diff --git a/charts/podinfo-istio/README.md b/charts/podinfo-istio/README.md index 13cb345..2dcac6e 100644 --- a/charts/podinfo-istio/README.md +++ b/charts/podinfo-istio/README.md @@ -5,77 +5,72 @@ that showcases best practices of running microservices in Kubernetes. ## Installing the Chart -To install the chart with the release name `my-release`: +Create an Istio enabled namespace: ```console kubectl create namespace demo kubectl label namespace demo istio-injection=enabled ``` -```console -$ helm install podinfo-istio --name my-release -namespace demo +Create an Istio Gateway in the `istio-system` namespace named `public-gateway`: + +```yaml +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: public-gateway + namespace: istio-system +spec: + selector: + istio: ingressgateway + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "*" + tls: + httpsRedirect: true + - port: + number: 443 + name: https + protocol: HTTPS + hosts: + - "*" + tls: + mode: SIMPLE + privateKey: /etc/istio/ingressgateway-certs/tls.key + serverCertificate: /etc/istio/ingressgateway-certs/tls.crt ``` -The command deploys podinfo-istio on the Kubernetes cluster in the default namespace. -The [configuration](#configuration) section lists the parameters that can be configured during installation. - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: +Create the `frontend` release by specifying the external domain name: ```console -$ helm delete --purge my-release +helm upgrade frontend --install ./charts/podinfo-istio \ + --namespace=demo \ + --set host=podinfo.example.com \ + --set gateway.name=public-gateway \ + --set gateway.create=false \ + -f ./charts/podinfo-istio/frontend.yaml ``` -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Configuration - -The following tables lists the configurable parameters of the podinfo-istio.chart and their default values. - -Parameter | Description | Default ---- | --- | --- -`affinity` | node/pod affinities | None -`hpa.enabled` | Enables HPA | `false` -`hpa.cpu` | Target CPU usage per pod | None -`hpa.memory` | Target memory usage per pod | None -`hpa.requests` | Target requests per second per pod | None -`hpa.maxReplicas` | Maximum pod replicas | `10` -`ingress.hosts` | Ingress accepted hostnames | None -`ingress.tls` | Ingress TLS configuration | None: -`image.pullPolicy` | Image pull policy | `IfNotPresent` -`image.repository` | Image repository | `stefanprodan/podinfo-istio. -`image.tag` | Image tag | `0.0.1` -`ingress.enabled` | Enables Ingress | `false` -`ingress.annotations` | Ingress annotations | None -`ingress.hosts` | Ingress accepted hostnames | None -`ingress.tls` | Ingress TLS configuration | None -`nodeSelector` | node labels for pod assignment | `{}` -`podAnnotations` | annotations to add to each pod | `{}` -`replicaCount` | desired number of pods | `1` -`resources.requests/cpu` | pod CPU request | `1m` -`resources.requests/memory` | pod memory request | `16Mi` -`resources.limits/cpu` | pod CPU limit | None -`resources.limits/memory` | pod memory limit | None -`service.externalPort` | external port for the service | `9898` -`service.internalPort` | internal port for the service | `9898` -`service.nodePort` | node port for the service | `31198` -`service.type` | type of service | `ClusterIP` -`tolerations` | List of node taints to tolerate | `[]` - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, +Create the `backend` release: ```console -$ helm install stable/podinfo-istio.--name my-release \ - --set=image.tag=0.0.2,service.type=NodePort +helm upgrade backend --install ./charts/podinfo-istio \ + --namespace=demo \ + -f ./charts/podinfo-istio/backend.yaml ``` -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, +Create the `store` release: ```console -$ helm install podinfo-istio --name my-release -f values.yaml +helm upgrade store --install ./charts/podinfo-istio \ + --namespace=demo \ + -f ./charts/podinfo-istio/store.yaml ``` -> **Tip**: You can use the default [values.yaml](values.yaml) -``` + + diff --git a/charts/podinfo-istio/apply.sh b/charts/podinfo-istio/apply.sh new file mode 100755 index 0000000..428d4ac --- /dev/null +++ b/charts/podinfo-istio/apply.