All Products
Search
Document Center

Container Service for Kubernetes:Use an Ingress controller to mirror network traffic

最終更新日:Aug 06, 2024

Cross-cluster traffic mirroring is the process of mirroring traffic from a production environment to a staging environment to run simulation tests or troubleshoot issues. You can use this method to run tests and perform troubleshooting without interrupting your businesses in the production environment. This topic describes how to use the NGINX Ingress controller to mirror traffic between Container Service for Kubernetes (ACK) clusters.

Prerequisites

Use scenarios

Traffic mirroring can be used in the following scenarios:

  • Production workload simulation:

    Before you make important changes to a system or release new features, you must run stress tests to assess the stability of the system. In most cases, production workloads are simulated in a staging environment to test the stability of a new system before the system is released. However, the actual loads are difficult to estimate because the system may receive both normal and abnormal network traffic. To resolve this issue, you can mirror network traffic from applications that are deployed in the production environment to the staging environment. Then, you can simulate the production workloads in the staging environment.

  • Troubleshooting:

    When a system deployed in a production environment encounters a performance bottleneck and you cannot locate the cause, you can mirror the network traffic of the system to a staging environment. This way, you can troubleshoot errors in the staging environment.

In this example, an ACK cluster named K8s Product Cluster resides in a production environment and an ACK cluster named K8s Stage Cluster resides in a staging environment.

image

Preparations

To mirror 100% production traffic from K8s Product Cluster to the application in K8s Stage Cluster, replicate all requests destined for example.com and redirect them to example1.com.

image

Step 1: Deploy an application in the staging environment

  1. Create a file named my-nginx.yaml in K8s Stage Cluster and add the following content to the file.

    Note

    You need only to deploy an application in K8s Stage Cluster to receive the mirrored traffic. Do no change the configuration of the cluster.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: nginx-deployment
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6
            imagePullPolicy: Always
            name: nginx
            ports:
            - containerPort: 80
              protocol: TCP
          restartPolicy: Always
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-service
    spec:
      ports:
      - port: 80
        protocol: TCP
        targetPort: 80
      selector:
        app: nginx
      type: NodePort
    ---
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: nginx-ingress
    spec:
      rules:
      - host: example1.com
        http:
          paths:
          - path: /
            backend:
              service: 
                name: nginx-service
                port:
                  number: 80
            pathType: ImplementationSpecific
  2. Run the following command to deploy the my-nginx application:

    kubectl apply -f my-nginx.yaml
  3. Run the following command to view the Ingress configurations:

    kubectl get ing nginx-ingress

    Expected output:

    NAME            HOSTS         ADDRESS      PORTS       AGE                                                         
    nginx-ingress   example1.com  47.**.**.53   80          8m
  4. Run the following command to access the domain name of the application in order to test the domain name resolution setting:

    curl http://example1.com

Step 2: Configure traffic mirroring in the production environment

Note

After an application is deployed in K8s Product Cluster, you need to add the traffic mirroring annotations to the Ingress.

  1. Create a file named my-nginx.yaml in K8s Product Cluster and add the following content to the file:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: nginx-deployment
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6
            imagePullPolicy: Always
            name: nginx
            ports:
            - containerPort: 80
              protocol: TCP
          restartPolicy: Always
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-service
    spec:
      ports:
      - port: 80
        protocol: TCP
        targetPort: 80
      selector:
        app: nginx
      type: NodePort
  2. Run the following command to deploy the my-nginx application:

    kubectl apply -f my-nginx.yaml
  3. Create a file named my-ingress.yaml and add the following Ingress configuration to the file.

    • Add nginx.ingress.kubernetes.io/mirror-target and set the value to ADDRESS of K8s Stage Cluster in Step 3. This annotation applies only to HTTP and HTTPS. For more information, see ingress-nginx_mirror.

    • Add nginx.ingress.kubernetes.io/mirror-host and set the value to HOSTS of K8s Stage Cluster in Step 3.

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: nginx-ingress
      annotations:
        nginx.ingress.kubernetes.io/mirror-target: "http://47.**.**.53$request_uri"  #Specify the destination address of the mirrored traffic. 
        nginx.ingress.kubernetes.io/mirror-request-body: "off"            # Request bodies are not sent to the destination. To send request bodies to the destination, delete this annotation. 
        nginx.ingress.kubernetes.io/mirror-host: "example1.com"           # Set the Host header of the mirrored traffic. 
    spec:
      rules:
      - host: example.com
        http: 
          paths:
          - path: /
            backend:
              service: 
                name: nginx-service
                port:
                  number: 80
            pathType: ImplementationSpecific
  4. Run the following command to deploy the Ingress:

    kubectl apply -f my-ingress.yaml
  5. Run the following command to view the Ingress configurations:

    kubectl get ing nginx-ingress

    Expected output:

    NAME            HOSTS          ADDRESS        PORTS     AGE                                                       
    nginx-ingress   example.com   39.**.**.54   80        1m
  6. Run the following command to check whether you can access the domain name of the application:

    curl http://example.com

Verify the configuration

Access the domain name example.com in K8s Product Cluster. After you run the following command, the output shows that requests destined for the domain name are replicated. The replicated requests are redirected to the application in K8s Stage Cluster.

kubectl -n kube-system logs --tail=0 -f nginx-ingress-controller-674c96ffbc-9mc8n

流量复制结果验证