├── argo
├── assets
│ ├── .DS_Store
│ ├── subsets.png
│ ├── topology.png
│ └── service-metrics.png
├── rollout
│ ├── analysis.yaml
│ └── rollout.yaml
├── tsb-bridged
│ └── conf.yaml
├── tsb
│ └── conf.yaml
└── README.md
├── application
├── namespace.yaml
└── bookinfo.yaml
├── flagger
├── canary
│ └── canary.yaml
└── tsb
│ └── conf.yaml
└── README.md
/argo/assets/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tetratelabs/tsb-gitops-demo/main/argo/assets/.DS_Store
--------------------------------------------------------------------------------
/argo/assets/subsets.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tetratelabs/tsb-gitops-demo/main/argo/assets/subsets.png
--------------------------------------------------------------------------------
/argo/assets/topology.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tetratelabs/tsb-gitops-demo/main/argo/assets/topology.png
--------------------------------------------------------------------------------
/argo/assets/service-metrics.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tetratelabs/tsb-gitops-demo/main/argo/assets/service-metrics.png
--------------------------------------------------------------------------------
/application/namespace.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: bookinfo
5 | labels:
6 | istio-injection: enabled
--------------------------------------------------------------------------------
/argo/rollout/analysis.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: AnalysisTemplate
3 | metadata:
4 | name: apdex
5 | spec:
6 | args:
7 | - name: service-name
8 | metrics:
9 | - name: apdex
10 | interval: 5m
11 | successCondition: "all(result.service_apdex.values.values, {asFloat(.value) >= 9900})"
12 | failureLimit: 3
13 | provider:
14 | skywalking:
15 | interval: 3m
16 | address: http://oap.istio-system:12800
17 | query: |
18 | query queryData($duration: Duration!) {
19 | service_apdex: readMetricsValues(
20 | condition: { name: "service_apdex", entity: { scope: Service, serviceName: "{{ args.service-name }}", normal: true } },
21 | duration: $duration) {
22 | label values { values { value } }
23 | }
24 | }
--------------------------------------------------------------------------------
/flagger/canary/canary.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: flagger.app/v1beta1
2 | kind: Canary
3 | metadata:
4 | name: reviews-rollout
5 | namespace: bookinfo
6 | spec:
7 | # deployment reference
8 | targetRef:
9 | apiVersion: apps/v1
10 | kind: Deployment
11 | name: reviews
12 | # the maximum time in seconds for the canary deployment
13 | # to make progress before it is rollback (default 600s)
14 | progressDeadlineSeconds: 60
15 | service:
16 | # service port number
17 | port: 9080
18 | analysis:
19 | # schedule interval (default 60s)
20 | interval: 1m
21 | # max number of failed metric checks before rollback
22 | threshold: 5
23 | # max traffic percentage routed to canary
24 | # percentage (0-100)
25 | maxWeight: 50
26 | # canary increment step
27 | # percentage (0-100)
28 | stepWeight: 10
29 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # TSB GitOps Demo
2 |
3 | This repository demonstrates TSB GitOps support integrated with ArgoCD, ArgoRollout, FluxCD & SkyWalking for canary deployments and progressive delivery automation.
4 |
5 | ### Application
6 |
7 | Istio's [bookinfo](application/) app has been used as a sample application.
8 |
9 | ### Argo Integration
10 |
11 | [Argo](argo/) demonstrates canary deployments integrations and auto promotion using [Argo Rollouts](https://argoproj.github.io/argo-rollouts/) & [SkyWalking](https://skywalking.apache.org/)
12 |
13 | ### Flagger Integration
14 |
15 | [Flagger](flagger/) demonstrates canary deployments integrations using [Flagger](https://docs.flagger.app/tutorials/istio-progressive-delivery)
16 |
17 | ### Repo Structure
18 |
19 | ```
20 | .
21 | ├── README.md
22 | ├── application
23 | │ ├── bookinfo.yaml
24 | │ └── namespace.yaml
25 | ├── argo
26 | │ ├── README.md
27 | │ ├── rollout
28 | │ │ ├── analysis.yaml
29 | │ │ └── rollout.yaml
30 | │ └── tsb
31 | │ └── conf.yaml
32 | └── flagger
33 | ├── canary
34 | │ └── canary.yaml
35 | └── tsb
36 | └── conf.yaml
37 | ```
38 |
--------------------------------------------------------------------------------
/argo/rollout/rollout.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: argoproj.io/v1alpha1
2 | kind: Rollout
3 | metadata:
4 | name: reviews-rollout
5 | spec:
6 | replicas: 5
7 | selector:
8 | matchLabels:
9 | app: reviews
10 | workloadRef:
11 | apiVersion: apps/v1
12 | kind: Deployment
13 | name: reviews
14 | strategy:
15 | canary:
16 | analysis:
17 | templates:
18 | - templateName: apdex
19 | startingStep: 2
20 | args:
21 | - name: service-name
22 | value: canary|reviews|bookinfo|cp-cluster-1|-
23 | canaryMetadata:
24 | annotations:
25 | version: canary
26 | labels:
27 | version: canary
28 | service.istio.io/canonical-revision: canary
29 | stableMetadata:
30 | annotations:
31 | version: stable
32 | labels:
33 | version: stable
34 | service.istio.io/canonical-revision: stable
35 | trafficRouting:
36 | istio:
37 | virtualService:
38 | name: reviews
39 | destinationRule:
40 | name: reviews
41 | canarySubsetName: canary
42 | stableSubsetName: stable
43 | steps:
44 | - setWeight: 10
45 | - pause: {duration: 10m}
46 | - setWeight: 20
47 | - pause: {duration: 5m}
48 | - setWeight: 40
49 | - pause: {duration: 5m}
50 | - setWeight: 60
51 | - pause: {duration: 5m}
52 | - setWeight: 80
53 | - pause: {duration: 5m}
54 |
--------------------------------------------------------------------------------
/argo/tsb-bridged/conf.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: List
3 | items:
4 | - apiVersion: tsb.tetrate.io/v2
5 | kind: Tenant
6 | metadata:
7 | name: bookinfo
8 | annotations:
9 | tsb.tetrate.io/organization: tetrate
10 | spec:
11 | displayName: bookinfo
12 | - apiVersion: tsb.tetrate.io/v2
13 | kind: Workspace
14 | metadata:
15 | name: bookinfo-ws
16 | annotations:
17 | tsb.tetrate.io/organization: tetrate
18 | tsb.tetrate.io/tenant: bookinfo
19 | spec:
20 | namespaceSelector:
21 | names:
22 | - "cp-cluster-1/bookinfo"
23 | - apiVersion: gateway.tsb.tetrate.io/v2
24 | kind: Group
25 | metadata:
26 | name: bookinfo-gateway
27 | annotations:
28 | tsb.tetrate.io/organization: tetrate
29 | tsb.tetrate.io/tenant: bookinfo
30 | tsb.tetrate.io/workspace: bookinfo-ws
31 | spec:
32 | displayName: bookinfo-gateway-group
33 | namespaceSelector:
34 | names:
35 | - "cp-cluster-1/bookinfo"
36 | configMode: BRIDGED
37 | - apiVersion: traffic.tsb.tetrate.io/v2
38 | kind: Group
39 | metadata:
40 | name: bookinfo-traffic
41 | annotations:
42 | tsb.tetrate.io/organization: tetrate
43 | tsb.tetrate.io/tenant: bookinfo
44 | tsb.tetrate.io/workspace: bookinfo-ws
45 | spec:
46 | displayName: bookinfo-traffic-group
47 | namespaceSelector:
48 | names:
49 | - "cp-cluster-1/bookinfo"
50 | configMode: BRIDGED
51 | - apiVersion: security.tsb.tetrate.io/v2
52 | kind: Group
53 | metadata:
54 | name: bookinfo-security
55 | annotations:
56 | tsb.tetrate.io/organization: tetrate
57 | tsb.tetrate.io/tenant: bookinfo
58 | tsb.tetrate.io/workspace: bookinfo-ws
59 | spec:
60 | displayName: bookinfo-security-group
61 | namespaceSelector:
62 | names:
63 | - "cp-cluster-1/bookinfo"
64 | configMode: BRIDGED
65 | - apiVersion: install.tetrate.io/v1alpha1
66 | kind: IngressGateway
67 | metadata:
68 | name: tsb-gateway-bookinfo
69 | spec:
70 | kubeSpec:
71 | service:
72 | type: LoadBalancer
73 | - apiVersion: gateway.tsb.tetrate.io/v2
74 | kind: IngressGateway
75 | metadata:
76 | name: bookinfo-gateway
77 | annotations:
78 | tsb.tetrate.io/organization: tetrate
79 | tsb.tetrate.io/tenant: bookinfo
80 | tsb.tetrate.io/workspace: bookinfo-ws
81 | tsb.tetrate.io/gatewayGroup: bookinfo-gateway
82 | spec:
83 | workloadSelector:
84 | namespace: bookinfo
85 | labels:
86 | app: tsb-gateway-bookinfo
87 | http:
88 | - hostname: bookinfo.tetrate.com
89 | name: tsb-bookinfo
90 | port: 80
91 | routing:
92 | rules:
93 | - match:
94 | - uri:
95 | exact: /productpage
96 | - uri:
97 | prefix: /static
98 | - uri:
99 | exact: /login
100 | - uri:
101 | exact: /logout
102 | - uri:
103 | prefix: /api/v1/products
104 | route:
105 | host: "bookinfo/productpage.bookinfo.svc.cluster.local"
106 | port: 9080
107 | - apiVersion: traffic.tsb.tetrate.io/v2
108 | kind: ServiceRoute
109 | metadata:
110 | name: reviews
111 | annotations:
112 | tsb.tetrate.io/organization: tetrate
113 | tsb.tetrate.io/tenant: bookinfo
114 | tsb.tetrate.io/workspace: bookinfo-ws
115 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
116 | spec:
117 | service: bookinfo/reviews.bookinfo.svc.cluster.local
118 | subsets:
119 | - name: stable
120 | labels:
121 | app: reviews
122 | version: stable
123 | weight: 100
124 | - name: canary
125 | labels:
126 | app: reviews
127 | version: canary
128 | weight: 0
129 |
--------------------------------------------------------------------------------
/application/bookinfo.yaml:
--------------------------------------------------------------------------------
1 | # Copyright Istio Authors
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | ##################################################################################################
16 | apiVersion: v1
17 | kind: Service
18 | metadata:
19 | name: details
20 | labels:
21 | app: details
22 | service: details
23 | spec:
24 | ports:
25 | - port: 9080
26 | name: http
27 | selector:
28 | app: details
29 | ---
30 | apiVersion: v1
31 | kind: ServiceAccount
32 | metadata:
33 | name: bookinfo-details
34 | labels:
35 | account: details
36 | ---
37 | apiVersion: apps/v1
38 | kind: Deployment
39 | metadata:
40 | name: details-v1
41 | labels:
42 | app: details
43 | version: v1
44 | spec:
45 | replicas: 1
46 | selector:
47 | matchLabels:
48 | app: details
49 | version: v1
50 | template:
51 | metadata:
52 | labels:
53 | app: details
54 | version: v1
55 | spec:
56 | serviceAccountName: bookinfo-details
57 | containers:
58 | - name: details
59 | image: docker.io/istio/examples-bookinfo-details-v1:1.16.4
60 | imagePullPolicy: IfNotPresent
61 | ports:
62 | - containerPort: 9080
63 | securityContext:
64 | runAsUser: 1000
65 | ---
66 | ##################################################################################################
67 | # Ratings service
68 | ##################################################################################################
69 | apiVersion: v1
70 | kind: Service
71 | metadata:
72 | name: ratings
73 | labels:
74 | app: ratings
75 | service: ratings
76 | spec:
77 | ports:
78 | - port: 9080
79 | name: http
80 | selector:
81 | app: ratings
82 | ---
83 | apiVersion: v1
84 | kind: ServiceAccount
85 | metadata:
86 | name: bookinfo-ratings
87 | labels:
88 | account: ratings
89 | ---
90 | apiVersion: apps/v1
91 | kind: Deployment
92 | metadata:
93 | name: ratings-v1
94 | labels:
95 | app: ratings
96 | version: v1
97 | spec:
98 | replicas: 1
99 | selector:
100 | matchLabels:
101 | app: ratings
102 | version: v1
103 | template:
104 | metadata:
105 | labels:
106 | app: ratings
107 | version: v1
108 | spec:
109 | serviceAccountName: bookinfo-ratings
110 | containers:
111 | - name: ratings
112 | image: docker.io/istio/examples-bookinfo-ratings-v1:1.16.4
113 | imagePullPolicy: IfNotPresent
114 | ports:
115 | - containerPort: 9080
116 | securityContext:
117 | runAsUser: 1000
118 | ---
119 | ##################################################################################################
120 | # Reviews service
121 | ##################################################################################################
122 | apiVersion: v1
123 | kind: Service
124 | metadata:
125 | name: reviews
126 | labels:
127 | app: reviews
128 | service: reviews
129 | spec:
130 | ports:
131 | - port: 9080
132 | name: http
133 | selector:
134 | app: reviews
135 | ---
136 | apiVersion: v1
137 | kind: ServiceAccount
138 | metadata:
139 | name: bookinfo-reviews
140 | labels:
141 | account: reviews
142 | ---
143 | apiVersion: apps/v1
144 | kind: Deployment
145 | metadata:
146 | name: reviews
147 | labels:
148 | app: reviews
149 | version: stable
150 | spec:
151 | replicas: 1
152 | selector:
153 | matchLabels:
154 | app: reviews
155 | version: stable
156 | template:
157 | metadata:
158 | labels:
159 | app: reviews
160 | version: stable
161 | service.istio.io/canonical-revision: stable
162 | spec:
163 | serviceAccountName: bookinfo-reviews
164 | containers:
165 | - name: reviews
166 | image: docker.io/istio/examples-bookinfo-reviews-v1:1.16.4
167 | imagePullPolicy: IfNotPresent
168 | env:
169 | - name: LOG_DIR
170 | value: "/tmp/logs"
171 | ports:
172 | - containerPort: 9080
173 | volumeMounts:
174 | - name: tmp
175 | mountPath: /tmp
176 | - name: wlp-output
177 | mountPath: /opt/ibm/wlp/output