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +#Usage: fswatch -o ./podinfo-istio/ | xargs -n1 ./podinfo-istio/apply.sh + +set -e + +MARK='\033[0;32m' +NC='\033[0m' + +log (){ + echo -e "$(date +%Y-%m-%dT%H:%M:%S%z) ${MARK}${1}${NC}" +} + +log "installing frontend" +helm upgrade frontend --install ./podinfo-istio \ + --namespace=demo \ + --set host=canary.istio.weavedx.com \ + --set gateway.name=public-gateway \ + --set gateway.create=false \ + -f ./podinfo-istio/frontend.yaml + +log "installing backend" +helm upgrade backend --install ./podinfo-istio \ + --namespace=demo \ + -f ./podinfo-istio/backend.yaml + +log "installing store" +helm upgrade store --install ./podinfo-istio \ + --namespace=demo \ + -f ./podinfo-istio/store.yaml + +log "finished installing frontend, backend and store" + + diff --git a/charts/podinfo-istio/backend.yaml b/charts/podinfo-istio/backend.yaml new file mode 100644 index 0000000..07a88a9 --- /dev/null +++ b/charts/podinfo-istio/backend.yaml @@ -0,0 +1,21 @@ +# Default values for backend demo. + +# expose the blue/green deployments inside the cluster +host: backend + +# stable release +blue: + replicas: 2 + tag: "0.6.0" + backend: http://store:9898/api/echo + +# canary release +green: + replicas: 2 + tag: "0.6.1" + routing: + # target green callers + - match: + - sourceLabels: + color: green + backend: http://store:9898/api/echo diff --git a/charts/podinfo-istio/frontend.yaml b/charts/podinfo-istio/frontend.yaml new file mode 100644 index 0000000..ac9d9cf --- /dev/null +++ b/charts/podinfo-istio/frontend.yaml @@ -0,0 +1,39 @@ +# Default values for frontend demo. + +# external domain +host: +exposeHost: true + +# no more than one Gateway can be created on a cluster +# if TLS is enabled the istio-ingressgateway-certs secret must exist in istio-system ns +# if you have a Gateway running you can set the name to your own gateway and turn off create +gateway: + name: public-gateway + create: true + tls: true + httpsRedirect: true + +# stable release +blue: + replicas: 2 + tag: "0.6.0" + message: "Greetings from the blue frontend" + backend: http://backend:9898/api/echo + +# canary release +green: + replicas: 2 + tag: "0.6.1" + routing: + # target Safari + - match: + - headers: + user-agent: + regex: "^(?!.*Chrome).*Safari.*" + # target API clients by version + - match: + - headers: + x-api-version: + regex: "^(v{0,1})0\\.6\\.([1-9]).*" + message: "Greetings from the green frontend" + backend: http://backend:9898/api/echo diff --git a/charts/podinfo-istio/store.yaml b/charts/podinfo-istio/store.yaml new file mode 100644 index 0000000..195b7d8 --- /dev/null +++ b/charts/podinfo-istio/store.yaml @@ -0,0 +1,19 @@ +# Default values for backend demo. + +# expose the store deployment inside the cluster +host: store + +# load balance 80/20 between blue and green +blue: + replicas: 2 + tag: "0.6.0" + backend: https://httpbin.org/anything + weight: 80 + +green: + replicas: 2 + tag: "0.6.1" + backend: https://httpbin.org/anything + +externalServices: + - httpbin.org diff --git a/charts/podinfo-istio/templates/_helpers.tpl b/charts/podinfo-istio/templates/_helpers.tpl index 6639581..0445334 100644 --- a/charts/podinfo-istio/templates/_helpers.tpl +++ b/charts/podinfo-istio/templates/_helpers.tpl @@ -9,7 +9,7 @@ Expand the name of the chart. {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. +The release name is used as a full name. */}} {{- define "podinfo-istio.fullname" -}} {{- if .Values.fullnameOverride -}} @@ -33,3 +33,4 @@ Create chart name and version as used by the chart label. {{- define "podinfo-istio.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + diff --git a/charts/podinfo-istio/templates/blue-deployment.yaml b/charts/podinfo-istio/templates/blue-deployment.yaml index d3a4403..d4b1d47 100644 --- a/charts/podinfo-istio/templates/blue-deployment.yaml +++ b/charts/podinfo-istio/templates/blue-deployment.yaml @@ -19,7 +19,6 @@ spec: matchLabels: app: {{ template "podinfo-istio.fullname" . }} color: blue - version: {{ .Values.blue.tag }} template: metadata: labels: @@ -41,9 +40,13 @@ spec: env: - name: color value: blue - {{- if .Values.backend }} + {{- if .Values.blue.backend }} - name: backendURL - value: {{ .Values.backend }} + value: {{ .Values.blue.backend }} + {{- end }} + {{- if .Values.blue.message }} + - name: message + value: {{ .Values.blue.message }} {{- end }} ports: - name: http diff --git a/charts/podinfo-istio/templates/destionation-rule.yaml b/charts/podinfo-istio/templates/destionation-rule.yaml index 9e1f183..9cb1f29 100644 --- a/charts/podinfo-istio/templates/destionation-rule.yaml +++ b/charts/podinfo-istio/templates/destionation-rule.yaml @@ -13,6 +13,8 @@ spec: - name: blue labels: color: blue + {{- if gt .Values.green.replicas 0.0 }} - name: green labels: - color: green \ No newline at end of file + color: green + {{- end }} \ No newline at end of file diff --git a/charts/podinfo-istio/templates/external-services.yaml