root@user:/opt/servicemesh_in_practise/HTTP-Connection-Manager/fault-injection# cat README.md
# HTTP Request Mirror Demo
### 环境说明
##### Envoy Mesh使用的网络: 172.31.62.0/24
##### 四个Service:
- envoy:Front Proxy,地址为172.31.62.10
- 3个后端服务
- service_blue:对应于Envoy中的blue_abort集群,带有abort故障注入配置
- service_red:对应于Envoy中的red_delay集群,带有delay故障注入配置
- service_green:对应于Envoy中的"green集群
##### 使用的abort配置
```
http_filters:
- name: envoy.filters.http.fault
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault
max_active_faults: 100
abort:
http_status: 503
percentage:
numerator: 10 # 向10%的请求注入503中断
denominator: HUNDRED
```
##### 使用的delay配置
```
http_filters:
- name: envoy.filters.http.fault
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFault
max_active_faults: 100
delay:
fixed_delay: 10s
percentage:
numerator: 10 # 向10%的请求注入10秒钟的延迟
denominator: HUNDRED
```
### 运行和测试
1. 创建并运行容器
```
docker-compose up
```
2. 测试注入的delay故障
```
# 反复向/service/red发起多次请求,被注入延迟的请求,会有较长的响应时长;
curl -w"@curl_format.txt" -o /dev/null -s "http://172.31.62.10/service/red"
#被后端Envoy注入了delay的请求,将被Front-Envoy响应以类似如下内容:
time_namelookup: 0.000054
time_connect: 0.000261
time_appconnect: 0.000000
time_pretransfer: 0.000349
time_redirect: 0.000000
time_starttransfer: 10.007628
----------
time_total: 10.007820
```
3. 测试注入的abort故障
```
# 反复向/service/blue发起多次请求,被注入中断的请求,则响应以503代码;
curl -o /dev/null -w '%{http_code}\n' -s "http://172.31.62.10/service/blue"
```
4. 发往/service/green的请求,将无故障注入
5. 发往/的请求,会被调度至red_delay、blue_abort和green三个集群,它们有的可能被延迟、有的可能被中断;
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat docker-compose.yaml
version: '3'
services:
front-envoy:
image: envoyproxy/envoy-alpine:v1.11.2
volumes:
- ./front-envoy.yaml:/etc/envoy/envoy.yaml
networks:
- envoymesh
expose:
# Expose ports 80 (for general traffic) and 9901 (for the admin server)
- "80"
- "9901"
service_blue:
image: ikubernetes/servicemesh-app:latest
volumes:
- ./service-envoy-fault-injection-abort.yaml:/etc/envoy/envoy.yaml
networks:
envoymesh:
aliases:
- service_blue
- colored
environment:
- SERVICE_NAME=blue
expose:
- "80"
service_green:
image: ikubernetes/servicemesh-app:latest
networks:
envoymesh:
aliases:
- service_green
- colored
environment:
- SERVICE_NAME=green
expose:
- "80"
service_red:
image: ikubernetes/servicemesh-app:latest
volumes:
- ./service-envoy-fault-injection-delay.yaml:/etc/envoy/envoy.yaml
networks:
envoymesh:
aliases:
- service_red
- colored
environment:
- SERVICE_NAME=red
expose:
- "80"
networks:
envoymesh: {}
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat front-envoy.yaml
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- address:
socket_address:
address: 0.0.0.0
port_value: 80
name: listener_http
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
codec_type: auto
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: backend
domains:
- "*"
routes:
- match:
prefix: "/service/blue"
route:
cluster: blue_abort
- match:
prefix: "/service/red"
route:
cluster: red_delay
- match:
prefix: "/service/green"
route:
cluster: green
- match:
prefix: "/"
route:
cluster: mycluster
http_filters:
- name: envoy.router
clusters:
- name: red_delay
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: red_delay
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service_red
port_value: 80
- name: blue_abort
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: blue_abort
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service_blue
port_value: 80
- name: green
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: green
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: service_green
port_value: 80
- name: mycluster
connect_timeout: 0.25s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: mycluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: colored
port_value: 80
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy-fault-injection-abort.yaml
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
codec_type: auto
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: service
domains:
- "*"
routes:
- match:
prefix: "/"
route:
cluster: local_service
http_filters:
- name: envoy.fault
config:
abort:
http_status: 503
percentage:
numerator: 10
denominator: HUNDRED
- name: envoy.router
config: {}
clusters:
- name: local_service
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy-fault-injection-delay.yaml
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
codec_type: auto
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: service
domains:
- "*"
routes:
- match:
prefix: "/"
route:
cluster: local_service
http_filters:
- name: envoy.fault
config:
delay:
type: fixed
fixed_delay: 10s
percentage:
numerator: 10
denominator: HUNDRED
- name: envoy.router
config: {}
clusters:
- name: local_service
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# cat service-envoy.yaml
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 9901
static_resources:
listeners:
- address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
codec_type: auto
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: service
domains:
- "*"
routes:
- match:
prefix: "/"
route:
cluster: local_service
http_filters:
- name: envoy.router
typed_config: {}
clusters:
- name: local_service
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
root@user:/opt/servicemesh_in_practise/HTTP-Connection-Manager/fault-injection# curl -w"@curl_format.txt" -o /dev/null -s "http://172.20.0.3/service/red"
time_namelookup: 0,000018
time_connect: 0,000209
time_appconnect: 0,000000
time_pretransfer: 0,000255
time_redirect: 0,000000
time_starttransfer: 10,009607
----------
time_total: 10,009683
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# curl -o /dev/null -w '%{http_code}\n' -s "http://172.20.0.2/service/blue"
200
root@user:~/hub/servicemesh_in_practise/http-connection-manager/fault-injection# curl -o /dev/null -w '%{http_code}\n' -s "http://172.20.0.2/service/blue"
503