178 | securityContext:
179 | runAsUser: 1000
180 | volumes:
181 | - name: wlp-output
182 | emptyDir: {}
183 | - name: tmp
184 | emptyDir: {}
185 | ---
186 | ##################################################################################################
187 | # Productpage services
188 | ##################################################################################################
189 | apiVersion: v1
190 | kind: Service
191 | metadata:
192 | name: productpage
193 | labels:
194 | app: productpage
195 | service: productpage
196 | spec:
197 | ports:
198 | - port: 9080
199 | name: http
200 | selector:
201 | app: productpage
202 | ---
203 | apiVersion: v1
204 | kind: ServiceAccount
205 | metadata:
206 | name: bookinfo-productpage
207 | labels:
208 | account: productpage
209 | ---
210 | apiVersion: apps/v1
211 | kind: Deployment
212 | metadata:
213 | name: productpage-v1
214 | labels:
215 | app: productpage
216 | version: v1
217 | spec:
218 | replicas: 1
219 | selector:
220 | matchLabels:
221 | app: productpage
222 | version: v1
223 | template:
224 | metadata:
225 | labels:
226 | app: productpage
227 | version: v1
228 | spec:
229 | serviceAccountName: bookinfo-productpage
230 | containers:
231 | - name: productpage
232 | image: docker.io/istio/examples-bookinfo-productpage-v1:1.16.4
233 | imagePullPolicy: IfNotPresent
234 | ports:
235 | - containerPort: 9080
236 | volumeMounts:
237 | - name: tmp
238 | mountPath: /tmp
239 | securityContext:
240 | runAsUser: 1000
241 | volumes:
242 | - name: tmp
243 | emptyDir: {}
244 | ---
245 |
--------------------------------------------------------------------------------
/argo/tsb/conf.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: List
3 | items:
4 | - apiVersion: tsb.tetrate.io/v2
5 | kind: Tenant
6 | metadata:
7 | name: bookinfo
8 | annotations:
9 | tsb.tetrate.io/organization: tetrate
10 | spec:
11 | displayName: bookinfo
12 | - apiVersion: tsb.tetrate.io/v2
13 | kind: Workspace
14 | metadata:
15 | name: bookinfo-ws
16 | annotations:
17 | tsb.tetrate.io/organization: tetrate
18 | tsb.tetrate.io/tenant: bookinfo
19 | spec:
20 | namespaceSelector:
21 | names:
22 | - "cp-cluster-1/bookinfo"
23 | - apiVersion: gateway.tsb.tetrate.io/v2
24 | kind: Group
25 | metadata:
26 | name: bookinfo-gateway
27 | annotations:
28 | tsb.tetrate.io/organization: tetrate
29 | tsb.tetrate.io/tenant: bookinfo
30 | tsb.tetrate.io/workspace: bookinfo-ws
31 | spec:
32 | displayName: bookinfo-gateway-group
33 | namespaceSelector:
34 | names:
35 | - "cp-cluster-1/bookinfo"
36 | configMode: DIRECT
37 | - apiVersion: traffic.tsb.tetrate.io/v2
38 | kind: Group
39 | metadata:
40 | name: bookinfo-traffic
41 | annotations:
42 | tsb.tetrate.io/organization: tetrate
43 | tsb.tetrate.io/tenant: bookinfo
44 | tsb.tetrate.io/workspace: bookinfo-ws
45 | spec:
46 | displayName: bookinfo-traffic-group
47 | namespaceSelector:
48 | names:
49 | - "cp-cluster-1/bookinfo"
50 | configMode: DIRECT
51 | - apiVersion: security.tsb.tetrate.io/v2
52 | kind: Group
53 | metadata:
54 | name: bookinfo-security
55 | annotations:
56 | tsb.tetrate.io/organization: tetrate
57 | tsb.tetrate.io/tenant: bookinfo
58 | tsb.tetrate.io/workspace: bookinfo-ws
59 | spec:
60 | displayName: bookinfo-security-group
61 | namespaceSelector:
62 | names:
63 | - "cp-cluster-1/bookinfo"
64 | configMode: DIRECT
65 | - apiVersion: install.tetrate.io/v1alpha1
66 | kind: IngressGateway
67 | metadata:
68 | name: tsb-gateway-bookinfo
69 | spec:
70 | kubeSpec:
71 | service:
72 | type: LoadBalancer
73 | - apiVersion: networking.istio.io/v1alpha3
74 | kind: Gateway
75 | metadata:
76 | name: bookinfo-gateway
77 | labels:
78 | istio.io/rev: tsb
79 | annotations:
80 | tsb.tetrate.io/organization: tetrate
81 | tsb.tetrate.io/tenant: bookinfo
82 | tsb.tetrate.io/workspace: bookinfo-ws
83 | tsb.tetrate.io/gatewayGroup: bookinfo-gateway
84 | spec:
85 | selector:
86 | app: tsb-gateway-bookinfo
87 | servers:
88 | - port:
89 | number: 80
90 | name: http
91 | protocol: HTTP
92 | hosts:
93 | - bookinfo.tetrate.com
94 | - apiVersion: networking.istio.io/v1alpha3
95 | kind: DestinationRule
96 | metadata:
97 | name: productpage
98 | labels:
99 | istio.io/rev: tsb
100 | annotations:
101 | tsb.tetrate.io/organization: tetrate
102 | tsb.tetrate.io/tenant: bookinfo
103 | tsb.tetrate.io/workspace: bookinfo-ws
104 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
105 | spec:
106 | host: productpage
107 | subsets:
108 | - name: v1
109 | labels:
110 | version: v1
111 | - apiVersion: networking.istio.io/v1alpha3
112 | kind: VirtualService
113 | metadata:
114 | name: bookinfo
115 | labels:
116 | istio.io/rev: tsb
117 | annotations:
118 | tsb.tetrate.io/organization: tetrate
119 | tsb.tetrate.io/tenant: bookinfo
120 | tsb.tetrate.io/workspace: bookinfo-ws
121 | tsb.tetrate.io/gatewayGroup: bookinfo-gateway
122 | spec:
123 | hosts:
124 | - "bookinfo.tetrate.com"
125 | gateways:
126 | - bookinfo-gateway
127 | http:
128 | - match:
129 | - uri:
130 | exact: /productpage
131 | - uri:
132 | prefix: /static
133 | - uri:
134 | exact: /login
135 | - uri:
136 | exact: /logout
137 | - uri:
138 | prefix: /api/v1/products
139 | route:
140 | - destination:
141 | host: productpage
142 | port:
143 | number: 9080
144 | - apiVersion: networking.istio.io/v1alpha3
145 | kind: DestinationRule
146 | metadata:
147 | name: reviews
148 | labels:
149 | istio.io/rev: tsb
150 | annotations:
151 | tsb.tetrate.io/organization: tetrate
152 | tsb.tetrate.io/tenant: bookinfo
153 | tsb.tetrate.io/workspace: bookinfo-ws
154 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
155 | spec:
156 | host: reviews
157 | subsets:
158 | - name: stable
159 | labels:
160 | app: reviews
161 | version: stable
162 | - name: canary
163 | labels:
164 | app: reviews
165 | version: canary
166 | - apiVersion: networking.istio.io/v1alpha3
167 | kind: VirtualService
168 | metadata:
169 | name: reviews
170 | labels:
171 | istio.io/rev: tsb
172 | annotations:
173 | tsb.tetrate.io/organization: tetrate
174 | tsb.tetrate.io/tenant: bookinfo
175 | tsb.tetrate.io/workspace: bookinfo-ws
176 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
177 | spec:
178 | hosts:
179 | - reviews
180 | http:
181 | - route:
182 | - destination:
183 | host: reviews
184 | subset: stable
185 | weight: 100
186 | - destination:
187 | host: reviews
188 | subset: canary
189 | weight: 0
190 | - apiVersion: networking.istio.io/v1alpha3