b/charts/podinfo-istio/templates/external-services.yaml new file mode 100644 index 0000000..0c73537 --- /dev/null +++ b/charts/podinfo-istio/templates/external-services.yaml @@ -0,0 +1,22 @@ +{{- if .Values.externalServices -}} +apiVersion: networking.istio.io/v1alpha3 +kind: ServiceEntry +metadata: + name: {{ template "podinfo-istio.fullname" . }}-external-svcs + labels: + app: {{ template "podinfo-istio.fullname" . }} + chart: {{ template "podinfo-istio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + hosts: + {{- range .Values.externalServices }} + - {{ . }} + {{- end }} + location: MESH_EXTERNAL + ports: + - number: 443 + name: https + protocol: HTTPS + resolution: DNS +{{- end }} \ No newline at end of file diff --git a/charts/podinfo-istio/templates/green-deployment.yaml b/charts/podinfo-istio/templates/green-deployment.yaml index a9721e1..01aeee3 100644 --- a/charts/podinfo-istio/templates/green-deployment.yaml +++ b/charts/podinfo-istio/templates/green-deployment.yaml @@ -1,3 +1,4 @@ +{{- if gt .Values.green.replicas 0.0 -}} apiVersion: apps/v1 kind: Deployment metadata: @@ -19,7 +20,6 @@ spec: matchLabels: app: {{ template "podinfo-istio.fullname" . }} color: green - version: {{ .Values.green.tag }} template: metadata: labels: @@ -41,9 +41,13 @@ spec: env: - name: color value: green - {{- if .Values.backend }} + {{- if .Values.green.backend }} - name: backendURL - value: {{ .Values.backend }} + value: {{ .Values.green.backend }} + {{- end }} + {{- if .Values.green.message }} + - name: message + value: {{ .Values.green.message }} {{- end }} ports: - name: http @@ -71,3 +75,4 @@ spec: volumes: - name: data emptyDir: {} +{{- end }} \ No newline at end of file diff --git a/charts/podinfo-istio/templates/virtual-service.yaml b/charts/podinfo-istio/templates/virtual-service.yaml index a87d694..ebf1b22 100644 --- a/charts/podinfo-istio/templates/virtual-service.yaml +++ b/charts/podinfo-istio/templates/virtual-service.yaml @@ -1,5 +1,6 @@ {{- $host := .Release.Name -}} {{- $timeout := .Values.timeout -}} +{{- $greenWeight := (sub 100 (.Values.blue.weight|int)) | int -}} apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: @@ -28,9 +29,15 @@ spec: timeout: {{ $timeout }} {{- end }} {{- end }} - # default route - route: - destination: host: {{ template "podinfo-istio.fullname" . }} subset: blue - timeout: {{ .Values.timeout }} \ No newline at end of file + weight: {{ .Values.blue.weight }} + {{- if gt .Values.green.replicas 0.0 }} + - destination: + host: {{ template "podinfo-istio.fullname" . }} + subset: green + weight: {{ $greenWeight }} + {{- end }} + timeout: {{ $timeout }} diff --git a/charts/podinfo-istio/values.yaml b/charts/podinfo-istio/values.yaml index f845b54..e8df75c 100644 --- a/charts/podinfo-istio/values.yaml +++ b/charts/podinfo-istio/values.yaml @@ -1,48 +1,48 @@ # Default values for podinfo-istio. - -# host can be an extarnal domain or a local one as in podinfo.test.svc.cluster.local -host: canary.istio.weavedx.com +# host can be an extarnal domain or a local one +host: podinfo # if the host is an external domain must be exposed via the Gateway -exposeHost: true +exposeHost: false timeout: 30s +# creates public-gateway.istio-system.svc.cluster.local # no more than one Gateway can be created on a cluster # if TLS is enabled the istio-ingressgateway-certs secret must exist in istio-system ns # if you have a Gateway running you can set the name to your own gateway and turn off create gateway: name: public-gateway - # creates public-gateway.istio-system.svc.cluster.local create: false - tls: true - httpsRedirect: true + tls: false + httpsRedirect: false + +# authorise external https services +#externalServices: +# - api.github.com +# - apis.google.com +# - googleapis.com # stable release # by default all traffic goes to blue blue: replicas: 2 repository: quay.io/stefanprodan/podinfo - tag: 0.6.0 + tag: "0.6.0" + # green must have at at least one replica to set weight under 100 + weight: 100 + message: backend: + # canary release -# can be disabled by setting replicas to 0 +# disabled with 0 replicas green: - replicas: 2 + replicas: 0 repository: quay.io/stefanprodan/podinfo - tag: 0.6.1 - routing: - # target Safari - - match: - - headers: - user-agent: - regex: "^(?!.*Chrome).*Safari.*" - # target API clients by version - - match: - - headers: - x-api-version: - regex: "^(v{0,1})0\\.6\\.([1-9]).*" + tag: "0.6.1" + message: backend: + routing: # blue/green common settings logLevel: info @@ -52,4 +52,4 @@ resources: limits: requests: cpu: 1m - memory: 16Mi \ No newline at end of file + memory: 16Mi