ISTIO consuming Microservice using Gateway and Virtual service.

 In previous example we were able to see the version graph for our Microservice components.

http://siddharathadhumale.blogspot.com/2021/06/deploying-different-version-of.html

Also lets try to access our microservice using url i.e. DNS name and using gateway and virtualservice rather than exposing it using port-forward and accessing it using localhost.

Please follow belwo step religiously. We assume you have complete new docker and kubernetes env without installation of ISTIO.

Check istio system have svc for istio-ingressgateway and it should either be having external IP as localhost or ipaddress.
C:\Users\Siddhartha>kubectl -n istio-system get svc istio-ingressgateway

Create Namespce
C:\Users\Siddhartha>kubectl create namespace springboot-application

Label namespace with istio-injection=enabled
C:\Users\Siddhartha>kubectl label namespace springboot-application istio-injection=enabled

Check namespace is labeled properly
C:\Users\Siddhartha>kubectl get ns springboot-application –-show-labels

Apply gateway
C:\Istio-workspace>kubectl apply -f gatewayV1.yaml

Apply Virtual service
C:\Istio-workspace>kubectl apply -f virtual-serviceV1.yaml

Apply Producer-Pod-v1
C:\Istio-workspace>kubectl apply -f springboot-docker-producerV1.yaml

Apply Producer-Pod-v2
C:\Istio-workspace>kubectl apply -f springboot-docker-producerV2.yaml

Apply consumer-Pod-v1
C:\Istio-workspace>kubectl apply -f springboot-docker-consumerV1.yaml

check all containers are in running mode
C:\Istio-workspace>kubectl get all -n springboot-application -o wide

Apply kiali and other add ons
C:\Users\Siddhartha>kubectl apply -f C:\istio-1.10.1\samples\addons

Get all svc for istio-system.
C:\Istio-workspace>kubectl get svc -n istio-system

Check if the required kiali pod is ready to be exposed.
C:\Istio-workspace>kubectl get pod -n istio-system

Open the kiali ui using forward
C:\Users\Siddhartha>kubectl port-forward svc/kiali -n istio-system 20001

• 

• 

Check pod is ready for forwarding
C:\Istio-workspace> kubectl get all -n springboot-application -o wide

Open the Producer-Pod-v1 on browser using forward
C:\Users\Siddhartha>kubectl port-forward 8091:8091 -n springboot-application

Open the consumer-Pod-v1 on browser using forward
C:\Users\Siddhartha>kubectl port-forward 8090:8090 -n springboot-application

• 

• 

Loop the request to check if we are getting he flow chart on Kiali
C:\Users\Siddhartha>curl http://localhost:8090/getEmployee?%5B1-200%5D; sleep 2;

Now lets try to access the same using dns name

Make sure to enter following entries inside your host files
127.0.0.1 mysiddhuweb.example.com

Now lets run C:\Users\Siddhartha>curl http://mysiddhuweb.example.com/getEmployee?%5B1-200%5D; sleep 2;

• 

• 

You can download the code from here

Producer GIT
https://github.com/shdhumale/springboot-docker-producer.git
Consumer
https://github.com/shdhumale/springboot-docker-consumer-version.git
YAML Files
https://github.com/shdhumale/kialiyaml.git

Deploying different version of Microservice in ISTIO for Canary Deployment

Now lets install the producer microservice using different version and do the canary deployement at runtime.
Also lets try to access our microservice using url rather than exposing it using port-forward and accessing it using localhost.

First lets clean our currently installed all pod using below screen.

Again install ISTIO in the system using below command

Step 1:- Install ISTIO.

