准备环境
创建一个服务两个版本
[root@ip-172-17-11-227 ~]# cat blue.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: demoapp
spec:
template:
metadata:
name: demoapp-01
spec:
containers:
#- image: gcr.io/knative-samples/helloworld-go
- image: ikubernetes/helloworld-go
ports:
- containerPort: 8080
env:
- name: TARGET
value: "blue"
[root@ip-172-17-11-227 ~]# cat green.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: demoapp
spec:
template:
metadata:
name: demoapp-02
spec:
containers:
#- image: gcr.io/knative-samples/helloworld-go
- image: ikubernetes/helloworld-go
ports:
- containerPort: 8080
env:
- name: TARGET
value: "green"
[root@ip-172-17-11-227 ~]# kubectl apply -f blue.yaml -f green.yaml
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation, spec.template.spec.containers[0].securityContext.capabilities, spec.template.spec.containers[0].securityContext.runAsNonRoot, spec.template.spec.containers[0].securityContext.seccompProfile
service.serving.knative.dev/demoapp created
service.serving.knative.dev/demoapp configured可以看到流量都在最新版本
[root@ip-172-17-11-227 ~]# kn service list
NAME URL LATEST AGE CONDITIONS READY REASON
demoapp http://demoapp.yht.com demoapp-02 7s 3 OK / 3 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-02 demoapp 100% 2 35s 4 OK / 4 True
demoapp-01 demoapp 1 35s 4 OK / 4 True 通过命令行管理流量
[root@ip-172-17-11-227 ~]# kn service update demoapp --traffic demoapp-02=50 --traffic demoapp-01=50
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation, spec.template.spec.containers[0].securityContext.capabilities, spec.template.spec.containers[0].securityContext.runAsNonRoot, spec.template.spec.containers[0].securityContext.seccompProfile
Updating Service 'demoapp' in namespace 'default':
0.060s The Route is still working to reflect the latest desired specification.
0.109s Ingress has not yet been reconciled.
0.159s Waiting for load balancer to be ready
0.378s Ready to serve.
Service 'demoapp' with latest revision 'demoapp-02' (unchanged) is available at URL:
http://demoapp.yht.com验证流量
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-02 demoapp 50% 2 4m23s 3 OK / 4 True
demoapp-01 demoapp 50% 1 4m23s 3 OK / 4 True
[root@ip-172-17-11-227 ~]# curl https://demoapp.yht.com
Hello blue!
[root@ip-172-17-11-227 ~]# curl https://demoapp.yht.com
Hello green!
[root@ip-172-17-11-227 ~]# curl https://demoapp.yht.com
Hello blue!
[root@ip-172-17-11-227 ~]# 通过资源清单管理流量
创建新版本并配置流量
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: demoapp
spec:
template:
#metadata:
# name: demoapp-01 # 不配置name则会通过自动配置成demoapp-00003
spec:
containers:
#- image: gcr.io/knative-samples/helloworld-go
- image: ikubernetes/helloworld-go
ports:
- containerPort: 8080
env:
- name: TARGET
value: "red"
traffic:
- latestRevision: true
percent: 0
- revisionName: demoapp-02
percent: 70
- revisionName: demoapp-01
percent: 30验证流量
[root@ip-172-17-11-227 ~]# kubectl apply -f c.yaml
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation, spec.template.spec.containers[0].securityContext.capabilities, spec.template.spec.containers[0].securityContext.runAsNonRoot, spec.template.spec.containers[0].securityContext.seccompProfile
service.serving.knative.dev/demoapp configured
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-00003 demoapp 3 6s 4 OK / 4 True
demoapp-02 demoapp 70% 2 14m 3 OK / 4 True
demoapp-01 demoapp 30% 1 14m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# 更新KService时触发的操作
◆更新spec.template部分,将创建一个新的revision
⚫ 一个KService下可能同时存在多个revision,其中有一个是为Latest Revision
⚫ 默认情况下,Latest Revision接收该Service收到的全部请求
⚫ 也可以为不同的Revision指定不同的流量比例
◆更新spec.traffic部分,其Route将被修改
每创建一个service,service名字不需要改变,因为都是同一个服务,但是template.metadata.name每一次更新都需要更改名字,每一次变更都会根据这个名字创建一个新的Revision
注意: 只template部分字段更新了,才会创建一个新的revision出来
traffic 字段
traffic字段是列表型数据,每个列表项代表一个路由配置;
percent:该路由项切分到的流量比例
lastestRevision: 显示指定最新版本的revision,与revisionName字段互斥
configuationName: 流量的目标configuration,实际接收流量的为其最新版的revision
revisionName: 流量的目标revision
通过标签访问指定revision
路由标签能够为特定的路由项创建基于tag的目标地址
附带的tag的路由项指向的Revision,可通过<tag-name>-<route-name>.<namespace>.<domain>的格式访问
无tag的路由项,仅可通过<route-name>.<namespace>.<domain>的格式访问
kn service update demoapp --tag demoapp-02=green查看vs看到多了一个访问入口
[root@ip-172-17-11-227 ~]# kubectl get vs
NAME GATEWAYS HOSTS AGE
demoapp-ingress ["default/demoapp-3797421420","knative-serving/knative-local-gateway"] ["demoapp.default","demoapp.default.svc","demoapp.default.svc.cluster.local","demoapp.yht.com","green-demoapp.default","green-demoapp.default.svc","green-demoapp.default.svc.cluster.local","green-demoapp.yht.com"] 36m
demoapp-mesh ["mesh"] ["demoapp.default","demoapp.default.svc","demoapp.default.svc.cluster.local","green-demoapp.default","green-demoapp.default.svc","green-demoapp.default.svc.cluster.local"] 36m
demoapp.yht.com-ingress ["default/1538132039-3797421420","default/wildcard-53c2106b"] ["demoapp.yht.com"] 4h1m
[root@ip-172-17-11-227 ~]# 验证访问
随机进入一个pod里面访问
sh-4.2# curl green-demoapp.default.svc.cluster.local
Hello green!
