Use MOSN as an Istio data plane

MOSN v1.0.0 succeeded in the Bookinfo test for Istio 1.10.6. For more information about the support from the latest version of Istio, see .

This topic covers the following content:

  • Relationship between MOSN and Istio
  • Instructions on how to build the Istio proxyv2 image with MOSN
  • Istio deployment with MOSN
  • Bookinfo test

As described in the , MOSN is a service mesh data plane proxy developed in Golang.

The following figure shows the operating principle of MOSN in Istio.

The operating system described in this topic is MacOS, and the Istio version is 1.10.6. If you are using anither OS, there may be some differences. If only the MOSN code changes, you can also use the MOSN-only update method to build the proxyv2 image. Usually, you do not need to build a proxyv2 image, use the image provided by us is ok. , for example, docker pull mosnio/proxyv2:v1.0.0-1.10.6.

Build proxyv2 image with source code. (On MacOS and Istio 1.10.6)

  1. Download the istio source code, and checkout to the target version.
  1. Istio will load wasm by default. To simplify, we need to comment out this part of the code. see details in istio-diff

  2. Build a MOSN binary. You can use the make command provided by MOSN project to build a binary on linux. As the same time, since we are using MacOS, we also need to compile a MacOS binary.

  3. Tar the binary compiled by the step 2, the file path should be usr/local/bin.

  1. cd ${MOSN Project Path}
  2. mkdir -p usr/local/bin
  3. make build # build mosn binary on linux
  4. cp build/bundles/${MOSN VERSION}/binary/mosn usr/local/bin
  5. tar -zcvf mosn.tar.gz usr/local/bin/mosn
  6. cp mosn.tar.gz mosn-centos.tar.gz # copy a renamed tar.gz file
  7. make build-local # build mosn binary on macos
  8. cp build/bundles/${MOSN VERSION}/binary/mosn usr/local/bin
  9. tar -zcvf mosn-macos.tar.gz usr/local/bin/mosn
  1. Upload the mosn-macos.tar.gz mosn-centos.tar.gz mosn.tar.gz to a store serivce that can be accessed, if you do not have one, you can use Go to build a simple service in your local system.
  1. func main() {
  2. address := "" // an address can be reached when proxyv2 image build. for example, 0.0.0.0:8080
  3. filespath := "" // where the .tar.gz files stored.
  4. http.ListenAndServe(address, http.FileServer(http.Dir(filespath)))
  1. Build proxyv2 images, with some ENV
  1. address=$1 # your download service address
  2. export ISTIO_ENVOY_VERSION=$2 # MOSN Version, can be any value.
  3. export ISTIO_ENVOY_RELEASE_URL=http://$address/mosn.tar.gz
  4. export ISTIO_ENVOY_CENTOS_RELEASE_URL=http://$address/mosn-centos.tar.gz
  5. export ISTIO_ENVOY_MACOS_RELEASE_URL=http://$address/mosn-macos.tar.gz
  6. export ISTIO_ENVOY_MACOS_RELEASE_NAME=mosn-$2 # can be any value
  7. export SIDECAR=mosn
  8. make clean # clean the cache
  9. make docker.proxyv2 \
  10. SIDECAR=$SIDECAR \
  11. ISTIO_ENVOY_RELEASE_URL=$ISTIO_ENVOY_RELEASE_URL \
  12. ISTIO_ENVOY_CENTOS_RELEASE_URL=$ISTIO_ENVOY_CENTOS_RELEASE_URL \
  13. ISTIO_ENVOY_MACOS_RELEASE_URL=$ISTIO_ENVOY_MACOS_RELEASE_URL \
  14. ISTIO_ENVOY_MACOS_RELEASE_NAME=$ISTIO_ENVOY_MACOS_RELEASE_NAME
  1. Retag the new image, and push it to your docker hub.

Update MOSN binary in the proxyv2 image.

  1. Build the MOSN binary
  1. cd ${MOSN Project Path}
  2. make build # build mosn binary on linux
  1. Write a DOCKERFILE, and build a new image
  1. FROM mosnio/proxyv2:v1.0.0-1.10.6
  2. COPY build/bundles/${MOSN VERSION}/binary/mosn /usr/local/bin/mosn
  1. docker build --no-cache --rm -t ${your image tag}
  1. Push the new image to your docker hub.

kubectl is the Kubernetes command-line tool, allows you to run commands against Kubernetes clusters. How to install it, see details in kubectl install.

Install Kubernetes Platform

How to prepare various Kubernetes platforms before installing Istio, see details in Platform Setup. We use minikube later.

  1. Download istio release version, you can find it in Istio release, or use bash command
  1. VERSION=1.10.6 # istio version
  2. export ISTIO_VERSION=$VERSION && curl -L https://istio.io/downloadIstio | sh -
  1. Checkout to the path, add the istioctl to PATH environment variable.
  1. cd istio-$ISTIO_VERSION/
  2. export PATH=$PATH:$(pwd)/bin
  1. create istio namespace, set MOSN proxyv2 image as sidecar image
  1. Verify the installation
  1. kubectl get pod -n istio-system
  2. NAME READY STATUS RESTARTS AGE
  3. istio-ingressgateway-6b7fb88874-rgmrj 1/1 Running 0 102s
  4. istiod-65c9767c55-vjppv 1/1 Running 0 109s

If all pods in the istio-system namespace are running, the deployment succeeds.

