Traffic mirroring – Implementing Traffic Management, Security, and Observability with Istio-1
Traffic mirroring, also called shadowing, is a concept that has recently gained traction. It is a powerful approach that allows you to assess your releases in a production environment without posing any risk to your end users.
Traditionally, many enterprises maintained a staging environment that closely mimicked the production setup. The Ops team deployed new releases to the staging environment in this setup while testers generated synthetic traffic to simulate real-world usage. This approach provided a means for teams to evaluate how the code would perform in the production environment, assessing its functional and non-functional aspects before promoting it to production. The staging environment served as the ground for performance, volumetric, and operational acceptance testing. While this approach had its merits, it was not without its challenges. Maintaining static test environments, which involved substantial costs and resources, was one of them. Creating and sustaining a replica of the production environment required a team of engineers, leading to high overhead.
Moreover, synthetic traffic often deviated from real live traffic since the former relied on historical data, while the latter reflected current user interactions. This discrepancy occasionally led to overlooked scenarios.
On the other hand, traffic mirroring offers a solution that similarly enables operational acceptance testing while going a step further. It allows you to conduct this testing using live, real-time traffic without any impact on end users.
Here’s how traffic mirroringoperates:
- Deploy a new version of the application and activate traffic mirroring.
- The old version continues to respond to requests as usual but concurrently sends an asynchronous copy of the traffic to the new version.
- The new version processes the mirrored traffic but refrains from responding to end users.
- The ops team monitors the behavior of the new version and reports any issues to the development team.
This process is depicted in the following figure:
Figure 15.9 – Traffic mirroring
Traffic mirroring revolutionizes the testing process by enabling teams to uncover issues that might remain hidden in a traditional staging environment. Additionally, you can utilize monitoring tools such as Prometheus and Grafana to record and monitor the outcomes of your testing efforts, enhancing the overall quality and reliability of your releases.
Now, without further ado, let’s configure traffic mirroring for ourratings service. Traffic mirroring is managed through the VirtualService resource, so let’s modify the ratings virtual service to the following:
…
http:
route:
destination:
host: ratings
subset: v1
weight: 100
mirror:
host: ratings
subset: v2
mirror_percent: 100
In this configuration, we set up a single destination targeting v1 with a weight value of 100. Additionally, we defined a mirror section that directs traffic toratings:v2 with a mirror_ percent value of 100. This signifies that all traffic initially routed toratings:v1 is mirrored and simultaneously sent to v2.
Let’s commit the changes and push them to the remote repository using the following commands:
$ cp ~/modern-devops/ch15/traffic-management/virtual-services-mirroring.yaml \
virtual-services.yaml
$ git add –all
$ git commit -m “Mirror traffic”
$ git push
Leave a Reply