标签：created istio TCP Istio kiali bookinfo k8s

一. Istio安装

1. 下载Istio发布包

wget https://github.com/istio/istio/releases/download/1.17.1/istioctl-1.17.1-osx-arm64.tar.gz

下载成功后，解压安装包：

tar -zxvf istioctl-1.17.1-osx-arm64.tar.gz

将istioctl客户端添加到系统可执行路径

cd istioctl-1.17.1
export PATH=$PWD/bin:$PATH

2. 执行安装istio命令

这里使用istioctl命令执行安装命令，具体如下：

istioctl install --set profile=demo

这里"--set profile=demo"表示安装一个istio测试环境！成功安装后的信息输出如下：

✔ Istio core installed                                                                                                                                                                                                                  
  Processing resources for Istiod. Waiting for Deployment/istio-system/istiod                                                                                                                                                           
- Processing resources for Istiod. Waiting for Deployment/istio-system/istiod                                                                                                                                                           

✔ Istiod installed                                                                                                                                                                                                                      
✔ Ingress gateways installed                                                                                                                                                                                                            
✔ Egress gateways installed                                                                                                                                                                                                             
✔ Installation complete                                                                                                                                                                                                                 Making this installation the default for injection and validation.

安装成功，可以通过kubectl命令查看istio相关组件是否已经安装在Kubernetes环境之中：

ZBMAC-655b32453 k8s-yaml % kubectl get pods  -n istio-system
NAME                                   READY   STATUS    RESTARTS   AGE
istio-egressgateway-774d6846df-95r9t   1/1     Running   0          10m
istio-ingressgateway-69499dc-kgdxk     1/1     Running   0          10m
istiod-65dcb8497-6qrfb                 1/1     Running   0          14m

此时可以看到istio的核心组件istiod，以及入口网关ingressgateway、出口网关egressgateway已经成功以Service资源的方式运行在了Kuberntes集群之中！

3. 默认命名空间开启自动注入EnvoySidecar 

这是一个关键的步骤，如果我们的微服务应用未来是默认部署在k8s的default命名空间，那么在安装istio是需要开启该空间的Sidecar自动注入功能。这是我们前面提到每启动一个微服务应用，k8s就会默认在相同的Pod中自动启动一个代理进程的关键设置！

$ kubectl label namespace default istio-injection=enabled
namespace/default labeled

4. Istio可观测性部署

Kiali是一个基于服务网格的Istio管理控制台，它提供了一些数据仪表盘和可观测能力，同时也可以让我们去操作网格的配置。使用如下方式快速部署一个用于演示的book，命令如下：

% kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml 
service/details created
serviceaccount/bookinfo-details createdapi/                   platform/                      src/                           
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created

创建gateway，生成一个gateway的crd

% kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml 
gateway.networking.istio.io/bookinfo-gateway created
virtualservice.networking.istio.io/bookinfo created

 

由于前面安装istio时，我们并没有在istio-system空间开启自动注入Sidecar(其label istio-injection=disabled)，这里为了在k8s集群之外正常访问Kiali、Prometheus、Granfana、Tracing的控制面板（它们共同组成了Service Mesh的可观测体系），可以通过nodePort的方式对外暴露端口。

 % kubectl get svc  -n istio-system                                  
NAME                   TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)                                                                      AGE
istio-egressgateway    ClusterIP      10.20.107.155   <none>        80/TCP,443/TCP                                                               28m
istio-ingressgateway   LoadBalancer   10.20.16.101    <pending>     15021:31915/TCP,80:31608/TCP,443:31154/TCP,31400:31632/TCP,15443:30874/TCP   28m
istiod                 ClusterIP      10.20.63.74     <none>        15010/TCP,15012/TCP,443/TCP,15014/TCP                                        32m

将LoadBalancer访问修改node访问模式

kubectl edit svc istio-ingressgateway -n istio-system
type: NodePort

 

Kiali是一个基于服务网格的Istio管理控制台，它提供了一些数据仪表盘和可观测能力，同时也可以让我们去操作网格的配置。使用如下方式快速部署一个用于演示的Kiali，命令如下：

istio-1.17.1 %  kubectl apply -f samples/addons
serviceaccount/grafana created
configmap/grafana created
service/grafana created
deployment.apps/grafana created
configmap/istio-grafana-dashboards created
configmap/istio-services-grafana-dashboards created
deployment.apps/jaeger created
service/tracing created
service/zipkin created
service/jaeger-collector created
serviceaccount/kiali created
configmap/kiali created
clusterrole.rbac.authorization.k8s.io/kiali-viewer created
clusterrole.rbac.authorization.k8s.io/kiali created
clusterrolebinding.rbac.authorization.k8s.io/kiali created
role.rbac.authorization.k8s.io/kiali-controlplane created
rolebinding.rbac.authorization.k8s.io/kiali-controlplane created
service/kiali created
deployment.apps/kiali created
serviceaccount/prometheus created
configmap/prometheus created
clusterrole.rbac.authorization.k8s.io/prometheus created
clusterrolebinding.rbac.authorization.k8s.io/prometheus created
service/prometheus created
deployment.apps/prometheus created

其中具体会安装部署Promethues、Grafana、Zipkin等指标及链路采集服务！因为安装的组件比较多，也比较耗费资源，如果集群资源不是很充足，可能会出现启动比较慢的情况。如果正常部署成功，可以查看Pod状态，命令如下：

istio-1.17.1 % kubectl get pod -n istio-system -o wide
NAME                                   READY   STATUS             RESTARTS   AGE     IP            NODE       NOMINATED NODE   READINESS GATES
grafana-69f9b6bfdc-67n4c               0/1     Running            0          4m40s   10.10.1.227   node01     <none>           <none>
istio-egressgateway-774d6846df-95r9t   1/1     Running            0          40m     10.10.0.194   master01   <none>           <none>
istio-ingressgateway-69499dc-kgdxk     1/1     Running            0          40m     10.10.0.193   master01   <none>           <none>
istiod-65dcb8497-6qrfb                 1/1     Running            0          44m     10.10.0.167   master01   <none>           <none>
jaeger-cc4688b98-lb9z2                 0/1     ImagePullBackOff   0          4m40s   10.10.1.228   node01     <none>           <none>
kiali-594965b98c-spxch                 1/1     Running            0          4m39s   10.10.1.229   node01     <none>           <none>
prometheus-5f84bbfcfd-r4grm            2/2     Running            0          4m38s   10.10.1.230   node01     <none>           <none>

打开控制台

 istioctl dashboard kiali

 

 

 

标签：created,istio,TCP,Istio,kiali,bookinfo,k8s
From： https://www.cnblogs.com/wanghhhh/p/17240038.html