Problem
You need safe, predictable traffic control in prod. VirtualServices + DestinationRules give version routing, timeouts/retries, and circuit breaking without touching code.
Approach
- Define versioned subsets in a
DestinationRule
. - Route via
VirtualService
with weights (canary → rollout). - Add
timeout
,retries
, and outlier detection. - Shift weights, watch metrics, then cut over.
Example (Config)
# vs-dr.yaml
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: svc
namespace: prod
spec:
host: svc.prod.svc.cluster.local
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
outlierDetection:
consecutive5xx: 5
interval: 5s
baseEjectionTime: 30s
maxEjectionPercent: 50
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: svc
namespace: prod
spec:
hosts:
- api.example.com
gateways:
- prod-gateway
http:
- match:
- uri:
prefix: "/"
timeout: 3s
retries:
attempts: 2
perTryTimeout: 1s
retryOn: 5xx,connect-failure,refused-stream,reset
route:
- destination:
host: svc.prod.svc.cluster.local
subset: v1
port:
number: 80
weight: 90
- destination:
host: svc.prod.svc.cluster.local
subset: v2
port:
number: 80
weight: 10
Verification / DoD
- Traffic split roughly matches weights during canary; full cutover works
- Subsets map to pod labels (
version: v1|v2
) and mTLS is active
Systems Note
Route by subsets, not by Deployment names. It keeps releases boring and configs stable.
References
- Istio: Traffic Management (VirtualService, DestinationRule)