istio installation in kubernetes

Istio

Istio is a modern service mesh networking layer that provides a transparent and language-independent method to quickly and flexibly automate application network functions. Its primary function is to support how microservices communicate and share data.

Install Istio

Download and extract the latest Istio version automatically.

# curl -L https://istio.io/downloadIstio | sh -

Downloading istio-1.9.2 from https://github.com/istio/istio/releases/download/1.9.2/istio-1.9.2-linux-amd64.tar.gz ...

Istio 1.9.2 Download Complete!

Istio has been successfully downloaded into the istio-1.9.2 folder on your system.

The above command downloads and installs the latest version of Istio.

Change Directories

# cd istio-1.9.2/

Using the cd command to get into the directory where Istio is extracted.

Add Path

Add the istio client to our path

# export PATH=$PWD/bin:$PATH

Configure Profile

# istioctl install --set profile=demo -y

✔ Istio core installed

✔ Istiod installed

✔ Egress gateways installed

✔ Ingress gateways installed

✔ Installation complete  

Configure the demonstration profile.

Add Designation

# kubectl label namespace lwdefault istio-injection=enabled

namespace/lwdefault labeled

Deploy Application

# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml

 service/details created

 serviceaccount/bookinfo-details created

 deployment.apps/details-v1 created

 service/ratings created

 serviceaccount/bookinfo-ratings created

 deployment.apps/ratings-v1 created

 service/reviews created

 serviceaccount/bookinfo-reviews created

 deployment.apps/reviews-v1 created

 deployment.apps/reviews-v2 created

 deployment.apps/reviews-v3 created

 service/productpage created

 serviceaccount/bookinfo-productpage created

 deployment.apps/productpage-v1 created

Now, the default application will begin building pods. As each pod becomes available, the Istio sidecar will be installed alongside it. To view pod info, run the following commands.

# kubectl get services

NAME          TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE

details          ClusterIP   10.104.1.213            9080/TCP   44s

kubernetes    ClusterIP   10.96.0.1                443/TCP    104m

productpage   ClusterIP   10.106.51.180       9080/TCP   43s

ratings          ClusterIP   10.101.220.148       9080/TCP   44s

reviews       ClusterIP   10.110.84.184           9080/TCP   43s

# kubectl get pods

NAME                                      READY   STATUS              RESTARTS   AGE

details-v1-79f774bdb9-s7w27               1/1     Running             0          117s

nfs-client-provisioner-7cdc9bf95d-kvmvp   1/1     Running             1          94m

productpage-v1-6b746f74dc-k7rv8           0/1     ContainerCreating   0          114s

ratings-v1-b6994bb9-b287l                 1/1     Running             0          117s

reviews-v1-545db77b95-2jkkx               0/1     ContainerCreating   0          115s

reviews-v2-7bf8c9648f-7xp9z               0/1     ContainerCreating   0          116s

reviews-v3-84779c7bbc-4sg7c               0/1     ContainerCreating   0          116s

Continue running the kubectl get pods command until all pods report as Ready 2/2 and Status Running before moving onto the next step.

Verify Service

Run the following command to check and see if the default app is running inside the cluster. It should be serving HTML pages by checking for the page title in the response.

# kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"

<title>Simple Bookstore App</title>

Allow External Traffic

Bookinfo application is now deployed but is inaccessible from the outside world. To enable external access, we need to establish an Istio Ingress Gateway. This step charts a path to a route at the edge of your mesh. Now we will associate the default application with the gateway for Istio

# kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

gateway.networking.istio.io/bookinfo-gateway created

virtualservice.networking.istio.io/bookinfo created

Next, to ensure that there are not any issues with the configuration, run this command

#istioctl analyze

✔ No validation issues found when analyzing namespace: default

Identify the Ingress IP and Ports

Use the following commands to set the ingress_host and ingress_port settings to access the gateway

#export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}')

#export SECURE_INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="https")   

To ensure a port was effectively set for each environment variable, run these commands.

#echo "$INGRESS_PORT"

32194

#echo "$SECURE_INGRESS_PORT"

31632

set the IP address for ingress

#export INGRESS_HOST=$(minikube ip)

verify the IP address was assigned successfully to the environment variable, run this command.

#echo "$INGRESS_HOST"

192.168.1.102

run this command in a new terminal window. This starts a minikube tunnel that routes traffic to the Istio Ingress Gateway

#minikube tunnel

we can set the Gateway_url variable

#export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT

To ensure a port and IP address were assigned successfully to the environment variable, run this command

#echo "$GATEWAY_URL"

192.168.1.100:32194

Now we can confirm that the default Bookinfo app is externally accessible by visiting the product page in a browser. Run this command to recall the external IP address of the Bookinfo application

#echo "http://$GATEWAY_URL/productpage"

Finally, we paste the output from the earlier command into our web browser to confirm the product page displays correctly




Relevant Blogs:

canary deployment in kubernetes  

Dockerfile

Nagios installation and configuration

Basics of Jenkins

Recent Comments

No comments

Leave a Comment