micro
develop
develop
  • Micro Starter Kit
  • Features
  • Getting Started
    • Why
    • Prerequisites
    • Installation
    • Makefile
  • Concepts
    • Introduction
    • Configuration
    • State
    • Select
  • Advanced
    • Dependency Injection
    • Logging
    • Error Handling
    • Life-cycle
    • Git Flow
    • Git Ops
    • mTLS
    • Release
    • Release Process
    • Pub Sub
    • Troubleshooting
  • Modules
    • Commands
      • Demo
    • Services
      • Account
      • Emailer
      • Greeter
      • Recorder
  • DevOps
    • Docker
    • KinD
    • Istio
  • Testing
    • Intro
    • Mock
    • Bloom RPC
  • Recipes
    • Authentication
    • Caching
    • Health Checks
    • Performance Testing
    • Dynamic Plugins
    • Immutability Helpers
    • Style Guide
    • Unit Testing
  • Community
    • Resources
    • Contributors
    • Contributing
  • Change Log
  • FAQ
Powered by GitBook
On this page
  • Install
  • Profiles
  • Setup
  • Verify
  • Enable
  • Access
  • Uninstall
  • Reference

Was this helpful?

  1. DevOps

Istio

Install

brew install istioctl
Optionally souce below file to enable auto-completion
. /Users/schintha/Developer/Apps/istio-1.5.1/tools/_istioctl
$ istioctl proxy-<TAB>
proxy-config proxy-status

Profiles

To see list of available profiles

istioctl profile list
# Display the configuration of a profile
istioctl profile dump demo
istioctl profile dump --config-path components.pilot demo
# Show differences in profiles
istioctl profile diff default demo
# Generateing a manifest before installation
istioctl manifest generate > generated-manifest.yaml

Setup

# setup Istio into your kubernetes cluster
$ istioctl manifest apply --set profile=demo
# To enable the Grafana dashboard on top of the default profile
$ istioctl manifest apply --set addonComponents.grafana.enabled=true

Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT
- Applying manifest for component Base...
✔ Finished applying manifest for component Base.
- Applying manifest for component Pilot...
✔ Finished applying manifest for component Pilot.
Waiting for resources to become ready...
- Applying manifest for component EgressGateways...
- Applying manifest for component IngressGateways...
- Applying manifest for component AddonComponents...
✔ Finished applying manifest for component EgressGateways.
✔ Finished applying manifest for component IngressGateways.
✔ Finished applying manifest for component AddonComponents.

✔ Installation complete

Verify

kubectl get svc -n istio-system
kubectl get pods -n istio-system
# verify generated
istioctl manifest generate <your original installation options> > $HOME/generated-manifest.yaml
istioctl verify-install -f $HOME/generated-manifest.yaml

Enable

Add a namespace label to instruct Istio to automatically inject Envoy sidecar proxies when you deploy your application later:

switch on/off istio for default namespace

kubectl label namespace default istio-injection=enabled
kubectl get namespace -L istio-injection
# Disabling injection for the `default` namespace
kubectl label namespace default istio-injection-

if you want to exclude a specific pod from getting istio sidecar injected, add this to Deployment kind

metadata:
  annotations:
  sidecar.istio.io/inject: "false"

Access

istioctl dashboard kiali
open http://localhost:20001/kiali/console
# admin : admin
istioctl dashboard Jaeger
open  http://localhost:15032

Get an overview of your mesh

istioctl proxy-status

Uninstall

istioctl manifest generate --set profile=demo | kubectl delete -f -

Reference

PreviousKinDNextTesting

Last updated 5 years ago

Was this helpful?

For this installation, we use the demo

configuration profile
kiali
Jaeger
https://istio.io/docs/setup/getting-started/