191 | kind: DestinationRule
192 | metadata:
193 | name: ratings
194 | labels:
195 | istio.io/rev: tsb
196 | annotations:
197 | tsb.tetrate.io/organization: tetrate
198 | tsb.tetrate.io/tenant: bookinfo
199 | tsb.tetrate.io/workspace: bookinfo-ws
200 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
201 | spec:
202 | host: ratings
203 | subsets:
204 | - name: v1
205 | labels:
206 | version: v1
207 | - apiVersion: networking.istio.io/v1alpha3
208 | kind: VirtualService
209 | metadata:
210 | name: ratings
211 | labels:
212 | istio.io/rev: tsb
213 | annotations:
214 | tsb.tetrate.io/organization: tetrate
215 | tsb.tetrate.io/tenant: bookinfo
216 | tsb.tetrate.io/workspace: bookinfo-ws
217 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
218 | spec:
219 | hosts:
220 | - ratings
221 | http:
222 | - route:
223 | - destination:
224 | host: ratings
225 | subset: v1
226 | - apiVersion: networking.istio.io/v1alpha3
227 | kind: DestinationRule
228 | metadata:
229 | name: details
230 | labels:
231 | istio.io/rev: tsb
232 | annotations:
233 | tsb.tetrate.io/organization: tetrate
234 | tsb.tetrate.io/tenant: bookinfo
235 | tsb.tetrate.io/workspace: bookinfo-ws
236 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
237 | spec:
238 | host: details
239 | subsets:
240 | - name: v1
241 | labels:
242 | version: v1
243 | - apiVersion: networking.istio.io/v1alpha3
244 | kind: VirtualService
245 | metadata:
246 | name: details
247 | labels:
248 | istio.io/rev: tsb
249 | annotations:
250 | tsb.tetrate.io/organization: tetrate
251 | tsb.tetrate.io/tenant: bookinfo
252 | tsb.tetrate.io/workspace: bookinfo-ws
253 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
254 | spec:
255 | hosts:
256 | - details
257 | http:
258 | - route:
259 | - destination:
260 | host: details
261 | subset: v1
262 |
--------------------------------------------------------------------------------
/flagger/tsb/conf.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: List
3 | items:
4 | - apiVersion: tsb.tetrate.io/v2
5 | kind: Tenant
6 | metadata:
7 | name: bookinfo
8 | annotations:
9 | tsb.tetrate.io/organization: tetrate
10 | spec:
11 | displayName: bookinfo
12 | - apiVersion: tsb.tetrate.io/v2
13 | kind: Workspace
14 | metadata:
15 | name: bookinfo-ws
16 | annotations:
17 | tsb.tetrate.io/organization: tetrate
18 | tsb.tetrate.io/tenant: bookinfo
19 | spec:
20 | namespaceSelector:
21 | names:
22 | - "cp-cluster-1/bookinfo"
23 | - apiVersion: gateway.tsb.tetrate.io/v2
24 | kind: Group
25 | metadata:
26 | name: bookinfo-gateway
27 | annotations:
28 | tsb.tetrate.io/organization: tetrate
29 | tsb.tetrate.io/tenant: bookinfo
30 | tsb.tetrate.io/workspace: bookinfo-ws
31 | spec:
32 | displayName: bookinfo-gateway-group
33 | namespaceSelector:
34 | names:
35 | - "cp-cluster-1/bookinfo"
36 | configMode: DIRECT
37 | - apiVersion: traffic.tsb.tetrate.io/v2
38 | kind: Group
39 | metadata:
40 | name: bookinfo-traffic
41 | annotations:
42 | tsb.tetrate.io/organization: tetrate
43 | tsb.tetrate.io/tenant: bookinfo
44 | tsb.tetrate.io/workspace: bookinfo-ws
45 | spec:
46 | displayName: bookinfo-traffic-group
47 | namespaceSelector:
48 | names:
49 | - "cp-cluster-1/bookinfo"
50 | configMode: DIRECT
51 | - apiVersion: security.tsb.tetrate.io/v2
52 | kind: Group
53 | metadata:
54 | name: bookinfo-security
55 | annotations:
56 | tsb.tetrate.io/organization: tetrate
57 | tsb.tetrate.io/tenant: bookinfo
58 | tsb.tetrate.io/workspace: bookinfo-ws
59 | spec:
60 | displayName: bookinfo-security-group
61 | namespaceSelector:
62 | names:
63 | - "cp-cluster-1/bookinfo"
64 | configMode: DIRECT
65 | - apiVersion: install.tetrate.io/v1alpha1
66 | kind: IngressGateway
67 | metadata:
68 | name: tsb-gateway-bookinfo
69 | spec:
70 | kubeSpec:
71 | service:
72 | type: LoadBalancer
73 | - apiVersion: networking.istio.io/v1alpha3
74 | kind: Gateway
75 | metadata:
76 | name: bookinfo-gateway
77 | labels:
78 | istio.io/rev: tsb
79 | annotations:
80 | tsb.tetrate.io/organization: tetrate
81 | tsb.tetrate.io/tenant: bookinfo
82 | tsb.tetrate.io/workspace: bookinfo-ws
83 | tsb.tetrate.io/gatewayGroup: bookinfo-gateway
84 | spec:
85 | selector:
86 | app: tsb-gateway-bookinfo
87 | servers:
88 | - port:
89 | number: 80
90 | name: http
91 | protocol: HTTP
92 | hosts:
93 | - bookinfo.tetrate.com
94 | - apiVersion: networking.istio.io/v1alpha3
95 | kind: DestinationRule
96 | metadata:
97 | name: productpage
98 | labels:
99 | istio.io/rev: tsb
100 | annotations:
101 | tsb.tetrate.io/organization: tetrate
102 | tsb.tetrate.io/tenant: bookinfo
103 | tsb.tetrate.io/workspace: bookinfo-ws
104 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
105 | spec:
106 | host: productpage
107 | subsets:
108 | - name: v1
109 | labels:
110 | version: v1
111 | - apiVersion: networking.istio.io/v1alpha3
112 | kind: VirtualService
113 | metadata:
114 | name: bookinfo
115 | labels:
116 | istio.io/rev: tsb
117 | annotations:
118 | tsb.tetrate.io/organization: tetrate
119 | tsb.tetrate.io/tenant: bookinfo
120 | tsb.tetrate.io/workspace: bookinfo-ws
121 | tsb.tetrate.io/gatewayGroup: bookinfo-gateway
122 | spec:
123 | hosts:
124 | - "bookinfo.tetrate.com"
125 | gateways:
126 | - bookinfo-gateway
127 | http:
128 | - match:
129 | - uri:
130 | exact: /productpage
131 | - uri:
132 | prefix: /static
133 | - uri:
134 | exact: /login
135 | - uri:
136 | exact: /logout
137 | - uri:
138 | prefix: /api/v1/products
139 | route:
140 | - destination:
141 | host: productpage
142 | port:
143 | number: 9080
144 | - apiVersion: networking.istio.io/v1alpha3
145 | kind: DestinationRule
146 | metadata:
147 | name: reviews
148 | labels:
149 | istio.io/rev: tsb
150 | annotations:
151 | tsb.tetrate.io/organization: tetrate
152 | tsb.tetrate.io/tenant: bookinfo
153 | tsb.tetrate.io/workspace: bookinfo-ws
154 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
155 | spec:
156 | host: reviews
157 | subsets:
158 | - name: stable
159 | labels:
160 | app: reviews
161 | version: stable
162 | - name: canary
163 | labels:
164 | app: reviews
165 | version: canary
166 | - apiVersion: networking.istio.io/v1alpha3
167 | kind: VirtualService
168 | metadata:
169 | name: reviews
170 | labels:
171 | istio.io/rev: tsb
172 | annotations:
173 | tsb.tetrate.io/organization: tetrate
174 | tsb.tetrate.io/tenant: bookinfo
175 | tsb.tetrate.io/workspace: bookinfo-ws
176 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
177 | spec:
178 | hosts:
179 | - reviews
180 | http:
181 | - route:
182 | - destination:
183 | host: reviews
184 | subset: stable
185 | weight: 100
186 | - destination:
187 | host: reviews
188 | subset: canary
189 | weight: 0
190 | - apiVersion: networking.istio.io/v1alpha3
191 | kind: DestinationRule
192 | metadata:
193 | name: ratings
194 | labels:
195 | istio.io/rev: tsb
196 | annotations:
197 | tsb.tetrate.io/organization: tetrate
198 | tsb.tetrate.io/tenant: bookinfo
199 | tsb.tetrate.io/workspace: bookinfo-ws
200 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
201 | spec:
202 | host: ratings
203 | subsets:
204 | - name: v1
205 | labels:
206 | version: v1
207 | - apiVersion: networking.istio.io/v1alpha3
208 | kind: VirtualService
209 | metadata:
210 | name: ratings
211 | labels:
212 | istio.io/rev: tsb
213 | annotations:
214 | tsb.tetrate.io/organization: tetrate
215 | tsb.tetrate.io/tenant: bookinfo
216 | tsb.tetrate.io/workspace: bookinfo-ws
217 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
218 | spec:
219 | hosts:
220 | - ratings
221 | http:
222 | - route:
223 | - destination:
224 | host: ratings
225 | subset: v1
226 | - apiVersion: networking.istio.io/v1alpha3
227 | kind: DestinationRule
228 | metadata:
229 | name: details
230 | labels:
231 | istio.io/rev: tsb
232 | annotations:
233 | tsb.tetrate.io/organization: tetrate
234 | tsb.tetrate.io/tenant: bookinfo
235 | tsb.tetrate.io/workspace: bookinfo-ws
236 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
237 | spec:
238 | host: details
239 | subsets:
240 | - name: v1
241 | labels:
242 | version: v1
243 | - apiVersion: networking.istio.io/v1alpha3
244 | kind: VirtualService
245 | metadata:
246 | name: details
247 | labels:
248 | istio.io/rev: tsb
249 | annotations:
250 | tsb.tetrate.io/organization: tetrate
251 | tsb.tetrate.io/tenant: bookinfo
252 | tsb.tetrate.io/workspace: bookinfo-ws
253 | tsb.tetrate.io/trafficGroup: bookinfo-traffic
254 | spec:
255 | hosts:
256 | - details
257 | http:
258 | - route:
259 | - destination:
260 | host: details
261 | subset: v1
262 |
--------------------------------------------------------------------------------
/argo/README.md:
--------------------------------------------------------------------------------
1 | # Canary deployments & Progressive delivery automation using ArgoRollout and SkyWalking
2 |
3 | This document describes how you can configure ArgoCD & integrate ArgoRollout with TSB GitOps support and use SkyWalking as the metrics provider for canary deployments and progressive delivery automation.
4 |
5 | Before you get started, make sure:
6 | ✓ [ArgoCD](https://argo-cd.readthedocs.io/en/stable/getting_started/) is installed in your cluster and ArgoCD CLI is configured to connect to your ArgoCD server
7 | ✓ [ArgoRollout](https://argoproj.github.io/argo-rollouts/installation/) is installed in your cluster
8 | ✓ TSB is up and running, and GitOps [has been enabled](../../operations/features/configure_gitops.mdx) for the target cluster
9 |
10 | ## Create an Application from a Git repository
11 |
12 | Create a sample application using the below command. An example repository containing Istio's [bookinfo](https://istio.io/latest/docs/examples/bookinfo/) application and TSB configurations is available at [https://github.com/tetrateio/tsb-gitops-demo](https://github.com/tetrateio/tsb-gitops-demo).
13 | You can either use Argo CD CLI or their web UI to import application configurations directly from Git.
14 |
15 | ```bash{promptUser: "alice"}
16 | argocd app create bookinfo-app --repo https://github.com/tetrateio/tsb-gitops-demo.git --path application --dest-server https://kubernetes.default.svc --dest-namespace bookinfo --sync-policy automated
17 | ```
18 |
19 | Check the status of your application
20 |
21 | ```bash{promptUser: "alice"}
22 | argocd app get bookinfo-app
23 | ```
24 |
25 | ```bash{promptUser: "alice"}
26 | Name: bookinfo-app
27 | Project: default
28 | Server: https://kubernetes.default.svc
29 | Namespace: bookinfo
30 | URL: https://localhost:8080/applications/bookinfo-app
31 | Repo: https://github.com/tetrateio/tsb-gitops-demo.git
32 | Target:
33 | Path: application
34 | SyncWindow: Sync Allowed
35 | Sync Policy: Automated
36 | Sync Status: Synced to (04f154e)
37 | Health Status: Healthy
38 |
39 | GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
40 | Namespace bookinfo bookinfo Running Synced namespace/bookinfo created
41 | ServiceAccount bookinfo bookinfo-ratings Synced serviceaccount/bookinfo-ratings created
42 | ServiceAccount bookinfo bookinfo-details Synced serviceaccount/bookinfo-details created
43 | ServiceAccount bookinfo bookinfo-reviews Synced serviceaccount/bookinfo-reviews created
44 | ServiceAccount bookinfo bookinfo-productpage Synced serviceaccount/bookinfo-productpage created
45 | Service bookinfo details Synced Healthy service/details created
46 | Service bookinfo ratings Synced Healthy service/ratings created
47 | Service bookinfo reviews Synced Healthy service/reviews created
48 | Service bookinfo productpage Synced Healthy service/productpage created
49 | apps Deployment bookinfo productpage-v1 Synced Healthy deployment.apps/productpage-v1 created
50 | apps Deployment bookinfo reviews Synced Healthy deployment.apps/reviews created
51 | apps Deployment bookinfo details-v1 Synced Healthy deployment.apps/details-v1 created
52 | apps Deployment bookinfo ratings-v1 Synced Healthy deployment.apps/ratings-v1 created
53 | Namespace bookinfo Synced
54 |
55 | ```
56 |
57 | ## Application Setup
58 |
59 | If you already have kubernetes manifests created for deployment and service resource, You can choose to keep the same objects along with Argo `Rollout` object for facilitating the canary deployments.
60 | You can make necessary changes to `Rollout` object and TSB mesh configuration of Istio VirtualService/DestinationRule to achieve the desired result.
61 |
62 | ## TSB Configuration Setup
63 |
64 | Since Argo Rollout require you to make some modifications on Istio `VirtualService` & `DestinatrionRule` object according to their canary deployment strategy convention for Istio, You can use TSB `DIRECT` mode configuration to achieve the desired result.
65 |
66 | * According to Argo Rollout convention, 2 subsets named `stable` and `canary` needs to be configured with necessary labels in TSB direct mode resources like `VirtualService` & `DestinationRule` to identify `canary` and `stable` pods.
