Quick Start Evaluation Install

This guide installs Istio’s built-in demo configuration profile.This installation lets you quickly evaluate Istio in a Kubernetes cluster on any platform.

The demo configuration profile is not suitable for performance evaluation. Itis designed to showcase Istio functionality with high levels of tracing andaccess logging.

To install Istio for production use, we recommend using theInstalling with istioctl guideinstead, which provides many more options for selecting and managing the Istioconfiguration. This permits customization of Istio to operator specificrequirements.

Prerequisites

Install the demo profile

  1. $ istioctl manifest apply --set profile=demo

Verifying the installation

  • Ensure the following Kubernetes services are deployed and verify they all have an appropriate CLUSTER-IP except the jaeger-agent service:
  1. $ kubectl get svc -n istio-system
  2. NAME                     TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                                                                                                                                      AGE
  3. grafana                  ClusterIP      172.21.211.123   <none>          3000/TCP                                                                                                                                     2m
  4. istio-citadel            ClusterIP      172.21.177.222   <none>          8060/TCP,15014/TCP                                                                                                                           2m
  5. istio-egressgateway      ClusterIP      172.21.113.24    <none>          80/TCP,443/TCP,15443/TCP                                                                                                                     2m
  6. istio-galley             ClusterIP      172.21.132.247   <none>          443/TCP,15014/TCP,9901/TCP                                                                                                                   2m
  7. istio-ingressgateway     LoadBalancer   172.21.144.254   52.116.22.242   15020:31831/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:30318/TCP,15030:32645/TCP,15031:31933/TCP,15032:31188/TCP,15443:30838/TCP   2m
  8. istio-pilot              ClusterIP      172.21.105.205   <none>          15010/TCP,15011/TCP,8080/TCP,15014/TCP                                                                                                       2m
  9. istio-policy             ClusterIP      172.21.14.236    <none>          9091/TCP,15004/TCP,15014/TCP                                                                                                                 2m
  10. istio-sidecar-injector   ClusterIP      172.21.155.47    <none>          443/TCP,15014/TCP                                                                                                                            2m
  11. istio-telemetry          ClusterIP      172.21.196.79    <none>          9091/TCP,15004/TCP,15014/TCP,42422/TCP                                                                                                       2m
  12. jaeger-agent             ClusterIP      None             <none>          5775/UDP,6831/UDP,6832/UDP                                                                                                                   2m
  13. jaeger-collector         ClusterIP      172.21.135.51    <none>          14267/TCP,14268/TCP                                                                                                                          2m
  14. jaeger-query             ClusterIP      172.21.26.187    <none>          16686/TCP                                                                                                                                    2m
  15. kiali                    ClusterIP      172.21.155.201   <none>          20001/TCP                                                                                                                                    2m
  16. prometheus               ClusterIP      172.21.63.159    <none>          9090/TCP                                                                                                                                     2m
  17. tracing                  ClusterIP      172.21.2.245     <none>          80/TCP                                                                                                                                       2m
  18. zipkin                   ClusterIP      172.21.182.245   <none>          9411/TCP                                                                                                                                     2m

If your cluster is running in an environment that does notsupport an external load balancer (e.g., minikube), theEXTERNAL-IP of istio-ingressgateway will say<pending>. To access the gateway, use the service’sNodePort, or use port-forwarding instead.

  • Ensure corresponding Kubernetes pods are deployed and have a STATUS of Running:
  1. $ kubectl get pods -n istio-system
  2. NAME                                                           READY   STATUS      RESTARTS   AGE
  3. grafana-f8467cc6-rbjlg                                         1/1     Running     0          1m
  4. istio-citadel-78df5b548f-g5cpw                                 1/1     Running     0          1m
  5. istio-cleanup-secrets-release-1.1-20190308-09-16-8s2mp         0/1     Completed   0          2m
  6. istio-egressgateway-78569df5c4-zwtb5                           1/1     Running     0          1m
  7. istio-galley-74d5f764fc-q7nrk                                  1/1     Running     0          1m
  8. istio-grafana-post-install-release-1.1-20190308-09-16-2p7m5    0/1     Completed   0          2m
  9. istio-ingressgateway-7ddcfd665c-dmtqz                          1/1     Running     0          1m
  10. istio-pilot-f479bbf5c-qwr28                                    2/2     Running     0          1m
  11. istio-policy-6fccc5c868-xhblv                                  2/2     Running     2          1m
  12. istio-security-post-install-release-1.1-20190308-09-16-bmfs4   0/1     Completed   0          2m
  13. istio-sidecar-injector-78499d85b8-x44m6                        1/1     Running     0          1m
  14. istio-telemetry-78b96c6cb6-ldm9q                               2/2     Running     2          1m
  15. istio-tracing-69b5f778b7-s2zvw                                 1/1     Running     0          1m
  16. kiali-99f7467dc-6rvwp                                          1/1     Running     0          1m
  17. prometheus-67cdb66cbb-9w2hm                                    1/1     Running     0          1m

Deploy your application

You can now deploy your own application or one of the sample applicationsprovided with the installation like Bookinfo.

The application must use either the HTTP/1.1 or HTTP/2.0 protocols for all its HTTPtraffic; HTTP/1.0 is not supported.

When you deploy your application using kubectl apply,the Istio sidecar injectorwill automatically inject Envoy containers into yourapplication pods if they are started in namespaces labeled with istio-injection=enabled:

  1. $ kubectl label namespace <namespace> istio-injection=enabled
  2. $ kubectl create -n <namespace> -f <your-app-spec>.yaml

In namespaces without the istio-injection label, you can useistioctl kube-injectto manually inject Envoy containers in your application pods before deployingthem:

  1. $ istioctl kube-inject -f <your-app-spec>.yaml | kubectl apply -f -

Uninstall

The uninstall deletes the RBAC permissions, the istio-system namespace, andall resources hierarchically under it. It is safe to ignore errors fornon-existent resources because they may have been deleted hierarchically.

  1. $ istioctl manifest generate --set profile=demo | kubectl delete -f -

相关内容

Demystifying Istio's Sidecar Injection Model

De-mystify how Istio manages to plugin its data-plane components into an existing deployment.

Diagnose your Configuration with Istioctl Analyze

Shows you how to use istioctl analyze to identify potential issues with your configuration.

Docker Desktop

在 Docker Desktop 中运行 Istio 的设置说明。

Getting Started

Download, install, and try out Istio.

Google Kubernetes Engine

Set up a multicluster mesh over two GKE clusters.

Helm Changes

Details the Helm chart installation options differences between Istio 1.2 and Istio 1.3.