istio installation in kubernetes
Istio is a modern service mesh networking layer that provides a transparent and language-independent method to quickly and flexibly automate application network functions. Its primary function is to support how microservices communicate and share data.
Install Istio
Download and extract the latest Istio version automatically.
# curl -L https://istio.io/downloadIstio | sh -
Downloading istio-1.9.2 from https://github.com/istio/istio/releases/download/1.9.2/istio-1.9.2-linux-amd64.tar.gz ...
Istio 1.9.2 Download Complete!
Istio has been successfully downloaded into the istio-1.9.2 folder on your system.
The above command downloads and installs the latest version of Istio.
Change Directories
# cd istio-1.9.2/
Using the cd command to get into the directory where Istio is extracted.
Add Path
Add the istio client to our path
# export PATH=$PWD/bin:$PATH
Configure Profile
# istioctl install --set profile=demo -y
✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete
Configure the demonstration profile.
Add Designation
# kubectl label namespace lwdefault istio-injection=enabled
namespace/lwdefault labeled
Deploy Application
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
Now, the default application will begin building pods. As each pod becomes available, the Istio sidecar will be installed alongside it. To view pod info, run the following commands.
# kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
details ClusterIP 10.104.1.213
kubernetes ClusterIP 10.96.0.1
productpage ClusterIP 10.106.51.180
ratings ClusterIP 10.101.220.148
reviews ClusterIP 10.110.84.184
# kubectl get pods
NAME READY STATUS RESTARTS AGE
details-v1-79f774bdb9-s7w27 1/1 Running 0 117s
nfs-client-provisioner-7cdc9bf95d-kvmvp 1/1 Running 1 94m
productpage-v1-6b746f74dc-k7rv8 0/1 ContainerCreating 0 114s
ratings-v1-b6994bb9-b287l 1/1 Running 0 117s
reviews-v1-545db77b95-2jkkx 0/1 ContainerCreating 0 115s
reviews-v2-7bf8c9648f-7xp9z 0/1 ContainerCreating 0 116s
reviews-v3-84779c7bbc-4sg7c 0/1 ContainerCreating 0 116s
Continue running the kubectl get pods command until all pods report as Ready 2/2 and Status Running before moving onto the next step.
Verify Service
Run the following command to check and see if the default app is running inside the cluster. It should be serving HTML pages by checking for the page title in the response.
# kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>
Allow External Traffic
Bookinfo application is now deployed but is inaccessible from the outside world. To enable external access, we need to establish an Istio Ingress Gateway. This step charts a path to a route at the edge of your mesh. Now we will associate the default application with the gateway for Istio
# kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
gateway.networking.istio.io/bookinfo-gateway created
virtualservice.networking.istio.io/bookinfo created
Next, to ensure that there are not any issues with the configuration, run this command
#istioctl analyze
✔ No validation issues found when analyzing namespace: default
Identify the Ingress IP and Ports
Use the following commands to set the ingress_host and ingress_port settings to access the gateway
#export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}')
#export SECURE_INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="https")
To ensure a port was effectively set for each environment variable, run these commands.
#echo "$INGRESS_PORT"
32194
#echo "$SECURE_INGRESS_PORT"
31632
set the IP address for ingress
#export INGRESS_HOST=$(minikube ip)
verify the IP address was assigned successfully to the environment variable, run this command.
#echo "$INGRESS_HOST"
192.168.1.102
run this command in a new terminal window. This starts a minikube tunnel that routes traffic to the Istio Ingress Gateway
#minikube tunnel
we can set the Gateway_url variable
#export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT
To ensure a port and IP address were assigned successfully to the environment variable, run this command
#echo "$GATEWAY_URL"
192.168.1.100:32194
Now we can confirm that the default Bookinfo app is externally accessible by visiting the product page in a browser. Run this command to recall the external IP address of the Bookinfo application
#echo "http://$GATEWAY_URL/productpage"
Finally, we paste the output from the earlier command into our web browser to confirm the product page displays correctly
Relevant Blogs:
canary deployment in kubernetes
Recent Comments
No comments
Leave a Comment
We will be happy to hear what you think about this post