? k8s ?    2020-04-07 11:42:30    539    0    0
gua_l   ? k8s ?




Flagger是Kubernetes公司的运营商,该公司使用Istio、Linkerd、App Mesh、NGINX、等高线或Gloo路由来自动提升canary部署,并使用Prometheus指标进行canary分析。canary分析可以通过webhook进行扩展,以运行验收测试、负载测试或任何其他自定义验证。



flagger 可以通过配置一个名为canary的自定义资源,将Kubernetes工作负载的发布过程自动化。

A canary resource can target a Kubernetes Deployment or DaemonSet.

Kubernetes Deployment example:

Based on the above configuration, Flagger generates the following Kubernetes objects:

  • deployment/<targetRef.name>-primary

  • hpa/<autoscalerRef.name>-primary

Flagger will detect changes to the target deployment (including secrets and configmaps) and will perform a canary analysis before promoting the new version as primary.

If the target deployment uses secrets and/or configmaps, Flagger will create a copy of each object using the -primary prefix and will reference these objects in the primary deployment、

Note that the target deployment must have a single label selector in the format



A canary analysis is triggered by changes in any of the following objects:

  • Deployment PodSpec (container image, command, ports, env, resources, etc)


ConfigMaps mounted as volumes or mapped to environment variables


Secrets mounted as volumes or mapped to environment variables


Builtin metrics

Flagger comes with two builtin metric checks: HTTP request success rate and duration.

Prometheus queries.


The canary analysis can be extended with webhooks. Flagger will call each webhook URL and determine from the response status code (HTTP 2xx) if the canary is failing or not.

There are several types of hooks:

  • confirm-rollout hooks are executed before scaling up the canary deployment and can be used for manual approval.

    The rollout is paused until the hook returns a successful HTTP status code.

  • pre-rollout hooks are executed before routing traffic to canary.

    The canary advancement is paused if a pre-rollout hook fails and if the number of failures reach the

    threshold the canary will be rollback.

  • rollout hooks are executed during the analysis on each iteration before the metric checks.

    If a rollout hook call fails the canary advancement is paused and eventfully rolled back.

  • confirm-promotion hooks are executed before the promotion step.

    The canary promotion is paused until the hooks return HTTP 200.

    While the promotion is paused, Flagger will continue to run the metrics checks and rollout hooks.

  • post-rollout hooks are executed after the canary has been promoted or rolled back.

    If a post rollout hook fails the error is logged.

  • rollback hooks are executed while a canary deployment is in either Progressing or Waiting status.

    This provides the ability to rollback during analysis or while waiting for a confirmation. If a rollback hook

    returns a successful HTTP status code, Flagger will stop the analysis and mark the canary release as failed.

  • event hooks are executed every time Flagger emits a Kubernetes event. When configured,

    every action that Flagger takes during a canary deployment will be sent as JSON via an HTTP POST request.



Flagger requires a Kubernetes cluster v1.11 or newer and Istio v1.0 or newer.

Pre: ConfigMap

Next: common-password 设置密码复杂度

Sign in to leave a comment.
No Leanote account? Sign up now.
Table of content