100644 index 0000000..0c4e274 --- /dev/null +++ b/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml @@ -0,0 +1,46 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - name: helloworld + match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld + port: + number: 80 + rewrite: + uri: "/" + - name: default + directResponse: + status: 404 + body: + string: "Page Not Found" + headers: + response: + set: + content-type: "text/plain" \ No newline at end of file diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md b/Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md new file mode 100644 index 0000000..0967ca4 --- /dev/null +++ b/Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md @@ -0,0 +1,50 @@ + + +# Continues from + +- 01-hello_world_1_service_1_deployment + +# There were no changes respective to that version + +Through rewriting the URI we can point to the root directory from nginx. + +```yaml + rewrite: + uri: "/" +``` + + +## Practical usages: + + + +If we refactor our application, and for example we previously where hosting an API to the URL `/apiV1` and now it's being hosted in `/api/V1`, we can do the following rule: + + +```yaml + - match: + - uri: + exact: /apiV1 + route: + - destination: + host: mynewapi # the service destination/target + port: + number: 80 # whatever port it is + rewrite: + uri: "/api/V1" +``` + +Or if we "upgraded" the API, and the new API (v2) is retro-compatible with the old API (v1), we could do the following to force all the usages from the old API to be handled by the newer version: + +```yaml + - match: + - uri: + exact: /api/V1 + route: + - destination: + host: mynewapi # the service destination/target + port: + number: 80 # whatever port it is + rewrite: + uri: "/api/V2" +``` diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml b/Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml new file mode 100644 index 0000000..01dd2b0 --- /dev/null +++ b/Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml @@ -0,0 +1,40 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml b/Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml new file mode 100644 index 0000000..838bef9 --- /dev/null +++ b/Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml @@ -0,0 +1,36 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld.default.svc.cluster.local + port: + number: 80 + rewrite: + uri: "/" \ No newline at end of file diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md new file mode 100644 index 0000000..081d8fc --- /dev/null +++ b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md @@ -0,0 +1,7 @@ +# Continues from + +- 01-hello_world_1_service_1_deployment + + +https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPFaultInjection-Delay + diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml new file mode 100644 index 0000000..01dd2b0 --- /dev/null +++ b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml @@ -0,0 +1,40 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml new file mode 100644 index 0000000..fce0b98 --- /dev/null +++ b/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml @@ -0,0 +1,41 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld + port: + number: 80 + rewrite: + uri: "/" + fault: + delay: + percentage: + value: 90 + fixedDelay: 10s \ No newline at end of file diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md new file mode 100644 index 0000000..b69a0af --- /dev/null +++ b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md @@ -0,0 +1,11 @@ +# Continues from + +- 05a-FaultInjection-delay + + +https://istio.io/latest/docs/reference/config/networking/virtual-service/#HTTPFaultInjection-Abort + + + +curl 192.168.1.50/helloworld -I + diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml new file mode 100644 index 0000000..01dd2b0 --- /dev/null +++ b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml @@ -0,0 +1,40 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml +apiVersion: v1 +kind: Service +metadata: + name: helloworld + labels: + app: helloworld + service: helloworld +spec: + ports: + - port: 80 + name: http + selector: + app: helloworld +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: helloworld-nginx + labels: + app: helloworld +spec: + replicas: 1 + selector: + matchLabels: + app: helloworld + template: + metadata: + labels: + app: helloworld + spec: + containers: + - name: helloworld + image: nginx + resources: + requests: + cpu: "100m" + imagePullPolicy: IfNotPresent #Always + ports: + - containerPort: 80 diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml new file mode 100644 index 0000000..d6865b4 --- /dev/null +++ b/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml @@ -0,0 +1,41 @@ +# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: helloworld-gateway +spec: + selector: + istio: ingressgateway # use istio default controller + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: helloworld-vs +spec: + hosts: + - "*" + gateways: + - helloworld-gateway + http: + - match: + - uri: + exact: /helloworld + route: + - destination: + host: helloworld + port: + number: 80 + rewrite: + uri: "/" + fault: + abort: + percentage: + value: 90 + httpStatus: 503 \ No newline at end of file diff --git a/Istio/simple/README.md b/Istio/simple/README.md deleted file mode 100644 index 624debe..0000000 --- a/Istio/simple/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# Simple examples - - -# Traffic path - -## Istio Ingress Controller ---> Gateway -> Virtual Service (-> Destination Route) -> Ingress -> Deployment \ No newline at end of file diff --git a/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md b/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md deleted file mode 100644 index f18184c..0000000 --- a/Istio/simple/hello_world_1_service_2_deployments_managed_version/README.md +++ /dev/null @@ -1,182 +0,0 @@ -##### https://github.com/istio/istio/tree/master/samples/helloworld - -https://istio.io/latest/blog/2017/0.1-canary/ - - -# Simple Hello World - -- 1 Service -- 2 Versions - -Iterates between the versions without any specific policy. (actually doesn't use the version for anything) - -I think that by default uses `RANDOM`. - -https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy - -https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings - - -Relies in automatic sidecar injection. - - -> Contains service account configurations, yet they are commented as not "necessary". - -## Quick note - -On this version I have "started" to use the full service name instead of the shorten version, aka: - -```yaml - route: - - destination: - host: helloworld -``` - -Will be: - -```yaml - route: - - destination: - host: helloworld.default.svc.cluster.local -``` - -It's overall a good practice to have, so not much of a reason to not do it. - -https://istio.io/latest/docs/reference/config/networking/destination-rule/#DestinationRule - - -## Files - -- deployment.yaml -- gateway.yaml - -## deployment.yaml - -### Creates - -#### Service - -- helloworld - -#### Deployments - -- helloworld-v1 (Nginx) -- helloworld-v2 (Apache) - -## gateway.yaml - -### Creates - -#### Gateway - -##### helloworld-gateway - -###### Configuration - -```yml -port: 80 -istio-ingress: ingressgateway -hosts: "*" -``` - -#### VirtualService - -##### helloworld-vs - -###### Configuration - -```yaml -hosts: "*" -uri: "/helloworld" -versions: - v1: - weight: "25%" - v2: - weight: "75%" -``` - -#### Destination Rule - -###### Configuration - -```yaml - -``` - - -# Run example - -## Deploy resources - -```shell -$ kubectl apply -f ./ -service/helloworld created -deployment.apps/helloworld-v1 created -deployment.apps/helloworld-v2 created -gateway.networking.istio.io/helloworld-gateway created -virtualservice.networking.istio.io/helloworld-vs created -destinationrule.networking.istio.io/helloworld-destinationrule created -``` - -## Wait for the pods to be ready - -(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment) - -```shell -$ kubectl get deployment helloworld-v{1..2} -w  ✔  kubernetes-admin@kubernetes ⎈ -NAME READY UP-TO-DATE AVAILABLE AGE -helloworld-v1 1/1 1 1 4m1s -helloworld-v2 1/1 1 1 4m1s -``` - -## Test the service - -### Get LB IP - -```shell -$ kubectl get svc istio-ingressgateway -n istio-system -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h -``` - -### Curl - -Iterates between Nginx and Apache. Somwhat close to the ratio configured. - -> Nginx instances (v1): 2 \ -> Apache instances (v2): 9 - -```shell -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