67 | * Please make sure the version labels eg: `version: canary/stable` has been configured according to Istio convention for TSB to recognize the subsets and plot the metrics in service dashboard.
68 | * When using TSB direct mode resources with GitOps, there is an additional label `istio.io/rev: "tsb"` that needs to be added to the resources. Please refer [here](./gitops.mdx#using-istio-direct-mode-resources) for more details.
69 |
70 | Create a `bookinfo-tsb-conf` app by importing the TSB configurations from [tsb-gitops-demo/argo/tsb/conf.yaml](https://github.com/tetrateio/tsb-gitops-demo/blob/main/argo/tsb/conf.yaml). You can also choose to keep it in the same repo.
71 |
72 | ```bash{promptUser: "alice"}
73 | argocd app create bookinfo-tsb-conf --repo https://github.com/tetrateio/tsb-gitops-demo.git --path argo/tsb --dest-server https://kubernetes.default.svc --dest-namespace bookinfo --sync-policy automated
74 | ```
75 |
76 | Check the status of TSB resources
77 |
78 | ```bash{promptUser: "alice"}
79 | argocd app get bookinfo-tsb-conf
80 |
81 | Name: bookinfo-tsb-conf
82 | Project: default
83 | Server: https://kubernetes.default.svc
84 | Namespace: bookinfo
85 | URL: https://localhost:8080/applications/bookinfo-tsb-conf
86 | Repo: https://github.com/tetrateio/tsb-gitops-demo.git
87 | Target:
88 | Path: argo/tsb
89 | SyncWindow: Sync Allowed
90 | Sync Policy: Automated
91 | Sync Status: Synced to (04f154e)
92 | Health Status: Healthy
93 |
94 | GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
95 | tsb.tetrate.io Tenant bookinfo bookinfo Synced tenant.tsb.tetrate.io/bookinfo unchanged
96 | networking.istio.io VirtualService bookinfo bookinfo Synced virtualservice.networking.istio.io/bookinfo unchanged
97 | gateway.tsb.tetrate.io Group bookinfo bookinfo-gateway Synced group.gateway.tsb.tetrate.io/bookinfo-gateway unchanged
98 | networking.istio.io Gateway bookinfo bookinfo-gateway Synced gateway.networking.istio.io/bookinfo-gateway unchanged
99 | security.tsb.tetrate.io Group bookinfo bookinfo-security Synced group.security.tsb.tetrate.io/bookinfo-security unchanged
100 | traffic.tsb.tetrate.io Group bookinfo bookinfo-traffic Synced group.traffic.tsb.tetrate.io/bookinfo-traffic unchanged
101 | tsb.tetrate.io Workspace bookinfo bookinfo-ws Synced workspace.tsb.tetrate.io/bookinfo-ws unchanged
102 | networking.istio.io VirtualService bookinfo details Synced virtualservice.networking.istio.io/details unchanged
103 | networking.istio.io DestinationRule bookinfo details Synced destinationrule.networking.istio.io/details unchanged
104 | networking.istio.io DestinationRule bookinfo productpage Synced destinationrule.networking.istio.io/productpage unchanged
105 | networking.istio.io VirtualService bookinfo ratings Synced virtualservice.networking.istio.io/ratings unchanged
106 | networking.istio.io DestinationRule bookinfo ratings Synced destinationrule.networking.istio.io/ratings unchanged
107 | networking.istio.io DestinationRule bookinfo reviews Synced destinationrule.networking.istio.io/reviews unchanged
108 | networking.istio.io VirtualService bookinfo reviews Synced virtualservice.networking.istio.io/reviews unchanged
109 | install.tetrate.io IngressGateway bookinfo tsb-gateway-bookinfo Synced ingressgateway.install.tetrate.io/tsb-gateway-bookinfo unchanged
110 | ```
111 |
112 | ## Verify application
113 |
114 | Run the below command to export LB IP of `tsb-gateway-bookinfo`
115 |
116 | ```bash{promptUser: "alice"}
117 | export GATEWAY_IP=$(kubectl -n bookinfo get service tsb-gateway-bookinfo -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
118 | ```
119 |
120 | Confirm that you can access bookinfo application. As you can see in the response, `review v1` service which we have currently deployed doesn't call `ratings` service.
121 |
122 | ```bash{promptUser: "alice"}
123 | curl -v "http://bookinfo.tetrate.com/api/v1/products/1/reviews" \
124 | --resolve "bookinfo.tetrate.com:80:$GATEWAY_IP"
125 |
126 | * Mark bundle as not supporting multiuse
127 | < HTTP/1.1 200 OK
128 | < content-type: application/json
129 | < content-length: 361
130 | < server: istio-envoy
131 | < date: Mon, 22 Aug 2022 06:36:52 GMT
132 | < x-envoy-upstream-service-time: 782
133 | <
134 | * Connection #0 to host bookinfo.tetrate.com left intact
135 | {"id": "1", "podname": "reviews-rollout-56ff4b868c-74d8t", "clustername": "null", "reviews": [{"reviewer": "Reviewer1", "text": "An extremely entertaining play by Shakespeare. The slapstick humour is refreshing!"}, {"reviewer": "Reviewer2", "text": "Absolutely fun and entertaining. The play lacks thematic depth when compared to other plays by Shakespeare."}]}
136 | ```
137 |
138 | ## Setup ArgoRollout
139 |
140 |
141 | Argo Rollout provides multiple options to migrate your existing kubernetes deployment object into Argo's `Rollout` object. You can either convert an existing k8s deployment object to `Rollout` or you can refer your existing k8s deployment from a `Rollout` object using `workloadRef`.
142 | We will be following the latter approach in this example.
143 |
144 | In this example we will be doing a canary deployment of `reviews` service to demonstrate `Rollout` object configurations and how it is facilitating the traffic shifting to both primary and canary deployment of `reviews` service.
145 |
146 | * Create a `Rollout` resource and refer your existing deployment using `workloadRef`.
147 | * Make sure selector `matchLabels` has been configured based on your k8s application deployment manifest.
148 | * Configure `strategy` as `canary` with subset level traffic splitting.
149 | * Configure `canaryMetadata` & `stableMetadata` to inject labels and annotations on `canary` and `stable` pods.
150 | * Please make sure the labels of `canaryMetadata` and `stableMetadata` are consistent with TSB direct mode configurations [here](https://github.com/tetrateio/tsb-gitops-demo/blob/main/argo/tsb/conf.yaml#L157-L165).
151 | * Configure Istio `virtualService` and `destinationRule` under `trafficRouting` based on the TSB direct mode configurations.
152 | * Once the `Rollout` object is created, it will spin up the required number of pods side-by-side along with the k8s deployment pods.
153 | * Once all the `Rollout` pods are up and running, you can scale down your existing k8s deployment to `0` by changing the replicas.
154 | * `Rollout` object won't modify your existing k8s deployment, Traffic would be shifted to the pods managed by `Rollout` object once the subset is updated in `VirtualService`.
