部署 Online Boutique 範例應用程式
本指南說明如何安裝 Online Boutique 範例應用程式,以示範 Cloud Service Mesh。如需佈建 Cloud Service Mesh,請參閱佈建指南。
下載及部署範例
如要部署應用程式,您必須先使用 kpt 從 anthos-service-mesh-packages 存放區下載線上精品店資訊清單。anthos-service-mesh-packages 存放區中的 Online Boutique 範例應用程式,是從 microservices-demo 存放區中的原始資訊清單組合修改而來。根據最佳做法,每項服務都會在個別命名空間中部署,並使用專屬的服務帳戶。
如果尚未安裝
kpt,請先完成這項程序:gcloud components install kpt使用
kpt下載範例:kpt pkg get \ https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages.git/samples/online-boutique \ online-boutique預期的輸出內容:
Package "online-boutique": Fetching https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages@main From https://github.com/GoogleCloudPlatform/anthos-service-mesh-packages * branch main -> FETCH_HEAD Adding package "samples/online-boutique". Fetched 1 package(s).請前往
online-boutique目錄:cd online-boutique建立應用程式的命名空間:
kubectl apply -f kubernetes-manifests/namespaces預期輸出內容:
namespace/ad created namespace/cart created namespace/checkout created namespace/currency created namespace/email created namespace/frontend created namespace/loadgenerator created namespace/payment created namespace/product-catalog created namespace/recommendation created namespace/shipping created將範例部署至叢集。
建立服務帳戶和部署作業:
kubectl apply -f kubernetes-manifests/deployments預期輸出內容:
serviceaccount/ad created deployment.apps/adservice created serviceaccount/cart created deployment.apps/cartservice created serviceaccount/checkout created deployment.apps/checkoutservice created serviceaccount/currency created deployment.apps/currencyservice created serviceaccount/email created deployment.apps/emailservice created serviceaccount/frontend created deployment.apps/frontend created serviceaccount/loadgenerator created deployment.apps/loadgenerator created serviceaccount/payment created deployment.apps/paymentservice created serviceaccount/product-catalog created deployment.apps/productcatalogservice created serviceaccount/recommendation created deployment.apps/recommendationservice created serviceaccount/shipping created deployment.apps/shippingservice created建立服務:
kubectl apply -f kubernetes-manifests/services預期輸出內容:
service/adservice created service/cartservice created service/checkoutservice created service/currencyservice created service/emailservice created service/frontend created service/frontend-external created service/paymentservice created service/productcatalogservice created service/recommendationservice created service/shippingservice created建立服務項目:
kubectl apply -f istio-manifests/allow-egress-googleapis.yaml預期輸出內容:
serviceentry.networking.istio.io/allow-egress-googleapis created serviceentry.networking.istio.io/allow-egress-google-metadata created
啟用補充自動注入功能
將預設的插入標籤套用至應用程式命名空間。
for ns in ad cart checkout currency email frontend loadgenerator \ payment product-catalog recommendation shipping; do kubectl label namespace $ns istio-injection=enabled --overwrite done;預期輸出內容:
namespace/ad labeled namespace/cart labeled namespace/checkout labeled namespace/currency labeled namespace/email labeled namespace/frontend labeled namespace/loadgenerator labeled namespace/payment labeled namespace/product-catalog labeled namespace/recommendation labeled namespace/shipping labeled如果您使用的是代管 Cloud Service Mesh,且已部署選用的代管資料層,請按以下方式標記應用程式命名空間:
for ns in ad cart checkout currency email frontend loadgenerator \ payment product-catalog recommendation shipping; do kubectl annotate --overwrite namespace $ns mesh.cloud.google.com/proxy='{"managed":"true"}' done;重新啟動 Pod:
for ns in ad cart checkout currency email frontend loadgenerator \ payment product-catalog recommendation shipping; do kubectl rollout restart deployment -n ${ns} done;預期輸出內容:
deployment.apps/adservice restarted deployment.apps/cartservice restarted deployment.apps/checkoutservice restarted deployment.apps/currencyservice restarted deployment.apps/emailservice restarted deployment.apps/frontend restarted deployment.apps/loadgenerator restarted deployment.apps/paymentservice restarted deployment.apps/productcatalogservice restarted deployment.apps/recommendationservice restarted deployment.apps/shippingservice restarted
公開及存取應用程式
您將應用程式公開到邊界網格外的方式,取決於您是否已部署輸入閘道。您可以選擇使用 Istio 輸入閘道或使用 Kubernetes 服務來公開應用程式。
使用入口閘道
如果您已按照前置條件的說明,在叢集中部署了入口閘道,請按照下列步驟操作,使用閘道公開應用程式。
為前端服務部署
Gateway和VirtualServicekubectl apply -f istio-manifests/frontend-gateway.yaml預期輸出內容:
gateway.networking.istio.io/frontend-gateway created virtualservice.networking.istio.io/frontend-ingress created取得入口閘道的外部 IP 位址。將預留位置替換為下列資訊:
GATEWAY_SERVICE_NAME:入口網關服務的名稱。如果您部署的是未經修改的範例閘道,或是部署了預設的入口閘道,名稱會是
istio-ingressgateway。GATEWAY_NAMESPACE:部署入口網關的命名空間。如果您部署了預設的入口網關,命名空間就是
istio-system。
kubectl get service GATEWAY_SERVICE_NAME -n GATEWAY_NAMESPACE輸出結果會與下列內容類似:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE istio-ingressgateway LoadBalancer 10.19.247.233 35.239.7.64 80:31380/TCP,443:31390/TCP,31400:31400/TCP 27m在這個範例中,Ingress Gateway 的 IP 位址為
35.239.7.64。在瀏覽器中前往應用程式,確認安裝狀態:
http://EXTERNAL_IP/
沒有輸入閘道
如果您未部署入口網關,或選擇使用 Kubernetes 服務公開應用程式,請執行下列步驟:
部署
LoadBalancer類型的服務,以公開前端服務kubectl apply -f frontend-external.yaml找出
frontend-external服務的外部 IP 位址:kubectl get service frontend-external -n frontend在瀏覽器中前往應用程式,確認安裝狀態:
http://EXTERNAL_IP/
您可以在 Google Cloud 控制台中探索 Cloud Service Mesh 的可觀察性功能。請注意,拓撲圖最多可能需要 10 分鐘才會顯示網格中的服務。
清除所用資源
在刪除 Online Boutique 之前,建議您先完成Cloud Service Mesh 範例:mTLS,該範例會使用範例。探索完畢後,請使用下列指令移除 Online Boutique 範例:
刪除應用程式命名空間:
kubectl delete -f kubernetes-manifests/namespaces預期輸出內容:
namespace "ad" deleted namespace "cart" deleted namespace "checkout" deleted namespace "currency" deleted namespace "email" deleted namespace "frontend" deleted namespace "loadgenerator" deleted namespace "payment" deleted namespace "product-catalog" deleted namespace "recommendation" deleted namespace "shipping" deleted刪除服務項目:
kubectl delete -f istio-manifests/allow-egress-googleapis.yaml預期輸出內容:
serviceentry.networking.istio.io "allow-egress-googleapis" deleted serviceentry.networking.istio.io "allow-egress-google-metadata" deleted