Istio 安装

发布时间: 更新时间: 总字数:1000 阅读时间:2m 作者: IP上海 分享 网址

介绍如何安装Istio到Kubernetes环境

安装

Istio 支持多种安装方式:

  • istioctl
  • helm

istioctl 安装

  • 下载 istio 安装包
# latest version
curl -L https://istio.io/downloadIstio | sh -

# v1.14.3,本教程示例版本
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.14.3 TARGET_ARCH=x86_64 sh -
  • 解压
$ tar -zxvf istio-1.14.3-*.tar.gz
$ cd istio-1.14.3
$ tree -L 1 .
.
├── bin  # 只包含 istioctl 命令行(客户端工具)
├── LICENSE
├── manifests  # Istio 系统自身的一些配置清单
│   ├── charts
│   ├── examples
│   └── profiles  # 预定义 profile 相关配置文件
├── manifest.yaml
├── README.md
├── samples  # 示例文件
│   ├── addons  # istio 可观测性相关的插件,如 kiali、prometheus 等
│   ├── bookinfo  # 微服务应用示例
...
│   ├── sleep  # 一个示例性的客户端
...
└── tools  # 工具包

4 directories, 3 files
  • 配置客户端和环境变量(Linux & Max)
# 复制 istio 命令行客户端到
cp bin/istioctl /usr/local/bin

# or 如果不放到 /usr/local/bin 目录下,需要添加 PATH 路径
echo "export PATH=$PWD/bin:$PATH" >> ~/.bash_profile
. ~/.bash_profile

# 配置 istioctl bash-completion
cp tools/istioctl.bash ~/istioctl.bash
echo ". ~/istioctl.bash" >> ~/.bash_profile
. ~/.bash_profile

istioctl 命令

  • 查看版本
$ istioctl version
no running Istio pods in "istio-system"  # 还没有安装
1.14.3
  • 分析
istioctl analyze --help
istioctl analyze
istioctl analyze -n default
  • profile
istioctl profile list
istioctl profile dump demo > demo.yaml,导出文件中 hub: docker.io/istio 可以指定镜像源

安装 istio

什么是 profile

profile 相当于 istio 安装组件的配置清单,根据不同需求安装不同的 profile,参考 Installation Configuration Profiles 查看不同 profile 安装的组件

$ istioctl profile list
Istio configuration profiles:
    default  # 默认 profile,适用于生产环境
    demo  # 示例 profile,适用于演示目的
    empty
    external
    minimal
    openshift
    preview
    remote  # 远程集群 profile,适用于多集群架构

安装 istio 控制平面

部署 istio 控制平面,以 demo profile 为例

$ istioctl manifest install --set profile=demo -y  # 旧命令格式
$ istioctl install --set profile=demo
This will install the Istio 1.14.3 demo profile with ["Istio core" "Istiod" "Ingress gateways" "Egress gateways"] components into the cluster. Proceed? (y/N) y
✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete
Making this installation the default for injection and validation.

Thank you for installing Istio 1.14.  Please take a few minutes to tell us about your install/upgrade experience!  https://forms.gle/yEtCbt45FZ3VoDT5A
  • 默认安装到 istio-system ns 下,查看对应的资源:
kubectl -n istio-system get all

kubectl patch svc -n istio-system istio-ingressgateway -p '{"spec": {"type": "NodePort"}}'
  • 验证安装结果,确保各组件都正确部署
$ istioctl verify-install
1 Istio control planes detected, checking --revision "default" only
...
Checked 15 custom resource definitions
Checked 3 Istio Deployments
✔ Istio is installed and verified successfully

检查

  • version
$ istioctl version
client version: 1.14.3
control plane version: 1.14.3
data plane version: 1.14.3 (2 proxies)
  • resource
$ kubectl -n istio-system get all
NAME                                        READY   STATUS    RESTARTS   AGE
pod/istio-egressgateway-579dc4df64-zppq5    1/1     Running   0          13m
pod/istio-ingressgateway-679bf9454b-9zd8g   1/1     Running   0          13m
pod/istiod-8675d9c57b-zrjpq                 1/1     Running   0          33h

NAME                           TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                                                                      AGE
service/istio-egressgateway    ClusterIP   10.104.205.102   <none>        80/TCP,443/TCP                                                               13m
service/istio-ingressgateway   NodePort    10.110.24.72     <none>        15021:32370/TCP,80:31674/TCP,443:32337/TCP,31400:30713/TCP,15443:30442/TCP   13m
service/istiod                 ClusterIP   10.109.82.177    <none>        15010/TCP,15012/TCP,443/TCP,15014/TCP                                        33h

NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/istio-egressgateway    1/1     1            1           13m
deployment.apps/istio-ingressgateway   1/1     1            1           13m
deployment.apps/istiod                 1/1     1            1           33h

NAME                                              DESIRED   CURRENT   READY   AGE
replicaset.apps/istio-egressgateway-579dc4df64    1         1         1       13m
replicaset.apps/istio-ingressgateway-679bf9454b   1         1         1       13m
replicaset.apps/istiod-8675d9c57b                 1         1         1       33h
  • 导出当前安装 profile 的 yaml 文件,在 kind: Deployment 可以看到对应的容器
istioctl manifest generate --set profile=demo > demo.yaml

卸载

istioctl manifest generate --set profile=demo | kubectl delete --ignore-not-found=true -f -
# or
istioctl x uninstall --purge

kubectl delete namespace istio-system

安装 Addons

$ cd samples/addons/
$ ~/istio-1.14.3/samples/addons# tree .
.
├── extras
│   ├── prometheus-operator.yaml
│   ├── prometheus_vm_tls.yaml
│   ├── prometheus_vm.yaml
│   └── zipkin.yaml
├── grafana.yaml
├── jaeger.yaml
├── kiali.yaml
├── prometheus.yaml
└── README.md

1 directory, 9 files

# 安装所有示例
kubectl apply -f ./
kubectl apply -f kiali.yaml

# 查看安装情况
kubectl get pods -n istio-system

参考

  1. https://istio.io/latest/docs/setup/install/istioctl/
最近更新
相关文章
最新评论
Home Archives Categories Tags Statistics
本文总阅读量 次 本站总访问量 次 本站总访客数