" -

Welcome to nginx!

-``` diff --git a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md b/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md deleted file mode 100644 index e38829c..0000000 --- a/Istio/simple/hello_world_1_service_2_deployments_unmanaged/README.md +++ /dev/null @@ -1,139 +0,0 @@ -##### https://github.com/istio/istio/tree/master/samples/helloworld - -# Simple Hello World - -- 1 Service -- 2 Versions - -Iterates between the versions without any specific policy. (actually doesn't use the version for anything) - -I think that by default uses `RANDOM`. - -https://istio.io/latest/docs/reference/config/networking/destination-rule/#TrafficPolicy-PortTrafficPolicy - -https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings - - -Relies in automatic sidecar injection. - - -> Contains service account configurations, yet they are commented as not "necessary". - - -## Files - -- deployment.yaml -- gateway.yaml - -## deployment.yaml - -### Creates - -#### Service - -- helloworld - -#### Deployments - -- helloworld-v1 (Nginx) -- helloworld-v2 (Apache) - -## gateway.yaml - -### Creates - -#### Gateway - -##### helloworld-gateway - -###### Configuration - -```yml -port: 80 -istio-ingress: ingressgateway -hosts: "*" -``` - -#### VirtualService - -##### helloworld-vs - -###### Configuration - -```yaml -hosts: "*" -uri: "/helloworld" -``` - - - - - - -# Run example - -## Deploy resources - -```shell -$ kubectl apply -f ./ -service/helloworld created -deployment.apps/helloworld-v1 created -deployment.apps/helloworld-v2 created -deployment.apps/helloworld-v2 unchanged -gateway.networking.istio.io/helloworld-gateway created -virtualservice.networking.istio.io/helloworld-vs created -``` - -## Wait for the pods to be ready - -(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment) - -```shell -$ kubectl get deployment helloworld-v{1..2} -w  ✔  kubernetes-admin@kubernetes ⎈ -NAME READY UP-TO-DATE AVAILABLE AGE -helloworld-v1 1/1 1 1 4m1s -helloworld-v2 1/1 1 1 4m1s -``` - -## Test the service - -### Get LB IP - -```shell -$ kubectl get svc istio-ingressgateway -n istio-system -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -istio-ingressgateway LoadBalancer 10.97.47.216 192.168.1.50 15021:31316/TCP,80:32012/TCP,443:32486/TCP 39h -``` - -### Curl - -Iterates randomly between Nginx and Apache - -```shell -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

Welcome to nginx!

- -$ curl 192.168.1.50/helloworld -s | grep "

.*

"  ✔ -

It works!

-``` diff --git a/README.md b/README.md index 2af018d..00bf9ef 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ # Surely only the following folders work / have any meaningful information -- [Istio](/Istio) \ No newline at end of file +- [Istio](./Istio) \ No newline at end of file