C:\Users\Siddhartha>istioctl install
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/v1.10/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
! values.global.jwtPolicy is deprecated; use Values.global.jwtPolicy=third-party-jwt. See http://istio.io/latest/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for more information instead
This will install the Istio 1.10.1 profile with [“Istio core” “Istiod” “Ingress gateways”] components into the cluster. Proceed? (y/N) y
 Istio core installed
 Istiod installed
 Ingress gateways installed
 Installation complete

2- Create name space springboot-application

C:\Users\Siddhartha>kubectl create namespace springboot-application
namespace/springboot-application created

Step 3:- Enable/inject ISTIO on this name space
C:\Users\Siddhartha>kubectl label namespace springboot-application istio-injection=enabled

C:\Users\Siddhartha>kubectl get ns springboot-application –-show-labels
NAME STATUS AGE LABELS
springboot-application Active 22m istio-injection=enabled

Step 4:- Execute all the yaml in sequence given below.

kubectl apply -f gateway.yaml

C:\Istio-workspace>kubectl apply -f gateway.yaml
gateway.networking.istio.io/mysiddhuweb-gateway created

kubectl apply -f virtual-service.yaml

C:\Istio-workspace>kubectl apply -f virtual-service.yaml
virtualservice.networking.istio.io/mysiddhuweb-vs created

kubectl apply -f springboot-docker-producerV1.yaml

C:\Istio-workspace>kubectl apply -f springboot-docker-producerV1.yaml
deployment.apps/springboot-docker-producer-v1 created
service/siddhuproducer created

kubectl apply -f springboot-docker-producerV2.yaml

C:\Istio-workspace>kubectl apply -f springboot-docker-producerV2.yaml
deployment.apps/springboot-docker-producer-v2 created
service/siddhuproducer configured

C:\Istio-workspace>

kubectl apply -f springboot-docker-consumer.yaml

C:\Istio-workspace>kubectl apply -f springboot-docker-consumer.yaml
deployment.apps/springboot-docker-consumer created
service/siddhuconsumer created

Check all the needed pod and deployment is ready

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

C:\Istio-workspace>kubectl get all -n springboot-application -o wide NAME                                                 READY   STATUS    RESTARTS   AGE     IP          NODE             NOMINATED NODE   READINESS GATES pod/springboot-docker-consumer-69cd4b98f-8rjvf       2/2     Running   0          22m     10.1.0.23   docker-desktop   <none>           <none> pod/springboot-docker-producer-v1-84f8f77fdc-hwm5m   2/2     Running   0          3m48s   10.1.0.28   docker-desktop   <none>           <none> pod/springboot-docker-producer-v2-7bd9d8bfdb-s7lpm   2/2     Running   0          3m57s   10.1.0.27   docker-desktop   <none>           <none>   NAME                     TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE     SELECTOR service/siddhuconsumer   NodePort   10.104.114.27   <none>        8090:30724/TCP   22m     component=springboot-docker-consumer service/siddhuproducer   NodePort   10.107.187.57   <none>        8091:31655/TCP   3m47s   component=siddhuproducer   NAME                                            READY   UP-TO-DATE   AVAILABLE   AGE     CONTAINERS                   IMAGES                                        SELECTOR deployment.apps/springboot-docker-consumer      1/1     1            1           22m     springboot-docker-consumer   shdhumale/springboot-docker-consumer:latest   component=springboot-docker-consumer deployment.apps/springboot-docker-producer-v1   1/1     1            1           3m49s   siddhuproducer               shdhumale/springboot-docker-producer:latest   component=siddhuproducer,version=v1 deployment.apps/springboot-docker-producer-v2   1/1     1            1           3m57s   siddhuproducer               shdhumale/springboot-docker-producer:latest   component=siddhuproducer,version=v2   NAME                                                       DESIRED   CURRENT   READY   AGE     CONTAINERS                   IMAGES                                        SELECTOR replicaset.apps/springboot-docker-consumer-69cd4b98f       1         1         1       22m     springboot-docker-consumer   shdhumale/springboot-docker-consumer:latest   component=springboot-docker-consumer,pod-template-hash=69cd4b98f replicaset.apps/springboot-docker-producer-v1-84f8f77fdc   1         1         1       3m49s   siddhuproducer               shdhumale/springboot-docker-producer:latest   component=siddhuproducer,pod-template-hash=84f8f77fdc,version=v1 replicaset.apps/springboot-docker-producer-v2-7bd9d8bfdb   1         1         1       3m57s   siddhuproducer               shdhumale/springboot-docker-producer:latest   component=siddhuproducer,pod-template-hash=7bd9d8bfdb,version=v2

Now lets install Kaili again (as we have deleted all the pod in the K8 env.)

