From 77ba28e91cf70cddadc39b6ca8aa399e2a76e66a Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Mon, 25 Mar 2019 09:41:56 +0200 Subject: [PATCH 1/4] Use App Mesh install script --- .../install/flagger-install-on-eks-appmesh.md | 58 ++++--------------- 1 file changed, 10 insertions(+), 48 deletions(-) diff --git a/docs/gitbook/install/flagger-install-on-eks-appmesh.md b/docs/gitbook/install/flagger-install-on-eks-appmesh.md index 19552fa81..b91ae868a 100644 --- a/docs/gitbook/install/flagger-install-on-eks-appmesh.md +++ b/docs/gitbook/install/flagger-install-on-eks-appmesh.md @@ -97,39 +97,21 @@ kubectl -n kube-system top pods ### Install the App Mesh components -Clone the config repo: +Run the App Mesh installer: ```bash -git clone https://github.com/stefanprodan/appmesh-eks -cd appmesh-eks +curl -fsSL https://git.io/get-app-mesh-eks.sh | bash - ``` -Create the `appmesh-system` namespace: +The installer will do the following: -```bash -kubectl apply -f /namespaces/appmesh-system.yaml -``` - -Deploy the App Mesh Kubernetes CRDs and controller: - -```bash -kubectl apply -f ./operator/ -``` - -Install the App Mesh sidecar injector in the `appmesh-system` namespace: - -```bash -./injector/install.sh -``` - -The above script generates a certificate signed by Kubernetes CA, -registers the App Mesh mutating webhook and deploys the injector. - -Create a mesh called global in the `appmesh-system` namespace: - -```bash -kubectl apply -f ./appmesh/global.yaml -``` +* creates the `appmesh-system` namespace +* generates a certificate with openssl signed by Kubernetes CA +* registers the App Mesh mutating webhook +* deploys the App Mesh webhook +* deploys the App Mesh CRDs +* deploys the App Mesh controller +* creates a mesh called `global` in the `appmesh-system` namespace Verify that the global mesh is active: @@ -201,23 +183,3 @@ You can access Grafana using port forwarding: kubectl -n appmesh-system port-forward svc/flagger-grafana 3000:80 ``` -### Install the load tester - -Flagger comes with an optional load testing service that generates traffic -during canary analysis when configured as a webhook. - -Create a test namespace with sidecar injector enabled: - -```bash -kubectl apply -f ./namespaces/test.yaml -``` - -Deploy the load test runner with Helm: - -```bash -helm upgrade -i flagger-loadtester flagger/loadtester \ ---namespace=test \ ---set meshName=global.appmesh-system \ ---set backends[0]=frontend.test \ ---set backends[1]=backend.test -``` From 3c4253c336eaad5915384d414eaa93408963bbc5 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Mon, 25 Mar 2019 14:59:55 +0200 Subject: [PATCH 2/4] Docs fixes --- docs/gitbook/install/flagger-install-on-eks-appmesh.md | 10 +++++----- docs/gitbook/usage/appmesh-progressive-delivery.md | 8 +++++++- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/docs/gitbook/install/flagger-install-on-eks-appmesh.md b/docs/gitbook/install/flagger-install-on-eks-appmesh.md index b91ae868a..6250bbf5f 100644 --- a/docs/gitbook/install/flagger-install-on-eks-appmesh.md +++ b/docs/gitbook/install/flagger-install-on-eks-appmesh.md @@ -23,11 +23,11 @@ Prerequisites: ### Create a Kubernetes cluster -In order to create an EKS cluster you can use [eksctl](https://eksctl.io). -Eksctl is an open source command-line utility made by Weaveworks in collaboration with Amazon, +In order to create an EKS cluster you can use [EKSctl](https://eksctl.io). +EKSctl is an open source command-line utility made by Weaveworks in collaboration with Amazon, it's written in Go and is based on EKS CloudFormation templates. -On MacOS you can install eksctl with Homebrew: +On MacOS you can install EKSctl with Homebrew: ```bash brew tap weaveworks/tap @@ -126,8 +126,8 @@ Status: ### Install