1、前言
2、GatewayApi部署
2.1 标准部署GatewayApi Crds
参考本文:标准部署GatewayApi Crds
2.2 部署envoy gateway
2.2.1 准备镜像
| 原镜像地址 | 修改镜像地址 |
|---|---|
| docker.m.daocloud.io/envoyproxy/gateway:v1.6.1 | ctr -n k8s.io images tag docker.m.daocloud.io/envoyproxy/gateway:v1.6.1 docker.io/envoyproxy/gateway:v1.6.1 |
| docker.m.daocloud.io/envoyproxy/envoy:distroless-v1.36.3 | ctr -n k8s.io images tag docker.m.daocloud.io/envoyproxy/envoy:distroless-v1.36.3 docker.io/envoyproxy/envoy:distroless-v1.36.3 |
链接:envoy
#规避资源过大的问题,用--server-side参数部署
kubectl apply --server-side -f install.yaml
查看deployment部署情况
2.2.2 创建一个命名空间
kubectl create ns eg-demo
2.2.3 创建gatewayclass
cat > gatewayclass.yaml << EOF
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
name: eg
namespace: eg-demo #命名空间
spec:
controllerName: gateway.envoyproxy.io/gatewayclass-controller
EOF
2.2.4 创建gateway
cat > gateway.yaml << EOF
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: eg-gateway #gateway名称
namespace: eg-demo #命名空间
spec:
gatewayClassName: eg #上面创建的gatewayclass的名称
listeners:
- name: http
protocol: HTTP
port: 80
EOF
2.2.5 验证gateway相关服务
当pod全部起来,状态均为True代表envoy已经成功部署
kubectl -n envoy-gateway-system get pod,svc,gatewayclass
kubectl -n eg-demo get gateway
3、应用场景--金丝雀发布
3.1 部署deploy和svc
3.1.1 canary
cat > dev_canary.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: dev-demo-canary
namespace: eg-demo
spec:
replicas: 1
selector:
matchLabels:
app: dev-demo-canary
template:
metadata:
labels:
app: dev-demo-canary
spec:
containers:
- name: dev-demo-canary
image: harbor.test.com/java-dev/demo:Canary
restartPolicy: Always
dnsPolicy: ClusterFirst
---
apiVersion: v1
kind: Service
metadata:
name: dev-demo-canary
namespace: eg-demo
spec:
selector:
app: dev-demo-canary
ports:
- name: dev-demo-canary-8080
protocol: TCP
port: 8080
targetPort: 8080
EOF
3.1.2 prod
cat > dev_prod.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: dev-demo-prod
namespace: eg-demo
spec:
replicas: 1
selector:
matchLabels:
app: dev-demo-prod
template:
metadata:
labels:
app: dev-demo-prod
spec:
containers:
- name: dev-demo-prod
image: harbor.test.com/java-dev/demo:Prod
restartPolicy: Always
dnsPolicy: ClusterFirst
---
apiVersion: v1
kind: Service
metadata:
name: dev-demo-prod
namespace: eg-demo
spec:
selector:
app: dev-demo-prod
ports:
- name: dev-demo-prod-8080
protocol: TCP
port: 8080
targetPort: 8080
EOF
3.1.3 查看deploy和svc部署情况
kubectl -n eg-demo get pod,svc
3.2 基于流量比例发布
3.2.3 HTTProute规则
cat > httproute.yaml << EOF
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route
namespace: eg-demo #指定Gateway所在的命名空间
spec:
parentRefs:
- name: eg-gateway
sectionName: http
hostnames:
- "gatewayapi.demo.com" #指定host
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: dev-demo-canary #写入后端service
kind: Service
port: 8080
weight: 10
- name: dev-demo-prod #写入后端service
kind: Service
port: 8080
weight: 90
EOF
3.2.4 验证金丝雀流量比例发布
for i in {1..10};do curl http://gatewayapi.demo.com ;sleep 1 ;echo -e ;done
流量比例符合预期
3.3 基于header发布
3.3.1 HTTProute规则
cat > httproute_header.yaml << EOF
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: http-route
namespace: eg-demo #指定Gateway所在的命名空间
spec:
parentRefs:
- name: eg-gateway
sectionName: http
hostnames:
- "gatewayapi.demo.com" #指定host
rules:
- matches:
- headers:
- name: x-canary #定义header
value: "true"
path: #注意这里的path和headers同级
type: PathPrefix
value: /
backendRefs:
- name: dev-demo-canary #写入后端service
kind: Service
port: 8080
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: dev-demo-prod #写入后端service
kind: Service
port: 8080
EOF
3.3.2 验证header发布
不带header
for i in {1..10};do curl http://gatewayapi.demo.com ;sleep 1 ;echo -e ;done
带有header
for i in {1..10};do curl -H "x-canary: true" http://gatewayapi.demo.com ;sleep 1 ;echo -e ;done
评论区