Now lets apply all this kubernetes yml file as shown below

C:\Users\Siddhartha>kubectl apply -f C:\istio-1.10.1\samples\addons
serviceaccount/grafana unchanged
configmap/grafana unchanged
service/grafana unchanged
deployment.apps/grafana configured
configmap/istio-grafana-dashboards configured
configmap/istio-services-grafana-dashboards configured
deployment.apps/jaeger unchanged
service/tracing unchanged
service/zipkin unchanged
service/jaeger-collector unchanged
customresourcedefinition.apiextensions.k8s.io/monitoringdashboards.monitoring.kiali.io unchanged
serviceaccount/kiali unchanged
configmap/kiali unchanged
clusterrole.rbac.authorization.k8s.io/kiali-viewer unchanged
clusterrole.rbac.authorization.k8s.io/kiali unchanged
clusterrolebinding.rbac.authorization.k8s.io/kiali unchanged
role.rbac.authorization.k8s.io/kiali-controlplane unchanged
rolebinding.rbac.authorization.k8s.io/kiali-controlplane unchanged
service/kiali unchanged
deployment.apps/kiali unchanged
monitoringdashboard.monitoring.kiali.io/envoy created
monitoringdashboard.monitoring.kiali.io/go created
monitoringdashboard.monitoring.kiali.io/kiali created
monitoringdashboard.monitoring.kiali.io/micrometer-1.0.6-jvm-pool created
monitoringdashboard.monitoring.kiali.io/micrometer-1.0.6-jvm created
monitoringdashboard.monitoring.kiali.io/micrometer-1.1-jvm created
monitoringdashboard.monitoring.kiali.io/microprofile-1.1 created
monitoringdashboard.monitoring.kiali.io/microprofile-x.y created
monitoringdashboard.monitoring.kiali.io/nodejs created
monitoringdashboard.monitoring.kiali.io/quarkus created
monitoringdashboard.monitoring.kiali.io/springboot-jvm-pool created
monitoringdashboard.monitoring.kiali.io/springboot-jvm created
monitoringdashboard.monitoring.kiali.io/springboot-tomcat created
monitoringdashboard.monitoring.kiali.io/thorntail created
monitoringdashboard.monitoring.kiali.io/tomcat created
monitoringdashboard.monitoring.kiali.io/vertx-client created
monitoringdashboard.monitoring.kiali.io/vertx-eventbus created
monitoringdashboard.monitoring.kiali.io/vertx-jvm created
monitoringdashboard.monitoring.kiali.io/vertx-pool created
monitoringdashboard.monitoring.kiali.io/vertx-server created
serviceaccount/prometheus unchanged
configmap/prometheus unchanged
clusterrole.rbac.authorization.k8s.io/prometheus unchanged
clusterrolebinding.rbac.authorization.k8s.io/prometheus unchanged
service/prometheus unchanged
deployment.apps/prometheus configured

now lets check how many pods we were havig in istio-system name space

C:\Users\Siddhartha>kubectl get pod -n istio-system

C:\Istio-workspace>kubectl get pod -n istio-system
NAME READY STATUS RESTARTS AGE
grafana-f766d6c97-5hfzb 1/1 Running 0 2m43s
istio-ingressgateway-f6c955cd8-ddqrj 1/1 Running 0 34m
istiod-58bb7c6644-9b746 1/1 Running 0 34m
jaeger-7f78b6fb65-k4lkk 1/1 Running 0 2m41s
kiali-85c8cdd5b5-hpvjg 1/1 Running 0 2m33s
prometheus-69f7f4d689-b7d8j 2/2 Running 0 2m29s

Now as shown above in past we have only 2 pod istiod-58bb7c6644-9b746 and istio-ingressgateway-f6c955cd8-ddqrj but now we have all other pod for respective yml files running in name space istio-system.