sh-4.2# curl green-demoapp.default.svc.cluster.local
Hello green!
sh-4.2# curl green-demoapp.default.svc.cluster.local
Hello green!删除标签
[root@ip-172-17-11-227 ~]# kn service update demoapp untag green
Error: flag(s) not set
Usage: update NAME
Run 'kn --help' for usage
[root@ip-172-17-11-227 ~]# kn service update demoapp --untag green
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation, spec.template.spec.containers[0].securityContext.capabilities, spec.template.spec.containers[0].securityContext.runAsNonRoot, spec.template.spec.containers[0].securityContext.seccompProfile
Updating Service 'demoapp' in namespace 'default':
0.034s The Route is still working to reflect the latest desired specification.
0.083s Ingress has not yet been reconciled.
0.152s Waiting for load balancer to be ready
0.343s Ready to serve.
Service 'demoapp' with latest revision 'demoapp-00003' (unchanged) is available at URL:
http://demoapp.yht.com
[root@ip-172-17-11-227 ~]# 通过资源清单创建标签
定义了一个yellow标签
[root@ip-172-17-11-227 ~]# cat c.yaml
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: demoapp
spec:
template:
spec:
containers:
- image: ikubernetes/helloworld-go
ports:
- containerPort: 8080
env:
- name: TARGET
value: "yellow"
traffic:
- latestRevision: true
percent: 20
tag: yellow
- revisionName: demoapp-00003
percent: 10
- revisionName: demoapp-02
percent: 40
- revisionName: demoapp-01
percent: 30查看验证
[root@ip-172-17-11-227 ~]# kubectl get vs
NAME GATEWAYS HOSTS AGE
demoapp-ingress ["default/demoapp-3797421420","knative-serving/knative-local-gateway"] ["demoapp.default","demoapp.default.svc","demoapp.default.svc.cluster.local","demoapp.yht.com","yellow-demoapp.default","yellow-demoapp.default.svc","yellow-demoapp.default.svc.cluster.local","yellow-demoapp.yht.com"] 49m
demoapp-mesh ["mesh"] ["demoapp.default","demoapp.default.svc","demoapp.default.svc.cluster.local","yellow-demoapp.default","yellow-demoapp.default.svc","yellow-demoapp.default.svc.cluster.local"] 49m
demoapp.yht.com-ingress ["default/1538132039-3797421420","default/wildcard-53c2106b"] ["demoapp.yht.com"] 4h14m
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-00004 demoapp 20% yellow 4 5m5s 4 OK / 4 True
demoapp-00003 demoapp 10% 3 35m 3 OK / 4 True
demoapp-02 demoapp 40% 2 49m 3 OK / 4 True
demoapp-01 demoapp 30% 1 49m 3 OK / 4 True
sh-4.2# curl yellow-demoapp.default.svc.cluster.local
Hello yellow!
sh-4.2# curl yellow-demoapp.default.svc.cluster.local
Hello yellow!
sh-4.2# curl yellow-demoapp.default.svc.cluster.local
Hello yellow!配置流量逐步迁移
在KService或Route上使用“serving.knative.dev/rollout-duration”注解来指定流量迁移过程的时长
配置此项目的因为之前切换流量这可能会导致QP或Activator的请求队列过长,以至于部分请求可能会被拒绝
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: demoapp
annotations:
serving.knative.dev/rollout-duration: "30s"
spec:
template:
metadata:
name: demoapp-05
spec:
containers:
- image: ikubernetes/helloworld-go
ports:
- containerPort: 8080
env:
- name: TARGET
value: "rollout-deuration"可以看到最后流量在30s之内全部迁移完成
[root@ip-172-17-11-227 ~]# kubectl apply -f c.yaml
Warning: Kubernetes default value is insecure, Knative may default this to secure in a future release: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation, spec.template.spec.containers[0].securityContext.capabilities, spec.template.spec.containers[0].securityContext.runAsNonRoot, spec.template.spec.containers[0].securityContext.seccompProfile
service.serving.knative.dev/demoapp configured
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 16% 5 8s 4 OK / 4 True
demoapp-00004 demoapp 84% 4 12m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 57m 3 OK / 4 True
demoapp-01 demoapp 1 57m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 31% 5 13s 4 OK / 4 True
demoapp-00004 demoapp 69% 4 12m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 57m 3 OK / 4 True
demoapp-01 demoapp 1 57m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 34% 5 15s 4 OK / 4 True
demoapp-00004 demoapp 66% 4 12m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 57m 3 OK / 4 True
demoapp-01 demoapp 1 57m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 40% 5 16s 4 OK / 4 True
demoapp-00004 demoapp 60% 4 13m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 57m 3 OK / 4 True
demoapp-01 demoapp 1 57m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 43% 5 17s 4 OK / 4 True
demoapp-00004 demoapp 57% 4 13m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 57m 3 OK / 4 True
demoapp-01 demoapp 1 57m 3 OK / 4 True
[root@ip-172-17-11-227 ~]# kn revision list
NAME SERVICE TRAFFIC TAGS GENERATION AGE CONDITIONS READY REASON
demoapp-05 demoapp 100% 5 41s 4 OK / 4 True
demoapp-00004 demoapp 4 13m 3 OK / 4 True
demoapp-00003 demoapp 3 43m 3 OK / 4 True
demoapp-02 demoapp 2 58m 3 OK / 4 True
demoapp-01 demoapp 1 58m 3 OK / 4 True