[Istio]Traffic Management - Request Routing(동적 요청 라우팅 구성하기)

Concept

이 작업에서는 여러 버전의 마이크로서비스에 대한 동적 요청 라우팅을 구성하는 방법을 보여 준다.

reviews 마이크로서비스에는 세 가지 버전이 있으며, 동시에 실행 중이다. 이 중 도서 리뷰에 별점이 포함된 경우(v2,v3)와 포함되지 않은 경우(v1)가 번갈아가며 나타나고 있다.

Istio는 명시적으로 라우팅할 기본 서비스 버전이 없기 때문에 가능한 모든 버전에 대한 요청을 라운드 로빈 방식으로 라우팅한다.

이 작업의 목표는 모든 트래픽을 마이크로서비스의 v1로 라우팅하는 규칙을 적용하는 것이다.

AS-IS: v1, v2, v3이 RR 방식으로 라우팅

productpage를 통해 접속하면 아래와 같이 리뷰 부분이 v1,v2,v3으로 돌아가며 나온다.

reviews-v1으로 연결

reviews-v2로 연결

reviews-v3로 연결

kiali를 사용하여 트래픽 흐름 확인

TO-BE: reviews-v1 서비스로만 라우팅하기

samples yaml경로
samples/bookinfo/networking/

서비스 흐름도

Traffic Policy를 결정짓는 DestinationRule 적용

➜ cat destination-rule-all.yaml
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: productpage
spec:
  host: productpage
  subsets:
  - name: v1
    labels:
      version: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: reviews
spec:
  host: reviews
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v3
    labels:
      version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: ratings
spec:
  host: ratings
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v2-mysql
    labels:
      version: v2-mysql
  - name: v2-mysql-vm
    labels:
      version: v2-mysql-vm
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: details
spec:
  host: details
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
---

생성된 DestinationRule 오브젝트 조회

➜ k apply -f destination-rule-all.yaml
destinationrule.networking.istio.io/productpage created
destinationrule.networking.istio.io/reviews created
destinationrule.networking.istio.io/ratings created
destinationrule.networking.istio.io/details created

➜ k get destinationrules.networking.istio.io
NAME          HOST          AGE
details       details       17s
productpage   productpage   17s
ratings       ratings       17s
reviews       reviews       17s

Service 경로 라우팅을 위한 VirtualService 생성 - review-v1으로만 라우팅

➜ cat virtual-service-all-v1.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: productpage
spec:
  hosts:
  - productpage
  http:
  - route:
    - destination:
        host: productpage
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: ratings
spec:
  hosts:
  - ratings
  http:
  - route:
    - destination:
        host: ratings
        subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: details
spec:
  hosts:
  - details
  http:
  - route:
    - destination:
        host: details
        subset: v1
---

• VirtualService들의 destination이 v1만 작성됐다

virtualService 라우팅 정보 확인

➜ k apply -f virtual-service-all-v1.yaml
virtualservice.networking.istio.io/productpage created
virtualservice.networking.istio.io/reviews created
virtualservice.networking.istio.io/ratings created
virtualservice.networking.istio.io/details created

➜ k get virtualservices.networking.istio.io
NAME          GATEWAYS   HOSTS             AGE
details                  ["details"]       8s
productpage              ["productpage"]   9s
ratings                  ["ratings"]       8s
reviews                  ["reviews"]       8s

 

DestinationRule 적용 이후 productpage를 확인하면 reviews-v1으로만 연결되는걸 확인할 수 있다.

Log 확인

istioctl install --set profile=demo로 설치한 경우는 envoy log를 바로 확인할 수 있다. https://istio.io/latest/docs/tasks/observability/logs/access-log/#default-access-log-format

(option)Envoy의 액세스 로깅 활성화(profile=default로 설치한 경우)

텔레메트리 API 사용(권장), 아래 yaml을 apply한 이후부터 istio-porxy container에서 로그를 확인할 수 있다.

