Installing Istio on GKE-OP for Anthos

THIS ARTICLE IS STILL UNDER DEVELOPMENT

GKE-OP 1.1.2 supports open source Istio version 1.1.13. To perform the installation you require a user cluster to be installed and validated. The procedure of installation can be found here: https://archive.istio.io/v1.1/docs/setup/kubernetes/install/helm/

In this article we will show hot to install Istio and a simple microservice application. We will generate some traffic to that application and visualise the flows with Kiali.

The high level steps are as follows:

  • install Helm
  • deploy Istio CRDs
  • deploy Istio
  • expose Telemetry services
  • install BookInfo application

All the steps are performed from the Admin workstation

Installing Helm

Download Helm running:

curl  https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz --output helm-v2.16.1-linux-amd64.tar.gz

Unzip it, move to the bin folder and see if you can check the version

tar -zxvf helm-v2.16.1-linux-amd64.tar.gz

mv linux-amd64/helm /usr/local/bin/helm

Helm version

Install CRDs

helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -

Setup Kiali password

KIALI_USERNAME=$(read -p 'Kiali Username: ' uval && echo -n $uval | base64)

KIALI_PASSPHRASE=$(read -sp 'Kiali Passphrase: ' pval && echo -n $pval | base64)

when prompted pass the username and password

cat <<EOF | kubectl apply -f –

apiVersion: v1

kind: Secret

metadata:

  name: kiali

  namespace: $NAMESPACE

  labels:

    app: kiali

type: Opaque

data:

  username: $KIALI_USERNAME

  passphrase: $KIALI_PASSPHRASE

EOF

Install Istio using the the demo pattern – this icludes Kiali, Grafana and Jeagger.

helm template install/kubernetes/helm/istio --name istio --namespace istio-system \ --values install/kubernetes/helm/istio/values-istio-demo.yaml | kubectl apply -f -

Check that services are running

kubectl get service -n istio-system

kubectl get pods -n istio-system

Edit the Istio ingress gateway to assing IP address the Istio Gateway.

kubectl edit svc -n istio-system istio-ingressgateway

add

spec:

 loadBalancerIP: <IP_Address>

Check that IP is assigned

kubectl get service -n istio-system

Expose Kiali service

For reference you can use: https://istio.io/docs/tasks/observability/gateways/

cat <<EOF | kubectl apply -f –

apiVersion: networking.istio.io/v1alpha3

kind: Gateway

metadata:

  name: kiali-gateway

  namespace: istio-system

spec:

  selector:

    istio: ingressgateway

  servers:

  – port:

      number: 15029

      name: http-kiali

      protocol: HTTP

    hosts:

    – „*”

apiVersion: networking.istio.io/v1alpha3

kind: VirtualService

metadata:

  name: kiali-vs

  namespace: istio-system

spec:

  hosts:

  – „*”

  gateways:

  – kiali-gateway

  http:

  – match:

    – port: 15029

    route:

    – destination:

        host: kiali

        port:

          number: 20001

apiVersion: networking.istio.io/v1alpha3

kind: DestinationRule

metadata:

  name: kiali

  namespace: istio-system

spec:

  host: kiali

  trafficPolicy:

    tls:

      mode: DISABLE

EOF

Connect to Kiali http://172.16.15.111:15029/kiali/

Deploy the application

kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)


watch kubectl get pods


kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

Skomentuj

Wprowadź swoje dane lub kliknij jedną z tych ikon, aby się zalogować:

Logo WordPress.com

Komentujesz korzystając z konta WordPress.com. Wyloguj /  Zmień )

Zdjęcie na Google

Komentujesz korzystając z konta Google. Wyloguj /  Zmień )

Zdjęcie z Twittera

Komentujesz korzystając z konta Twitter. Wyloguj /  Zmień )

Zdjęcie na Facebooku

Komentujesz korzystając z konta Facebook. Wyloguj /  Zmień )

Połączenie z %s