155 |
156 | [rollout.yaml](/argo/rollout/rollout.yaml)
157 |
158 | ```yaml
159 | apiVersion: argoproj.io/v1alpha1
160 | kind: Rollout
161 | metadata:
162 | name: reviews-rollout
163 | spec:
164 | replicas: 5
165 | selector:
166 | matchLabels:
167 | app: reviews
168 | workloadRef:
169 | apiVersion: apps/v1
170 | kind: Deployment
171 | name: reviews
172 | strategy:
173 | canary:
174 | analysis:
175 | templates:
176 | - templateName: apdex
177 | startingStep: 2
178 | args:
179 | - name: service-name
180 | value: canary|reviews|bookinfo|cp-cluster-1|-
181 | canaryMetadata:
182 | annotations:
183 | version: canary
184 | labels:
185 | version: canary
186 | service.istio.io/canonical-revision: canary
187 | stableMetadata:
188 | annotations:
189 | version: stable
190 | labels:
191 | version: stable
192 | service.istio.io/canonical-revision: stable
193 | trafficRouting:
194 | istio:
195 | virtualService:
196 | name: reviews
197 | destinationRule:
198 | name: reviews
199 | canarySubsetName: canary
200 | stableSubsetName: stable
201 | steps:
202 | - setWeight: 10
203 | - pause: {duration: 10m}
204 | - setWeight: 20
205 | - pause: {duration: 5m}
206 | - setWeight: 40
207 | - pause: {duration: 5m}
208 | - setWeight: 60
209 | - pause: {duration: 5m}
210 | - setWeight: 80
211 | - pause: {duration: 5m}
212 |
213 | ```
214 |
215 | ## Configure Canary Analysis Template using SkyWalking
216 |
217 | [SkyWalking](https://skywalking.apache.org/), an observability component bundled in TSB, can serve as a metrics provider to support canary deployment analysis, enabling automatic promotion or rollback actions
218 | Please refer [Analysis & Progressive delivery in Argo Rollout](https://argoproj.github.io/argo-rollouts/features/analysis/) and how [SkyWalking](https://argoproj.github.io/argo-rollouts/analysis/skywalking/) can be used as a metrics provider for more details.
219 |
220 | * Create canary `AnalysisTemplate` using `skywalking` as the metrics provider to drive auto promotion/rollback based on the deployment analysis.
221 | * SkyWalking metrics can be fetched by connecting to `OAP` service graphql endpoint i.e `http://oap.istio-system:12800` installed on TSB ControlPlane Cluster.
222 | * Success condition is derived using Apdex score. Please read [Apdex score for measuring service mesh health](https://tetrate.io/blog/the-apdex-score-for-measuring-service-mesh-health/) for more details.
223 | * Subset name of canary deployment needs to be configured as an argument `service-name` in the `analysis` template.
224 | * Since we are using `reviews` service here, please use `canary|reviews|bookinfo|cp-cluster-1|-` in the format of `subset|service name|namespace name|cluster name|env name` based on SPM noun convention.
225 |
226 | [analysis.yaml](/argo/rollout/analysis.yaml)
227 |
228 | ```yaml
229 | apiVersion: argoproj.io/v1alpha1
230 | kind: AnalysisTemplate
231 | metadata:
232 | name: apdex
233 | spec:
234 | args:
235 | - name: service-name
236 | metrics:
237 | - name: apdex
238 | interval: 5m
239 | successCondition: "all(result.service_apdex.values.values, {asFloat(.value) >= 9900})"
240 | failureLimit: 3
241 | provider:
242 | skywalking:
243 | interval: 3m
244 | address: http://oap.istio-system:12800
245 | query: |
246 | query queryData($duration: Duration!) {
247 | service_apdex: readMetricsValues(
248 | condition: { name: "service_apdex", entity: { scope: Service, serviceName: "{{ args.service-name }}", normal: true } },
249 | duration: $duration) {
250 | label values { values { value } }
251 | }
252 | }
253 |
254 | ```
255 |
256 | ## Create Rollout
257 |
258 | Run the below command to create a rollout app
259 |
260 | ```bash{promptUser: "alice"}
261 | argocd app create reviews-rollout --repo https://github.com/tetrateio/tsb-gitops-demo.git --path argo/rollout --dest-server https://kubernetes.default.svc --dest-namespace bookinfo --sync-policy automated
262 | ```
263 |
264 | Check the status
265 |
266 | ```bash{promptUser: "alice"}
267 | argocd app get reviews-rollout
268 |
269 | Name: reviews-rollout
270 | Project: default
271 | Server: https://kubernetes.default.svc
272 | Namespace: bookinfo
273 | URL: https://localhost:8080/applications/reviews-rollout
274 | Repo: https://github.com/tetrateio/tsb-gitops-demo.git
275 | Target:
276 | Path: argo/rollout
277 | SyncWindow: Sync Allowed
278 | Sync Policy: Automated
279 | Sync Status: Synced to (04f154e)
280 | Health Status: Healthy
281 |
282 | GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
283 | argoproj.io AnalysisTemplate bookinfo apdex Synced analysistemplate.argoproj.io/apdex created
284 | argoproj.io Rollout bookinfo reviews-rollout Synced Healthy rollout.argoproj.io/reviews-rollout created
285 | ```
286 |
287 | ## Trigger Canary Deployment
288 |
289 | Update the `reviews` service deployment image to `v2` version. This will immediately trigger a canary deployment of `reviews` v2 and will modify the traffic percentage as 90/10.
290 |
291 | ```bash{promptUser: "alice"}
292 | kubectl argo rollouts set image reviews-rollout reviews=docker.io/istio/examples-bookinfo-reviews-v2:1.16.4 -n bookinfo
293 | ```
294 |
295 | ## Monitor Canary Deployment
296 |
297 | Run the below command to monitor your canary deployment.
298 |
299 | ```bash{promptUser: "alice"}
300 | kubectl argo rollouts get rollout reviews-rollout --watch -n bookinfo
301 |
302 | Name: reviews-rollout
303 | Namespace: bookinfo
304 | Status: ॥ Paused
305 | Message: CanaryPauseStep
306 | Strategy: Canary
307 | Step: 1/10
308 | SetWeight: 10
309 | ActualWeight: 10
310 | Images: docker.io/istio/examples-bookinfo-reviews-v1:1.16.4 (stable)
311 | docker.io/istio/examples-bookinfo-reviews-v2:1.16.4 (canary)
312 | Replicas:
313 | Desired: 5
314 | Current: 6
315 | Updated: 1
316 | Ready: 6
317 | Available: 6
318 |
319 | NAME KIND STATUS AGE INFO
320 | ⟳ reviews-rollout Rollout ॥ Paused 6m13s
321 | ├──# revision:2
322 | │ └──⧉ reviews-rollout-867b9c9bcb ReplicaSet ✔ Healthy 21s canary
323 | │ └──□ reviews-rollout-867b9c9bcb-86mbt Pod ✔ Running 19s ready:2/2
324 | └──# revision:1
325 | └──⧉ reviews-rollout-5d9dc876c9 ReplicaSet ✔ Healthy 6m13s stable
326 | ├──□ reviews-rollout-5d9dc876c9-27mth Pod ✔ Running 6m12s ready:2/2
327 | ├──□ reviews-rollout-5d9dc876c9-8qqpx Pod ✔ Running 6m11s ready:2/2
328 | ├──□ reviews-rollout-5d9dc876c9-9bqbv Pod ✔ Running 6m11s ready:2/2
329 | ├──□ reviews-rollout-5d9dc876c9-cgxgd Pod ✔ Running 6m11s ready:2/2
330 | └──□ reviews-rollout-5d9dc876c9-d447w Pod ✔ Running 6m11s ready:2/2
331 |
332 | ```
333 |
334 | ## Generate traffic
335 |
336 | Run the below command to send some requests to bookinfo application.