Please refer to the documentation and see what these pod do for you in ISTIO. prometheus, kiali, jaeger and grafana

first get the service and then do port-forward kiali port forward and open it into the browser so that we can access it url.

C:\Users\Siddhartha>kubectl get svc -n istio-system

1 2 3 4 5 6 7 8 9 10

C:\Istio-workspace>kubectl get svc -n istio-system NAME                   TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                                      AGE grafana                ClusterIP      10.96.46.104     <none>        3000/TCP                                     3m59s istio-ingressgateway   LoadBalancer   10.106.84.31     localhost     15021:31151/TCP,80:30460/TCP,443:30605/TCP   35m istiod                 ClusterIP      10.107.144.198   <none>        15010/TCP,15012/TCP,443/TCP,15014/TCP        36m jaeger-collector       ClusterIP      10.109.203.98    <none>        14268/TCP,14250/TCP                          3m53s kiali                  ClusterIP      10.102.10.121    <none>        20001/TCP,9090/TCP                           3m49s prometheus             ClusterIP      10.102.223.81    <none>        9090/TCP                                     3m46s tracing                ClusterIP      10.109.55.179    <none>        80/TCP                                       3m56s zipkin                 ClusterIP      10.101.234.9     <none>        9411/TCP                                     3m54s

Now lets do port-forward for kiali so that we can see the graphs.

C:\Users\Siddhartha>kubectl port-forward svc/kiali -n istio-system 20001
Forwarding from 127.0.0.1:20001 -> 20001
Forwarding from [::1]:20001 -> 20001

Now lets try to do first port-forward for producer and consumer to see the graph on kiali.

Now lets check we are able to access our producer and consumer using forward port

C:\Istio-workspace>kubectl get pod -n springboot-application
NAME READY STATUS RESTARTS AGE
springboot-docker-consumer-69cd4b98f-8rjvf 2/2 Running 0 24m
springboot-docker-producer-v1-84f8f77fdc-hwm5m 2/2 Running 0 5m7s
springboot-docker-producer-v2-7bd9d8bfdb-s7lpm 2/2 Running 0 5m16s

Lets check if producer v1 microservice is working
kubectl port-forward springboot-docker-producer-v1-84f8f77fdc-hwm5m 8091:8091 -n springboot-application

C:\Users\Siddhartha>kubectl port-forward springboot-docker-producer-v1-84f8f77fdc-hwm5m 8091:8091 -n springboot-application
Forwarding from 127.0.0.1:8091 -> 8091
Forwarding from [::1]:8091 -> 8091

C:\Users\Siddhartha>kubectl port-forward springboot-docker-consumer-69cd4b98f-8rjvf 8090:8090 -n springboot-application
Forwarding from 127.0.0.1:8090 -> 8090
Forwarding from [::1]:8090 -> 8090

Note:- To see the traffic flow you need to execute the url in loop so use below comments

C:\Users\Siddhartha>curl http://localhost:8090/getEmployee?%5B1-200%5D; sleep 2;

You will be able to see the graph with our two different version of producer.

Code:-

1- gateway.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata:   name: mysiddhuweb-gateway   namespace: springboot-application spec:   selector:     istio: ingressgateway   servers:   - port:       number: 80            name: http       protocol: HTTP     hosts:     - "mysiddhuweb.example.com"

2- virtual-service.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata:   name: mysiddhuweb-vs   namespace: springboot-application spec:   hosts:   - "mysiddhuweb.example.com"   gateways:   - mysiddhuweb-gateway   http:   - route:       - destination:           host: siddhuconsumer           port:             number: 8090

