Istio installs and deploys sample microservices

Keywords: Kubernetes istio


Prepare k8s environment in advance and download Istio installation package , I use version 1.6.14 here, and the k8s version is v1.19.8

tar zxvf istio-1.6.14-linux-amd64.tar.gz
cd istio-1.6.14/
cp bin/istioctl /usr/bin

View a list of profiles for different installation modes

istioctl profile list

You can print the contents of the configuration file (optional)

istioctl profile dump [Profile name]

Configuration installation using demo mode

[root@ istio-1.6.14]# istioctl  manifest apply --set profile=demo
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See for details.
✔ Istio core installed                                                                                                
✔ Istiod installed                                                                                                    
✔ Ingress gateways installed                                                                                          
✔ Egress gateways installed                                                                                           
✔ Addons installed                                                                                                    
✔ Installation complete 

Verify that the installation was successful

[root@ istio-1.6.14]# kubectl get pod -n istio-system
NAME                                    READY   STATUS    RESTARTS   AGE
grafana-7647cf9c74-lvbhp                1/1     Running   0          6m51s
istio-egressgateway-6999674db4-tsm28    1/1     Running   0          6m55s
istio-ingressgateway-66757b946f-qqvms   1/1     Running   0          6m55s
istio-tracing-7fcc6f5848-n99wt          1/1     Running   0          6m50s
istiod-7c966f79c4-76zl2                 1/1     Running   0          7m38s
kiali-7f575d9c4c-ndlc6                  1/1     Running   0          6m50s
prometheus-fcbb8cbdd-vdm2v              2/2     Running   0          6m50s

Temporarily expose port 20001 in port forwarding mode and enter kiali interface

kubectl port-forward --address kiali-7f575d9c4c-ndlc6 20001 -n istio-system

If you want to expose the port directly, set NodePort to expose the port

kubectl -n istio-system edit svc kiali

Change to the following figure

  - name: http-kiali
    nodePort: 32660
    port: 20001
    protocol: TCP
    targetPort: 20001
    app: kiali
  sessionAffinity: None
  type: NodePort
  loadBalancer: {}

Other services installed in istio, such as grafana and Jaeger(tracing), can also be exposed in this way

kubectl -n istio-system get svc

Run the sample microservice Bookinfo

Bookinfo - online book store

Architecture diagram:

The Bookinfo application is divided into four separate microservices. These services do not depend on Istio, but constitute a representative service grid example: it is composed of services written in multiple languages, and one application will contain multiple versions.

  • productpage will call two microservices, details and reviews, to generate pages.
  • details contains information about books.
  • reviews contain comments about books. It also calls the ratings microservice.
  • ratings contains rating information composed of book reviews.

There are three versions of reviews microservice, which can be used to show different call links between services:

  • The v1 version does not call the ratings service.
  • v2 version will call the ratings service and use 1 to 5 Black Star icons to display the rating information.
  • The v3 version calls the ratings service and uses 1 to 5 Red Star icons to display rating information.

Create namespace

kubectl create ns bookinfo

Istio] by default, Sidecar is automatically injected and the bookinfo namespace is labeled istio injection = enabled:

kubectl label ns bookinfo istio-injection=enabled

Deployment Services

kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -n bookinfo

View pod

kubectl get po -n bookinfo

Deployment gateway

kubectl apply -f  samples/bookinfo/networking/bookinfo-gateway.yaml -n bookinfo

View exposed ports

kubectl get svc -n istio-system

Visit and you can see the page

http://Host ip: port / productpage


for i in {1..100}; do curl -I http://Host ip: port / productpage/productpage; sleep 1; done

Then check kiali, grafana and Jaeger(tracing) and the data will appear. The default account password of kiali is admin

Posted by powelly on Tue, 02 Nov 2021 09:16:29 -0700