Hi!
I’m looking for some help with Istio’s traffic shifting for canary deployments and how it fits in with our existing use of helm releases. Specifically we’re looking to deploy different configurations of an existing statefulset, and see which one performs better…
Our helm releases normally create a kubernetes service that routes to that set of pods specified in the helm’s deployment or statefulset manifests. The pods are labelled by “normal” things, as well as the release name.
So for example, a typical service + pods for a helm release called “my-first-release” would look like:
From what I understand, in order for Istio to shift traffic, it needs:
- the pods that it is directing traffic to need a
version
in the label, and aDestinationRule
that defines each version - a kubernetes service that selects all the pods that comprise all of the versions
- a
VirtualService
that routes traffic between theDestinationRules
In which case - assuming we don’t want to do away with the existing service that our helm templates already give us, we’d essentially need something like this
i.e.
- a kubernetes service that is helm release-agnostic
- each different helm deployment to have a proper version name for the pods
- each helm deployment to have a DR that describes the name & labelling for its version of the pods
- a virtual service that references the release-agnostic kubernetes service as the host, that then routes across the different subsets
Is anybody able to provide any thoughts or opinions on this?
We’ve looked at ServiceEntry
but it doesn’t seem to give us that sort of a “virtual” service entry, thus our - assumed - need for a kubernetes service.