Offends/Kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b44594def6e95f08895280d00c44ccc11ea7fe65
Kubernetes/网关/Istio/通过Istio实现灰度发布.md
offends b44594def6
All checks were successful
continuous-integration/drone Build is passing
Details
修改和新增
2025-12-23 01:53:01 +08:00

177 lines
4.3 KiB
Markdown
Raw Blame History

> 本文作者:丁辉
# 通过Istio实现灰度发布
部署测试示例 Nginx Deployment v1和v2
1. 部署 v1 版本
```bash
kubectl apply -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/nginx-deployment-v1.yaml
```
2. 部署 v2 版本
```bash
kubectl apply -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/nginx-deployment-v2.yaml
```
## 配合 Istio APIs 实现灰度发布
1. 创建 Nginx Service
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Service
metadata:
name: nginx-deployment-service
namespace: default
spec:
selector:
app: nginx
ports:
- name: http
port: 80
targetPort: 80
EOF
```
2. 创建 Nginx Gateway 资源
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1
kind: Gateway
metadata:
name: nginx-gateway
namespace: default
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- example.com # 替换为你的域名
tls:
mode: SIMPLE
credentialName: example-tls # 替换为你的证书,这个 secret 必须在 istio-system 命名空间
EOF
```
3. 创建 DestinationRule 资源
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1
kind: DestinationRule
metadata:
name: nginx-destination
spec:
host: nginx-deployment-service #对应 service 名称
subsets:
- name: v1
labels:
version: v1 # Pod标签
- name: v2
labels:
version: v2 # Pod标签
EOF
```
4. 创建 VirtualService 资源(限制流量全部开放给 v1)
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1
kind: VirtualService
metadata:
name: nginx-virtualservice
namespace: default
spec:
hosts:
- example.com # 替换为你的域名
gateways:
- nginx-gateway
http:
- route:
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v1 # 对应 DestinationRule 中的 v1
weight: 100 # 100%流量分发到 v1
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v2 # 对应 DestinationRule 中的 v2
EOF
```
5. 更新 VirtualService 资源(将 20% 流量分给 v2)
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1
kind: VirtualService
metadata:
name: nginx-virtualservice
namespace: default
spec:
hosts:
- example.com # 替换为你的域名
gateways:
- nginx-gateway
http:
- route:
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v1 # 对应 DestinationRule 中的 v1
weight: 80 # 80%流量分发到 v1
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v2 # 对应 DestinationRule 中的 v2
weight: 20 # 20%流量分发到 v2
EOF
```
6. 最后将全部流量开放给 v2
```yaml
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1
kind: VirtualService
metadata:
name: nginx-virtualservice
namespace: default
spec:
hosts:
- example.com # 替换为你的域名
gateways:
- nginx-gateway
http:
- route:
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v1 # 对应 DestinationRule 中的 v1
- destination:
host: nginx-deployment-service.default.svc.cluster.local # 指对应的 service 名称
port:
number: 80
subset: v2 # 对应 DestinationRule 中的 v2
weight: 100 # 100%流量分发到 v2
EOF
```
7. 完成灰度发布(HTTPS同理)。
Reference in New Issue View Git Blame Copy Permalink