Retry Policy
This guide demonstrates how to configure retry policy for a client and server application within the service mesh.
Prerequisites
- Kubernetes cluster running Kubernetes v1.19.0 or greater.
- Have
kubectlavailable to interact with the API server. - Have
fsmCLI available for managing the service mesh.
Demo
Install FSM with permissive mode and retry policy enabled.
fsm install --set=fsm.enablePermissiveTrafficPolicy=true --set=fsm.featureFlags.enableRetryPolicy=trueDeploy the
httpbinservice into thehttpbinnamespace after enrolling its namespace to the mesh. Thehttpbinservice runs on port14001.kubectl create namespace httpbin fsm namespace add httpbin kubectl apply -f https://raw.githubusercontent.com/flomesh-io/fsm-docs/release/v1.2/manifests/samples/httpbin/httpbin.yaml -n httpbinConfirm the
httpbinservice and pods are up and running.kubectl get svc,pod -n httpbinShould look similar to below
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE httpbin ClusterIP 10.96.198.23 <none> 14001/TCP 20s NAME READY STATUS RESTARTS AGE httpbin-5b8b94b9-lt2vs 2/2 Running 0 20sDeploy the
curlinto thecurlnamespace after enrolling its namespace to the mesh.kubectl create namespace curl fsm namespace add curl kubectl apply -f https://raw.githubusercontent.com/flomesh-io/fsm-docs/release/v1.2/manifests/samples/curl/curl.yaml -n curlConfirm the
curlpod is up and running.kubectl get pods -n curlShould look similar to below.
NAME READY STATUS RESTARTS AGE curl-54ccc6954c-9rlvp 2/2 Running 0 20sApply the Retry policy to retry when the
curlServiceAccount receives a5xxcode when sending a request tohttpbinService.kubectl apply -f - <<EOF kind: Retry apiVersion: policy.flomesh.io/v1alpha1 metadata: name: retry namespace: curl spec: source: kind: ServiceAccount name: curl namespace: curl destinations: - kind: Service name: httpbin namespace: httpbin retryPolicy: retryOn: "5xx" perTryTimeout: 1s numRetries: 5 retryBackoffBaseInterval: 1s EOFSend a HTTP request that returns status code
503from thecurlpod to thehttpbinservice.curl_client="$(kubectl get pod -n curl -l app=curl -o jsonpath='{.items[0].metadata.name}')" kubectl exec "$curl_client" -n curl -c curl -- curl -sI httpbin.httpbin.svc.cluster.local:14001/status/503Returned result might look like
HTTP/1.1 503 SERVICE UNAVAILABLE server: gunicorn date: Tue, 14 Feb 2023 11:11:51 GMT content-type: text/html; charset=utf-8 access-control-allow-origin: * access-control-allow-credentials: true content-length: 0 connection: keep-aliveQuery for the stats between
curltohttpbin.curl_client="$(kubectl get pod -n curl -l app=curl -o jsonpath='{.items[0].metadata.name}')" fsm proxy get stats -n curl "$curl_client" | grep upstream_rq_retryThe number of times the request from the
curlpod to thehttpbinpod was retried using the exponential backoff retry should be equal to thenumRetriesfield in the retry policy.The
upstream_rq_retry_limit_exceededstat shows the number of requests not retried because it’s more than the maximum retries allowed -numRetries.cluster.httpbin/httpbin|14001.upstream_rq_retry: 4 cluster.httpbin/httpbin|14001.upstream_rq_retry_backoff_exponential: 4 cluster.httpbin/httpbin|14001.upstream_rq_retry_backoff_ratelimited: 0 cluster.httpbin/httpbin|14001.upstream_rq_retry_limit_exceeded: 1 cluster.httpbin/httpbin|14001.upstream_rq_retry_overflow: 0 cluster.httpbin/httpbin|14001.upstream_rq_retry_success: 0Send a HTTP request that returns a non-5xx status code from the
curlpod to thehttpbinservice.curl_client="$(kubectl get pod -n curl -l app=curl -o jsonpath='{.items[0].metadata.name}')" kubectl exec "$curl_client" -n curl -c curl -- curl -sI httpbin.httpbin.svc.cluster.local:14001/status/404Returned result might look something like
HTTP/1.1 404 NOT FOUND server: gunicorn date: Tue, 14 Feb 2023 11:18:56 GMT content-type: text/html; charset=utf-8 access-control-allow-origin: * access-control-allow-credentials: true content-length: 0 connection: keep-alive
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.