337 |
338 | ```bash{promptUser: "alice"}
339 | while true; do curl -m 5 -v "http://bookinfo.tetrate.com/api/v1/products/1/reviews" --resolve "bookinfo.tetrate.com:80:$GATEWAY_IP"; sleep 2 ; done ;
340 | ```
341 |
342 | As you can see, some of the response will have the response from `ratings` service as `reviews-v2` calls `ratings` service.
343 |
344 | ```bash{promptUser: "alice"}
345 | > GET /api/v1/products/1/reviews HTTP/1.1
346 | > Host: bookinfo.tetrate.com
347 | > User-Agent: curl/7.79.1
348 | > Accept: */*
349 | > Content-Length: 0
350 | > Content-Type: application/x-www-form-urlencoded
351 | >
352 | * Mark bundle as not supporting multiuse
353 | < HTTP/1.1 200 OK
354 | < content-type: application/json
355 | < content-length: 437
356 | < server: istio-envoy
357 | < date: Mon, 22 Aug 2022 06:53:14 GMT
358 | < x-envoy-upstream-service-time: 45
359 | <
360 | * Connection #0 to host bookinfo.tetrate.com left intact
361 | {"id": "1", "podname": "reviews-66f8dddb8c-84pk6", "clustername": "null", "reviews": [{"reviewer": "Reviewer1", "text": "An extremely entertaining play by Shakespeare. The slapstick humour is refreshing!", "rating": {"stars": 5, "color": "black"}}, {"reviewer": "Reviewer2", "text": "Absolutely fun and entertaining. The play lacks thematic depth when compared to other plays by Shakespeare.", "rating": {"stars": 4, "color": "black"}}]}
362 | ```
363 |
364 | ## Monitor Performance Metrics in TSB
365 |
366 | You can monitor the health of each service instance of both canary and stable pods from TSB service dashboard.
367 |
368 | 
369 |
370 | 
371 |
372 | Service topology shows only `reviews-canary` is calling `ratings` service
373 |
374 | 
375 |
376 | ## Canary analysis and auto promotion
377 |
378 | As we have configured in the `Rollout` object, canary `analysis` is going to run from the second phase onwards as it wait for the first phase to complete in 10 minutes to build some metrics. From the second phase onwards, `AnalysisRun` i.e an instantiation of the `AnalysisTemplate` is going to get executed, based on the configured `interval`. For every completed run, based on the status of `succesfull` or `failed`, argo decides whether to promote/rollback the canary deployment based on the max `failureLimit` configured in `AnalysisTemplate`.
379 |
380 | ### During canary analysis
381 |
382 | ```bash{promptUser: "alice"}
383 | kubectl argo rollouts promote reviews-rollout --full -n bookinfo
384 |
385 | Name: reviews-rollout
386 | Namespace: bookinfo
387 | Status: ॥ Paused
388 | Message: CanaryPauseStep
389 | Strategy: Canary
390 | Step: 5/10
391 | SetWeight: 40
392 | ActualWeight: 40
393 | Images: docker.io/istio/examples-bookinfo-reviews-v1:1.16.4 (stable)
394 | docker.io/istio/examples-bookinfo-reviews-v2:1.16.4 (canary)
395 | Replicas:
396 | Desired: 5
397 | Current: 7
398 | Updated: 2
399 | Ready: 7
400 | Available: 7
401 |
402 | NAME KIND STATUS AGE INFO
403 | ⟳ reviews-rollout Rollout ॥ Paused 24m
404 | ├──# revision:2
405 | │ ├──⧉ reviews-rollout-867b9c9bcb ReplicaSet ✔ Healthy 18m canary
406 | │ │ ├──□ reviews-rollout-867b9c9bcb-86mbt Pod ✔ Running 18m ready:2/2
407 | │ │ └──□ reviews-rollout-867b9c9bcb-9ghh2 Pod ✔ Running 3m4s ready:2/2
408 | │ └──α reviews-rollout-867b9c9bcb-2 AnalysisRun ◌ Running 8m4s ✔ 2
409 | └──# revision:1
410 | └──⧉ reviews-rollout-5d9dc876c9 ReplicaSet ✔ Healthy 24m stable
411 | ├──□ reviews-rollout-5d9dc876c9-27mth Pod ✔ Running 24m ready:2/2
412 | ├──□ reviews-rollout-5d9dc876c9-8qqpx Pod ✔ Running 24m ready:2/2
413 | ├──□ reviews-rollout-5d9dc876c9-9bqbv Pod ✔ Running 24m ready:2/2
414 | ├──□ reviews-rollout-5d9dc876c9-cgxgd Pod ✔ Running 24m ready:2/2
415 | └──□ reviews-rollout-5d9dc876c9-d447w Pod ✔ Running 24m ready:2/2
416 |
417 | ```
418 |
419 | ### After promotion
420 |
421 | Once all the steps gets executed with a `successfull` analysis run, argo completely rollout the image to version `v2` and marks that as `stable`.
422 |
423 | ```bash{promptUser: "alice"}
424 | kubectl argo rollouts get rollout reviews-rollout --watch -n bookinfo
425 |
426 | Name: reviews-rollout
427 | Namespace: bookinfo
428 | Status: ✔ Healthy
429 | Strategy: Canary
430 | Step: 10/10
431 | SetWeight: 100
432 | ActualWeight: 100
433 | Images: docker.io/istio/examples-bookinfo-reviews-v2:1.16.4 (stable)
434 | Replicas:
435 | Desired: 5
436 | Current: 5
437 | Updated: 5
438 | Ready: 5
439 | Available: 5
440 |
441 | NAME KIND STATUS AGE INFO
442 | ⟳ reviews-rollout Rollout ✔ Healthy 3d20h
443 | ├──# revision:2
444 | │ ├──⧉ reviews-rollout-867b9c9bcb ReplicaSet ✔ Healthy 3d20h stable
445 | │ │ ├──□ reviews-rollout-867b9c9bcb-757hf Pod ✔ Running 3d20h ready:2/2
446 | │ │ ├──□ reviews-rollout-867b9c9bcb-tlt8z Pod ✔ Running 3d20h ready:2/2
447 | │ │ ├──□ reviews-rollout-867b9c9bcb-hwqnd Pod ✔ Running 3d20h ready:2/2
448 | │ │ ├──□ reviews-rollout-867b9c9bcb-hnfzb Pod ✔ Running 3d20h ready:2/2
449 | │ │ └──□ reviews-rollout-867b9c9bcb-h5zrw Pod ✔ Running 3d20h ready:2/2
450 | │ └──α reviews-rollout-867b9c9bcb-2 AnalysisRun ✔ Successful 3d20h ✔ 5
451 | └──# revision:1
452 | └──⧉ reviews-rollout-5d9dc876c9 ReplicaSet • ScaledDown 3d20h
453 | ```
454 |
455 | ## Manual promotion of canary deployment
456 |
457 | You can either do a step promote which will proceed to the next steps mentioned in the Rollout by changing the traffic weight and it will eventually rollout the new version completely or you can do a full promote to the desired version by skipping analysis, pauses, and steps.
458 |
459 | ```bash{promptUser: "alice"}
460 | # step promotion
461 | kubectl argo rollouts promote reviews-rollout -n bookinfo
462 |
463 | # full promotion
464 | kubectl argo rollouts promote reviews-rollout --full -n bookinfo
465 | ```
466 |
--------------------------------------------------------------------------------