In this post, we've put together tips and tricks worth exploring before migrating your apps to the OpenShift Service Mesh (OSSM). If you have never encountered Service Mesh before, you can start by taking a look at the OSSM page on the Red Hat website and reading about how Istio is implemented on the OpenShift platform .
Once you start exploring Istio, you will most likely come across the bookinfo application , which is almost universally used as a visual aid, or the more advanced version of the Travel Agency application . By analyzing these and other examples, you can better understand how the mesh-mesh works, and then transfer your applications to it.
First things first
It's worth starting with the official documentation for OpenShift Service Mesh 2.0 (OSSM) , which contains a ton of useful materials, including:
Describes the differences between OSSM and the parent Istio open source project.
Description of how to install OSSM and
Test it with the bookinfo sample application .
Istio v1.6 ( archived versions ).
Kiali v1.24 ( archived versions ).
Jaeger 1.20 .
mesh-, Istio. release notes , Red Hat OSSM.
, mesh- - Bookinfo. , .
, mesh- – , sidecar’ Envoy pod’ . OSSM .
, , ingress- Bookinfo, , OpenShift, .
, Istio , . , Protocol Selection app and version labels Pods and Services.
. , sidecar’ Istio, Kiali. , (. ). ? Kiali Istio , , TCP, HTTP.
Istio , . Istio , (plain) TCP. - , Kubernetes Service . , Protocol Selection.
, , Kubernetes Service. spec -> ports -> name. "name: http" A, B C, HTTP.
Kiali
Kiali – , OpenShift Service Mesh. , , mesh-.
Kiali , Istio, , mesh-. Kiali.
Kiali , , mesh-. Istio , Kiali .
Kiali , FAQ. , :
– (label). Istio, Kiali, , , , - Bookinfo, « ».
app version – , , Istio Kiali Jaeger.
Kiali – , mesh-, , .
Jaeger-
mesh- , , , 50%, , 100%, , . Jaeger Kiali , .
, , sample rate 100% ( : 10000 = 100%).
ServiceMeshControlPlane ( basic-install) Control Plane ( istio-system) :
spec:
tracing:
sampling: 10000 # 100%
, .
Jaeger , , (trace headers).
, ( ) mesh-. OSSM span’ (trace). , . , span – (, «-»). – , , mesh-, , , , . – – OSSM.
, OSSM span’ ( ) Istio, – . (distributed traces) , , trace- . , . , Envoy-, ( ingress-).
:
x-request-id
x-b3-traceid
x-b3-spanid
x-b3-parentspanid
x-b3-sampled
x-b3-flags
x-ot-span-context
trace- Java:
HttpHeaders upstreamHttpHeaders = new HttpHeaders();
if (downstreamHttpHeaders.getHeader(headerName: "x-request-id") != null)
upstreamHttpHeaders.set("x-request-id", downstreamHttpHeaders.getHeader( headerName: "x-request-id"));
: .
Kiali YAML
yaml- – , yaml , . , Kiali , .
Istio- Kiali-
, , Kiali, Services.
YAML-
Kiali YAML Istio , .
, Kiali ( ) . , Kiali . , , , . , "node=unknown" Kiali.
/ ( ) TLS , mesh- HTTP . Envoy-.
TLS, Istio Kiali TCP.
, HTTP, HTTPS.
mesh- (. « »).
.
Service Mesh , , - . , :
, HTTPS-.
.
.
, mesh- . , -. :
– () , , mesh-.
Service
, Kubernetes Service, OpenShift Routes.
, OpenShift Routes ( ingress ) . mesh-, / , OpenShift Route Kubernetes Service.
(fallback)
, , -. Envoy- , , , . (fallback), , , Envoy- .
Envoy- , , mesh-.
, mesh-. mesh- , , ? . Service Mesh .
OSSM. , Istio Kiali, TLS origination egress-.
Istio, :
( , Mutual TLS).
.
Circuit breaker’.
.
OpenShift Service Mesh , mesh-, , , , . OpenShift, , . – , , , , A/B- .. , OpenShift, . , , .