When you update fields in the spec
section of an Istio resource, Service Mesh (ASM) records the resource version before the update. ASM stores up to five latest versions. This topic describes how to roll back a virtual service to an earlier version.
Prerequisites
An ASM instance whose version is 1.9.7.92 or later is created. For more information, see Create an ASM instance and Update an ASM instance.
A virtual service is created. For more information, see Manage virtual services.
Background information
ASM provides various Istio resources. Istio resources related to traffic management include virtual services, destination rules, Istio gateways, service entries, Envoy filters, workload groups, workload entries, and sidecar resources. Istio resources related to zero-trust security include request authentication policies, peer authentication policies, and authorization policies. You can create these resources in the ASM console.
Step 1: Enable the rollback feature for Istio resources
You can use one of the following methods to enable the rollback feature for Istio resources:
If no ASM instance is created, select Enable Istio custom resource version control to enable the rollback feature when you create an ASM instance.
For an existing ASM instance, click the name of the instance. On the Base Information page, click Settings. On the Settings Update panel, select Enable Istio custom resource version control to enable the rollback feature. The following example shows you how to enable the rollback feature for an existing ASM instance.
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose .
On the Base Information page, click Settings. In the Settings Update panel, select Enable Istio custom resource version control and click OK.
Step 2: Generate an earlier version of a virtual service
ASM records an earlier version of an Istio resource only when fields in the spec
section of the Istio resource are updated. If you update other fields of the Istio resource, ASM does not record earlier versions.
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose .
On the VirtualService page, find the virtual service that you want to manage and click YAML in the Actions column.
In the Edit dialog box, modify fields in the
spec
section. For example, change the value of thenumber
field from9080
to9081
and click OK.
Step 3: Roll back the virtual service to an earlier version
In this example, the virtual service is rolled back to v2.
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose .
On the VirtualService page, find the virtual service that you want to manage and click Version in the Actions column.
In the Version dialog box, find v2 and click View in the Actions column. Then, click Rollback.
On the VirtualService page, find the virtual service that you want to manage and click YAML in the Actions column. In the Edit dialog box, you can find that the version of the virtual service is v2.
FAQ
What can I do if the Version button is not displayed for the Istio resource that I want to roll back?
Before you roll back an Istio resource to an earlier version, make sure that the version of your ASM instance is 1.9.7.92 or later and the rollback feature is enabled for Istio resources.
Does ASM record an earlier version of an Istio resource if I update the Istio resource by using a method other than the ASM console?
Yes. After the rollback feature is enabled for Istio resources, ASM records the earlier versions of Istio resources regardless of the methods that are used to update Istio resources.
Does ASM store an unlimited number of earlier versions of Istio resources?
No. ASM stores up to five latest versions of an Istio resource. If an Istio resource is modified more than five times, the earliest version is cleared.
Why are the earlier versions recorded by ASM not the same as the actual YAML content?
Redundant fields are omitted from the earlier versions recorded by ASM. This does not affect the use of these earlier versions. For example, in the YAML content of an Istio gateway, the default value of the servers.tls
field in the spec
section is PASSTHROUGH
. If you set the servers.tls field to PASSTHROUGH
again, ASM regards the field as a redundant field and does not record the field in an earlier version.