This time we'll talk about "Canary Deployment with Traefik". You'll learn what Canary Deployment is and why we should do it in the first place. You'll also have the chance to see a technical live demo.
⚙ Jakub Hajek is going to present a cluster built using K3S (Kubernetes light version), on which he will do Traefik deployment version 2.x and a test application. Then, we will release a newer version and check how we can control the traffic between different versions of the application, deployed in one environment.
2. ▸ I am the owner and technical consultant - working for
Cometari
▸ I’ve been system admin since 1998
▸ Cometari is a solutions company implementing DevOps
culture and providing consultancy, workshops and software
services.
▸ Our expertise are DevOps, Elastic Stack - log analysis
INTRODUCTION
3. “I strongly believe that implementing DevOps culture, across
the entire organisation, should provide measurable value and
solve the real issue rather than generate a new one.”
Jakub Hajek, Cometari
4. The aim of this presentation is to show how you can implement
canary deployment with Traefik and K3S.
7. A FEW TRAEFIK’S 2.X KEY FEATURES
▸ ROUTER= frontend, SERVICE=backend, MIDDLEWARE=rules
▸ TCP support
▸ Kubernetes CRD
▸ Fully customisable routes via middleware, which can be reused on many routers
▸ YAML, TOML is still good
▸ A new dashboard with web UI
▸ Canary deployment with Service Load balancer
▸ Network traffic Mirroring with Service Load balancer
▸ Consul catalog
10. K3S
▸ A lightweight certified Kubernetes
▸ One single binary
▸ Reduced dependencies and steps needed to provision working
environment
▸ It was designed for IoT - works great on Raspberry PI
▸ works perfectly on cheap vm’s
▸ The install process is straightforward to have fully fledged
cluster
12. KUBERNETES INGRESS PROVIDER
▸ Traefik can be used as an another ingress provider
▸ Configuration is done via (lots of) annotations
13. KUBERNETES CRD AND AVAILABLE CUSTOM RESOURCES
▸ Ingressroute - HTTP routing - http router
▸ Middleware - tweaks the HTTP before they are sent to a
service - HTTP Middleware
▸ TraefikService - abstraction for HTTP LB/mirroring
▸ IngressRouteTCP - TCP routing - TCP router
▸ TLSOptions - TLS connection parameters
https://docs.traefik.io/routing/providers/kubernetes-crd/
16. CANARY DEPLOYMENT
▸ Deployment vs Release
▸ Instead of switching to new version in one step, we use a phased
approach
▸ We deploy a new app in a small part of the production
infrastructure
▸ Only a few users (1%) are routed to the newest version (Release)
▸ With no errors reported, the new version can be released to the
rest of the infrastructure.
19. MIRRORING OR LIVE TRAFFIC SHADOW
▸ Understand difference between Deployment vs Release
▸ Deployment brings new code to the production,
no production traffic yet!
▸ Run smoke, integration tests to make sure that new
deployment has no impact to your users
▸ Release brings live traffic to a deployment.
▸ We can shadow live traffic to the new deployment and
reduce the risk of failure.
25. DEMO SCENARIOS
▸ Web UI to see how services are deployed
▸ Example of Canary deployment
▸ Example of Mirroring configuration
26. A FEW BENEFITS OF CANARY DEPLOYMENT
▸ Traefik provides flexible way to proceed with canary (K8S, K3S,
Swarm)
▸ Reduce time to market
▸ Canary deployment allows you validate your application in real
production environment
▸ Rolling out releases
▸ No need to maintain a lot of staging / testing environments