在完成 k8s 上快速部署 go 服務
和 k8s: istio 入門
後, 繼續 膨脹, 使用 go 來實現 istio 提供的 bookinfo 微服務 demo
快速回顧之前的 blog:
涉及到的問題:
簡單實踐步驟:
- 使用 go 重寫 bookinfo 微服務並部署到 k8s 中
- 基於 go 版 bookinfo 微服務, 驗證 istio task
使用 go 重寫 bookinfo 微服務並部署到 k8s 中
先回顧一下 bookinfo 微服務應用的端到端架構:
包含 4 個微服務:
- rating: 書籍評分
- review: 書籍評價, 有 v1/v2/v3 三個版本, 其中 v2/v3 需要調用
rating
服務 - detail: 書籍詳情
- productpage: 書籍產品頁面, 需要調用
review + detail
服務
實現 rating 服務
可以參考 k8s 上 go 服務實戰: 使用 helm 快速構建雲原生應用 快速部署 rating 服務
- go
// rating/main.go
package main
import (
"fmt"
"net/http"
)
func main() {
http.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
fmt.Fprintf(writer, "rating")
})
http.ListenAndServe(":80", nil)
}
- dockerfile
FROM golang:alpine as builder
WORKDIR /
COPY main.go .
RUN go build -o app main.go
FROM alpine
WORKDIR /
COPY --from=builder /app /app
ENTRYPOINT /app
EXPOSE 80
- 使用 alibaba cloudtookit 快速打包上傳鏡像
- helm 快速部署
helm create rating
# 修改 values.yaml
repository: registry.cn-shanghai.aliyuncs.com/daydaygo/istio_bookinfo_rating
# 修改 chart.yml
appVersion: 0.1.1
helm lint --strict rating
helm install rating rating # 部署到 k8s 中
kubectl get pod # 查看 pod
kubectl port-forward $POD_NAME 8081:80 # 開啓 port-forward 測試, 本地端口:pod端口
➜ curl localhost:8081
rating⏎
同理, 實現 productpage
detail
服務
實現 review 服務幷包含 3 個版本
- 實現三個版本的 review 應用
應用名稱 | 鏡像版本 |
---|---|
review-v1 | 0.1.0 |
review-v2 | 0.2.0 |
Review-v3 | 0.3.0 |
- 直接使用 yaml 文件部署( helm 單應用多版本下次繼續折騰)
##################################################################################################
# Reviews service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: review
labels:
app: review
service: review
spec:
ports:
- port: 80
name: http
selector:
app: review
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-review
labels:
account: review
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: review-v1
labels:
app: review
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: review
version: v1
template:
metadata:
labels:
app: review
version: v1
spec:
serviceAccountName: bookinfo-review
containers:
- name: review
image: registry.cn-shanghai.aliyuncs.com/daydaygo/istio_bookinfo_review:0.1.0
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 80
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: review-v2
labels:
app: review
version: v2
spec:
replicas: 1
selector:
matchLabels:
app: review
version: v2
template:
metadata:
labels:
app: review
version: v2
spec:
serviceAccountName: bookinfo-review
containers:
- name: review
image: registry.cn-shanghai.aliyuncs.com/daydaygo/istio_bookinfo_review:0.2.0
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 80
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: review-v3
labels:
app: review
version: v3
spec:
replicas: 1
selector:
matchLabels:
app: review
version: v3
template:
metadata:
labels:
app: review
version: v3
spec:
serviceAccountName: bookinfo-review
containers:
- name: review
image: registry.cn-shanghai.aliyuncs.com/daydaygo/istio_bookinfo_review:0.3.0
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 80
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
- 部署到 k8s 中
kubectl apply -f review.yaml
kubectl get pod
# 重複驗證各個 pod
kubectl port-forward $POD_NAME 8081:80 # 開啓 port-forward 測試, 本地端口:pod端口
➜ curl localhost:8081
review-v1⏎
基於 go 版 bookinfo 微服務, 驗證 istio task
- istio task 文檔: https://github.com/istio/istio.io/content/en/docs/tasks
- task 都可以在 istio sample 找到例子: https://github.com/istio/istio/samples
# istio.io/content/en/docs/tasks
➜ tasks git:(master) tree -d
.
├── observability
│ ├── distributed-tracing
│ │ ├── configurability
│ │ ├── jaeger
│ │ ├── lightstep
│ │ ├── overview
│ │ └── zipkin
│ ├── gateways
│ ├── kiali
│ ├── logs
│ │ └── access-log
│ └── metrics
│ ├── classify-metrics
│ ├── customize-metrics
│ ├── querying-metrics
│ ├── tcp-metrics
│ └── using-istio-dashboard
├── security
│ ├── authentication
│ │ ├── authn-policy
│ │ └── mtls-migration
│ ├── authorization
│ │ ├── authz-deny
│ │ ├── authz-http
│ │ ├── authz-ingress
│ │ ├── authz-jwt
│ │ ├── authz-tcp
│ │ └── authz-td-migration
│ └── cert-management
│ ├── dns-cert
│ └── plugin-ca-cert
└── traffic-management
├── circuit-breaking
├── egress
│ ├── egress-control
│ ├── egress-gateway
│ ├── egress-gateway-tls-origination
│ ├── egress-gateway-tls-origination-sds
│ ├── egress-kubernetes-services
│ ├── egress-tls-origination
│ ├── http-proxy
│ └── wildcard-egress-hosts
├── fault-injection
├── ingress
│ ├── ingress-control
│ ├── ingress-sni-passthrough
│ ├── kubernetes-ingress
│ └── secure-ingress
├── mirroring
├── request-routing
├── request-timeouts
├── tcp-traffic-shifting
└── traffic-shifting
53 directories
寫在最後
istio 幾乎涵蓋了 服務治理/流量控制 的方方面面, 作爲服務治理層的基礎設施 完全夠用, 問題開始從 行不行, 轉向 用哪些, 讓 業務層/devops工作流/k8s基礎設施 用起來更爽
還需要解決的問題:
- helm 對單應用多版本的支持, 比如 review 應用是通一個 srv, 多個 deploy
- k8s/helm 發佈對服務間依賴的支持, 比如 A 服務必須依賴 B 服務更新後才能更新