Prometheus -In order to expose the App Mesh metrics to Flagger, -you'll need to use Prometheus to scrapes the Envoy sidecars. +In order to collect the App Mesh metrics that Flagger needs to run the canary analysis, +you'll need to setup a Prometheus instance to scrape the Envoy sidecars. Deploy Prometheus in the `appmesh-system` namespace: diff --git a/docs/gitbook/usage/appmesh-progressive-delivery.md b/docs/gitbook/usage/appmesh-progressive-delivery.md index 4690a72f3..4d849f66c 100644 --- a/docs/gitbook/usage/appmesh-progressive-delivery.md +++ b/docs/gitbook/usage/appmesh-progressive-delivery.md @@ -9,7 +9,7 @@ You'll need an EKS cluster configured with App Mesh, you can find the install gu Flagger takes a Kubernetes deployment and optionally a horizontal pod autoscaler (HPA), then creates a series of objects (Kubernetes deployments, ClusterIP services, App Mesh virtual nodes and services). These objects expose the application on the mesh and drive the canary analysis and promotion. -The only App Mesh object you need to creat by yourself is the mesh resource. +The only App Mesh object you need to create by yourself is the mesh resource. Create a mesh called `global` in the `appmesh-system` namespace: @@ -162,6 +162,12 @@ kubectl -n test describe svc/ingress | grep Ingress LoadBalancer Ingress: yyy-xx.us-west-2.elb.amazonaws.com ``` +Wait for the ELB to become active: + +```bash + watch curl -sS ${INGRESS_URL} +``` + Open your browser and navigate to the ingress address to access podinfo UI. ### Automated canary promotion From 0ea76b986a319f6646e8d57abad087ed481b11cc Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Mon, 25 Mar 2019 15:00:23 +0200 Subject: [PATCH 3/4] Prevent the CRD from being removed by Helm --- charts/flagger/templates/crd.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/flagger/templates/crd.yaml b/charts/flagger/templates/crd.yaml index f00e2b087..81eae5b8e 100644 --- a/charts/flagger/templates/crd.yaml +++ b/charts/flagger/templates/crd.yaml @@ -3,6 +3,8 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: canaries.flagger.app + annotations: + helm.sh/resource-policy: keep spec: group: flagger.app version: v1alpha3 From 2c5ad0bf8f0e33ef2087781f20641b00d32e2606 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Mon, 25 Mar 2019 15:00:57 +0200 Subject: [PATCH 4/4] Disable App Mesh ingress for load tester --- charts/loadtester/templates/deployment.yaml | 2 ++ charts/loadtester/templates/service.yaml | 2 +- charts/loadtester/templates/virtual-node.yaml | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/loadtester/templates/deployment.yaml b/charts/loadtester/templates/deployment.yaml index 49c5d99c8..75a91abe1 100644 --- a/charts/loadtester/templates/deployment.yaml +++ b/charts/loadtester/templates/deployment.yaml @@ -16,6 +16,8 @@ spec: metadata: labels: app: {{ include "loadtester.name" . }} + annotations: + appmesh.k8s.aws/ports: "444" spec: containers: - name: {{ .Chart.Name }} diff --git a/charts/loadtester/templates/service.yaml b/charts/loadtester/templates/service.yaml index 70d1accad..02e8e94ae 100644 --- a/charts/loadtester/templates/service.yaml +++ b/charts/loadtester/templates/service.yaml @@ -13,6 +13,6 @@ spec: - port: {{ .Values.service.port }} targetPort: http protocol: TCP - name: http + name: 8080 selector: app: {{ include "loadtester.name" . }} diff --git a/charts/loadtester/templates/virtual-node.yaml b/charts/loadtester/templates/virtual-node.yaml index bb74d4fca..2853de717 100644 --- a/charts/loadtester/templates/virtual-node.yaml +++ b/charts/loadtester/templates/virtual-node.yaml @@ -12,7 +12,7 @@ spec: meshName: {{ .Values.meshName }} listeners: - portMapping: - port: 80 + port: 444 protocol: http serviceDiscovery: dns: