Google Kubernetes Engine

Google offers an add-on for GKE,which you can use instead of installing Istio manually.To determine if the add-on is right for you, refer to Istio on GKEfor more information.

Follow these instructions to prepare a GKE cluster for Istio.

To enable SDS in Istio, use Kubernetes 1.13 or above.

  • Create a new cluster.
  1. $ gcloud container clusters create <cluster-name> \
  2.   --cluster-version latest \
  3.   --machine-type=n1-standard-2 \
  4.   --num-nodes 4 \
  5.   --zone <zone> \
  6.   --project <project-id>

The default installation of Mixer requires nodes with >1 vCPU. If you areinstalling with thedemo configuration profile,you can remove the —machine-type argument to use the smaller n1-standard-1 machine size instead.

To use the Istio CNI feature, thenetwork-policyGKE feature must be enabled in the cluster. Use the —enable-network-policy flag inthe gcloud container clusters create command.

  • Retrieve your credentials for kubectl.
  1. $ gcloud container clusters get-credentials <cluster-name> \
  2.     --zone <zone> \
  3.     --project <project-id>
  • Grant cluster administrator (admin) permissions to the current user. Tocreate the necessary RBAC rules for Istio, the current user requires adminpermissions.
  1. $ kubectl create clusterrolebinding cluster-admin-binding \
  2.     --clusterrole=cluster-admin \
  3.     --user=$(gcloud config get-value core/account)