MOSN v1.0.0 succeeded in the Bookinfo test for Istio 1.10.6. You can alsoe use MOSN with Istio to run the Bookinfo test. More test cases see Istio [Example]((). If you have any questions, please contact us issue, code contributions are welcome too.

Bookinfo introduction

The application displays information about a book, similar to a single catalog entry of an online book store. Displayed on the page is a description of the book, book details (ISBN, number of pages, and so on), and a few book reviews. The Bookinfo application is broken into four separate microservices:

  • productpage. The productpage microservice calls the details and reviews microservices to populate the page.
  • reviews. The reviews microservice contains book reviews. It also calls the ratings microservice.
  • ratings. The ratings microservice contains book ranking information that accompanies a book review.

bookinfo

Deploy Bookinfo and inject MOSN

Use kube-inject way to inject MOSN

  1. istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml > bookinfo.yaml
  2. # sed -i '' is the MacOS command, if you are in linux, use sed -i instead.
  3. sed -i '' "s/\/usr\/local\/bin\/envoy/\/usr\/local\/bin\/mosn/g" ./bookinfo.yaml

Deploy Bookinfo app:

  1. $ kubectl apply -f bookinfo.yaml

Verify whether the deployment succeeds

  1. $ kubectl get services
  2. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  3. details ClusterIP 192.168.248.118 <none> 9080/TCP 5m7s
  4. kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 25h
  5. productpage ClusterIP 192.168.204.255 <none> 9080/TCP 5m6s
  6. reviews ClusterIP 192.168.181.16 <none> 9080/TCP 5m6s

Wait until all pods are running

  1. $ kubectl get pods
  2. NAME READY STATUS RESTARTS AGE
  3. details-v1-77497b4899-67gfn 2/2 Running 0 98s
  4. productpage-v1-68d9cf459d-mv7rh 2/2 Running 0 97s
  5. ratings-v1-65f97fc6c5-npcrz 2/2 Running 0 98s
  6. reviews-v1-6bf4444fcc-9cfrw 2/2 Running 0 97s
  7. reviews-v2-54d95c5444-5jtxp 2/2 Running 0 97s
  8. reviews-v3-dffc77d75-jd8cr 2/2 Running 0 97s

Check Bookinfo is working properly

  1. kubectl exec -it $(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}') -c ratings -- curl productpage:9080/productpage | grep -o "<title>.*</title>"

Access Bookinfo services

Enable the gateway mode.

  1. $ kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
  2. $ kubectl get gateway
  3. NAME AGE
  4. bookinfo-gateway 6s

Set GATEWAY_URL. For details, go to doc

  1. $ export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}')
  2. $ export INGRESS_HOST=$(minikube ip)
  3. $ export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT

Check whether the gateway takes effect.

View the page

Go to http://$GATEWAY_URL/productpage (replace $GATEWAY_URL with your address). The Bookinfo page is shown as follows after you refresh it. Three versions of Book Reviews are available. The three versions will be displayed in turn when you refresh the page. For more information, go to samples/bookinfo/platform/kube/bookinfo.yaml.

Page v1

Page v2

v2

Page v3

Create a series of destination rules for Bookinfo services.

  1. $ kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml

Specify access to only v1 of the Book Reviews service.

  1. $ kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml

Go to http://$GATEWAY_URL/productpage. You will find that book reviews are now fixed to be displayed on page v1.

Verify routing by weight in MOSN

Allocate 50% of the traffic to v1 and v3 each.

  1. $ kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml

Go to http://$GATEWAY_URL/productpage. You will find that page v1 and page v3 are displayed with a possibility of 50% each.

The Bookinfo page provides a login entry in the upper-right corner. After you log in, your request will carry the end-user custom field, the value of which is the user name. MOSN supports routing by the value of this header. For example, route user Jason to v2 and others to v1. (The username and password are both jason. For the reason of using this user account, check the corresponding YAML file).

  1. $ kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml

When you go to http://$GATEWAY_URL/productpage:

Page v2 will be displayed if you log in as Jason.

Login

Page v1 will be displayed if you log in as other users.

Uninstall Bookinfo

  1. $ sh samples/bookinfo/platform/kube/cleanup.sh

Make sure Bookinfo is uninstalled

  1. $ kubectl get virtualservices #-- there should be no virtual services
  2. $ kubectl get destinationrules #-- there should be no destination rules
  3. $ kubectl get gateway #-- there should be no gateway
  4. $ kubectl get pods #-- the Bookinfo pods should be deleted

Make sure Istio is uninstalled

  1. $ kubectl get namespace istio-system

Last modified December 2, 2022: Bump tar from 4.4.8 to 4.4.19 in /themes/docsy/userguide (942c999)