apiVersion: telemetry.istio.io/v1alpha1
kind: Telemetry
metadata:
  name: mesh-default
  namespace: istio-system
spec:
  accessLogging:
    - providers:
      - name: envoy

productpage pod에 인젝션된 istio-proxy 로그 확인

➜ k logs -f productpage-v1-66756cddfd-gwmnf -c istio-proxy
[2023-05-03T08:23:24.572Z] "GET /details/0 HTTP/1.1" 200 - via_upstream - "-" 0 178 1 1 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" "70fb4815-24d3-4850-87fc-8005dbb5f5b0" "details:9080" "10.77.120.212:9080" outbound|9080|v1|details.bookinfo.svc.cluster.local 10.77.120.14:50622 172.20.158.243:9080 10.77.120.14:52912 - -
[2023-05-03T08:23:24.575Z] "GET /reviews/0 HTTP/1.1" 200 - via_upstream - "-" 0 436 21 21 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" "70fb4815-24d3-4850-87fc-8005dbb5f5b0" "reviews:9080" "10.77.120.216:9080" outbound|9080|v3|reviews.bookinfo.svc.cluster.local 10.77.120.14:48908 172.20.125.202:9080 10.77.120.14:57026 - -
[2023-05-03T08:23:24.568Z] "GET /productpage HTTP/1.1" 200 - via_upstream - "-" 0 5288 31 30 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" "70fb4815-24d3-4850-87fc-8005dbb5f5b0" "ab85cce27073a4489ac334d1acc4e597-553115507.ap-northeast-2.elb.amazonaws.com:9080" "10.77.120.14:9080" inbound|9080|| 127.0.0.6:45775 10.77.120.14:9080 10.77.120.241:1571 - default

productpage pod의 productpage container 로그 확인

DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): details:9080
send: b'GET /details/0 HTTP/1.1\\r\\nHost: details:9080\\r\\nuser-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36\\r\\nAccept-Encoding: gzip, deflate\\r\\nAccept: */*\\r\\nConnection: keep-alive\\r\\nX-B3-TraceId: c9e6e6df59e213fb27f90d5e9278e3aa\\r\\nX-B3-SpanId: 27f90d5e9278e3aa\\r\\nx-request-id: d95a74eb-3417-41fb-8b13-db28d3dd041c\\r\\n\\r\\n'
reply: 'HTTP/1.1 200 OK\\r\\n'
header: content-type: application/json
header: server: envoy
header: date: Wed, 03 May 2023 08:23:06 GMT
header: content-length: 178
header: x-envoy-upstream-service-time: 2
DEBUG:urllib3.connectionpool:<http://details:9080> "GET /details/0 HTTP/1.1" 200 178
DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): reviews:9080
send: b'GET /reviews/0 HTTP/1.1\\r\\nHost: reviews:9080\\r\\nuser-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36\\r\\nAccept-Encoding: gzip, deflate\\r\\nAccept: */*\\r\\nConnection: keep-alive\\r\\nX-B3-TraceId: c9e6e6df59e213fb27f90d5e9278e3aa\\r\\nX-B3-SpanId: 27f90d5e9278e3aa\\r\\nx-request-id: d95a74eb-3417-41fb-8b13-db28d3dd041c\\r\\n\\r\\n'
reply: 'HTTP/1.1 200 OK\\r\\n'
header: x-powered-by: Servlet/3.1
header: content-type: application/json
header: date: Wed, 03 May 2023 08:23:06 GMT
header: content-language: en-US
header: content-length: 436
header: x-envoy-upstream-service-time: 26
header: server: envoy
DEBUG:urllib3.connectionpool:<http://reviews:9080> "GET /reviews/0 HTTP/1.1" 200 436
INFO:werkzeug:::ffff:127.0.0.6 - - [03/May/2023 08:23:06] "GET /productpage HTTP/1.1" 200 -

TO-BE: reviews-v3 서비스로만 라우팅하기

서비스 흐름도

➜ k edit vs reviews
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: reviews
  namespace: bookinfo
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1 > v3

subset: v1 → subset: v3

productpage를 확인하면 reviews-v1으로만 연결되는걸 확인할 수 있다.

Request Routing
This task shows you how to configure dynamic request routing to multiple versions of a microservice.

서비스 메시에서의 트래픽 관리에 대한 자세한 내용은 아래 글에서 확인할 수 있다.
[Istio]Traffic Management - 무슨 일이 발생하는 건가? envoy xDS Sync 이해하기