October 11, 2019

How to Maintain Istio Service Mesh with Harness

Table of Contents

Service Mesh technology as we learned in both part one and part two are helping to usher in the latest generation of workloads but also introducing burden to teams that have not deal with directly with networking complexity before. Like any new category of software changing the paradigm of how we go about building resilient services, adoption can be overshadowed by the daunting complexity of operational needs. Don’t fear friends, Harness is here to help.

Service Mesh Adoption Cheat Sheet

Balancing the radio dials between innovation and keeping the lights on is the balance many practitioners go through in the technology world. Leveraging a Service Mesh in an example or the happy path is a great learning exercise. Though as we cross the chasm to an actual workload, complexities will certainly appear. An extremely powerful pattern in Istio is Traffic Shifting. Having the ability to apply percentages/weights to services e.g v1 and v2 of service in a traffic splitting pattern opens up the doors for a Canary Deployment. If we jog our memory back to our Kubernetes Series in attempting a Kubernetes Canary Deployment without any sort of help does take several manual steps. By leveraging the Harness software delivery platform, those complexities are made much simpler.

Supercharge with Harness

When we would most likely be touching our traffic shifting rules would be during a deployment. Orchestrating a set of KubeCTL and IstioCTL commands, maintaining the configurations, and designing for a failure e.g a rollback for those tasks certainly requires proper planning and thought. The Harness Platform with our Traffic Management support allows you to step away from the orchestration and failure complexity to focus on just the rules and outcomes themselves. Like always can watch the video or follow the blog post.

Istio and Harnes Continuous Delivery

The first item that we will need to make sure that we have Istio installed on a Kubernetes Cluster. Can refer back to part one on how to install a quick Istio install. The second item is that we have some sort of image we are deploying onto Kubernetes from Harness. In the below example we will be using Nginx headed to an awaiting Minikube destination. Assuming that the Kubernetes cluster is wired correctly to Harness, we can add traffic splitting steps to a Harness Workflow. If this is your first Harness Workflow, no worries we will create a new one here. As a basis, I created a Harness Application called “My K8s” with a Harness Service called “nginx_k8s” which is just Nginx pulled through Docker Hub.

Navigate to Setup -> Your Application -> Workflows then “+ Add Workflow”. We will call our new workflow “Istio Canary”.

Next, we can add a Deployment Phase into our Workflow. I am leveraging a pre-existing “nginx_k8s” Service which we will be deploying to Minikube.

We can add a Traffic Split into the Verify Phase with “+ Add Phase” and then under the Kubernetes column.

Can set the Weights of the Traffic Split. Potentially depending on how many Canary interactions are needed, can have multiple splits. Here I am leveraging a 20/80 split.

Let’s head back to the Harness Service definition for “nginx_k8s”. Harness can be used as a UI to fill in items that need to be sent along for configuration. Below in the manifest section, let’s add another file named istio.yaml with a basic Istio Destination Rule and Virtual Service. Harness has the ability to apply YAMLs on your behalf and we will leverage this for the “DestinationRule” and “VirtualService”.To do so, hoover over folder then with the dots select “+ Add File” and add an istio.yaml.

In the istio.yaml, let’s add the basic configurations for the Istio Destination Rule and Istio Virtual Service. We will have Workflow Variables so Harness can inject information that is needed.

Sample istio.yaml Click Save and you are good to go.Lastly can run your newly created pipeline and see your traffic split in action.Continuous Deployment -> Start New Deployment

Click submit and watch the magic!

Our 20/80 split being applied.

Harness is your best friend!

Now you are dangerous in the Istio and Service Mesh world, don’t be afraid to take the Service Mesh dip. The flexibility and robustness of the Harness continuous delivery platform can help you and your team embrace newer technology at a faster pace. Harness is your partner in operationalizing new technology as part of your continuous delivery pipeline. Cheers!-Ravi

Continuous Delivery & GitOps