3- springboot-docker-consumer.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-consumer   namespace: springboot-application   labels:    app: springboot-docker-consumer  spec:   selector:     matchLabels:       component: springboot-docker-consumer   template:     metadata:       labels:         component: springboot-docker-consumer     spec:       containers:       - name: springboot-docker-consumer         image: shdhumale/springboot-docker-consumer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8090           name: http           protocol: TCP      ---   apiVersion: v1 kind: Service metadata:   name: siddhuconsumer   namespace: springboot-application   labels:     service: springboot-docker-consumer spec:   type: NodePort   selector:     component: springboot-docker-consumer   ports:   - name: http     port: 8090     targetPort: 8090

4- springboot-docker-producerV1.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46

apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-producer-v1   namespace: springboot-application   labels:    app: siddhuproducer    version: v1 spec:   selector:     matchLabels:       component: siddhuproducer       version: v1   template:     metadata:       labels:         component: siddhuproducer         version: v1     spec:       containers:       - name: siddhuproducer         image: shdhumale/springboot-docker-producer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8091           name: http           protocol: TCP      ---   apiVersion: v1 kind: Service metadata:   name: siddhuproducer   namespace: springboot-application   labels:     service: siddhuproducer spec:   type: NodePort   selector:     component: siddhuproducer   ports:   - name: http     port: 8091     targetPort: 8091

5- springboot-docker-producerV2.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-producer-v2   namespace: springboot-application   labels:    app: siddhuproducer    version: v2 spec:   selector:     matchLabels:       component: siddhuproducer       version: v2   template:     metadata:       labels:         component: siddhuproducer         version: v2     spec:       containers:       - name: siddhuproducer         image: shdhumale/springboot-docker-producer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8091           name: http           protocol: TCP

5- all-in-one-with-version.yaml

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154

apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata:   name: mysiddhuweb-gateway   namespace: springboot-application spec:   selector:     istio: ingressgateway   servers:   - port:       number: 80       name: http       protocol: HTTP     hosts:     - "mysiddhuweb.example.com" ---   apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata:   name: mysiddhuweb-vs   namespace: springboot-application spec:   hosts:   - "mysiddhuweb.example.com"   gateways:   - mysiddhuweb-gateway   http:   - route:       - destination:           host: siddhuconsumer           port:             number: 8090 ---   apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-producer-v1   namespace: springboot-application   labels:    app: siddhuproducer    version: v1 spec:   selector:     matchLabels:       component: siddhuproducer       version: v1   template:     metadata:       labels:         component: siddhuproducer         version: v1     spec:       containers:       - name: siddhuproducer         image: shdhumale/springboot-docker-producer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8091           name: http           protocol: TCP      ---   apiVersion: v1 kind: Service metadata:   name: siddhuproducer   namespace: springboot-application   labels:     service: siddhuproducer spec:   type: NodePort   selector:     component: siddhuproducer   ports:   - name: http     port: 8091     targetPort: 8091 ---   apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-producer-v2   namespace: springboot-application   labels:    app: siddhuproducer    version: v2 spec:   selector:     matchLabels:       component: siddhuproducer       version: v2   template:     metadata:       labels:         component: siddhuproducer         version: v2     spec:       containers:       - name: siddhuproducer         image: shdhumale/springboot-docker-producer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8091           name: http           protocol: TCP --- apiVersion: apps/v1 kind: Deployment metadata:   name: springboot-docker-consumer   namespace: springboot-application spec:   selector:     matchLabels:       component: springboot-docker-consumer   template:     metadata:       labels:         component: springboot-docker-consumer     spec:       containers:       - name: springboot-docker-consumer         image: shdhumale/springboot-docker-consumer:latest         env:         - name: discovery.type           value: single-node         ports:         - containerPort: 8090           name: http           protocol: TCP      ---   apiVersion: v1 kind: Service metadata:   name: siddhuconsumer   namespace: springboot-application   labels:     service: springboot-docker-consumer spec:   type: NodePort   selector:     component: springboot-docker-consumer   ports:   - name: http     port: 8090     targetPort: 8090

https://github.com/shdhumale/kialiyaml.git