Container Service for Kubernetes:Use an Ingress controller to mirror network traffic

Use scenarios

Traffic mirroring can be used in the following scenarios:

• Production workload simulation:

  Before you make important changes to a system or release new features, you must run stress tests to assess the stability of the system. In most cases, production workloads are simulated in a staging environment to test the stability of a new system before the system is released. However, the actual loads are difficult to estimate because the system may receive both normal and abnormal network traffic. To resolve this issue, you can mirror network traffic from applications that are deployed in the production environment to the staging environment. Then, you can simulate the production workloads in the staging environment.

• Troubleshooting:

  When a system deployed in a production environment encounters a performance bottleneck and you cannot locate the cause, you can mirror the network traffic of the system to a staging environment. This way, you can troubleshoot errors in the staging environment.

In this example, an ACK cluster named K8s Product Cluster resides in a production environment and an ACK cluster named K8s Stage Cluster resides in a staging environment.

Preparations

To mirror 100% production traffic from K8s Product Cluster to the application in K8s Stage Cluster, replicate all requests destined for example.com and redirect them to example1.com.

Step 1: Deploy an application in the staging environment

1. Create a file named my-nginx.yaml in K8s Stage Cluster and add the following content to the file.

   Note

   You need only to deploy an application in K8s Stage Cluster to receive the mirrored traffic. Do no change the configuration of the cluster.

   apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6 imagePullPolicy: Always name: nginx ports: - containerPort: 80 protocol: TCP restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: nginx-service spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: nginx type: NodePort --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-ingress spec: rules: - host: example1.com http: paths: - path: / backend: service: name: nginx-service port: number: 80 pathType: ImplementationSpecific

2. Run the following command to deploy the my-nginx application:

   kubectl apply -f my-nginx.yaml

3. Run the following command to view the Ingress configurations:

   kubectl get ing nginx-ingress

   Expected output:

   NAME HOSTS ADDRESS PORTS AGE nginx-ingress example1.com 47.**.**.53 80 8m

4. Run the following command to access the domain name of the application in order to test the domain name resolution setting:

   curl http://example1.com

Step 2: Configure traffic mirroring in the production environment

1. Create a file named my-nginx.yaml in K8s Product Cluster and add the following content to the file:

   apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6 imagePullPolicy: Always name: nginx ports: - containerPort: 80 protocol: TCP restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: nginx-service spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: app: nginx type: NodePort

2. Run the following command to deploy the my-nginx application:

   kubectl apply -f my-nginx.yaml

3. Create a file named my-ingress.yaml and add the following Ingress configuration to the file.

   • Add nginx.ingress.kubernetes.io/mirror-target and set the value to ADDRESS of K8s Stage Cluster in Step 3. This annotation applies only to HTTP and HTTPS. For more information, see ingress-nginx_mirror.

   • Add nginx.ingress.kubernetes.io/mirror-host and set the value to HOSTS of K8s Stage Cluster in Step 3.

   apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-ingress annotations: nginx.ingress.kubernetes.io/mirror-target: "http://47.**.**.53$request_uri" #Specify the destination address of the mirrored traffic. nginx.ingress.kubernetes.io/mirror-request-body: "off" # Request bodies are not sent to the destination. To send request bodies to the destination, delete this annotation. nginx.ingress.kubernetes.io/mirror-host: "example1.com" # Set the Host header of the mirrored traffic. spec: rules: - host: example.com http: paths: - path: / backend: service: name: nginx-service port: number: 80 pathType: ImplementationSpecific

4. Run the following command to deploy the Ingress:

   kubectl apply -f my-ingress.yaml

5. Run the following command to view the Ingress configurations:

   kubectl get ing nginx-ingress

   Expected output:

   NAME HOSTS ADDRESS PORTS AGE nginx-ingress example.com 39.**.**.54 80 1m

6. Run the following command to check whether you can access the domain name of the application:

   curl http://example.com

Verify the configuration

Access the domain name example.com in K8s Product Cluster. After you run the following command, the output shows that requests destined for the domain name are replicated. The replicated requests are redirected to the application in K8s Stage Cluster.

kubectl -n kube-system logs --tail=0 -f nginx-ingress-controller-674c96ffbc-9mc8n