Istio(一)部署安装体验

环境信息:

组件 版本
Kubernetes 1.15.5
Istio 1.4.2
helm 2.16.1

Helm方式安装

下载对应的release版本

1
wget https://github.com/istio/istio/releases/download/1.4.2/istio-1.4.2-linux.tar.gz

解压

1
tar -xvf istio-1.4.2-linux.tar.gz

将解压后的文件客户端工具放置到/usr/local/bin目录下

1
cp istio-1.0.5/bin/istioctl /usr/local/bin/

使用helm方式安装

https://istio.io/docs/setup/install/helm/
有多种安装参数选择,我们这里使用自定义方式,需要安装一些如grafana、Jaeger、kiali、Gateway组件。

1、创建namespace

1
kubectl create namespace istio-system

2、安装和配置istio所需要的CRD

1
helm install install/kubernetes/helm/istio-init --name istio-init --namespace istio-system

3、确认CRD资源创建完成

1
kubectl -n istio-system wait --for=condition=complete job --all

4、使用Helm安装istio

1
helm install install/kubernetes/helm/istio --set kiali.enabled=true --set gateways.istio-ingressgateway.type=NodePort --set tracing.enabled=true --set grafana.enabled=true --set gateways.istio-egressgateway.type=NodePort --name istio --namespace istio-system

5、复制并使用istioclt

1
2
cp bin/istioctl /usr/bin/
chmod a+x /usr/bin/istioctl

https://istio.io/docs/setup/additional-setup/config-profiles/

安装完以后
查看deployment和service

1
2
3
4
5
6
7
8
9
10
11
12
13
kubectl get deployment -n istio-system
NAME READY UP-TO-DATE AVAILABLE AGE
grafana 1/1 1 1 2d20h
istio-citadel 1/1 1 1 2d20h
istio-galley 1/1 1 1 2d20h
istio-ingressgateway 1/1 1 1 2d20h
istio-pilot 1/1 1 1 2d20h
istio-policy 1/1 1 1 2d20h
istio-sidecar-injector 1/1 1 1 2d20h
istio-telemetry 1/1 1 1 2d20h
istio-tracing 1/1 1 1 2d20h
kiali 1/1 1 1 2d20h
prometheus 1/1 1 1 2d20h

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
kubectl get svc -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
grafana ClusterIP 10.43.187.158 <none> 3000/TCP 2d20h
istio-citadel ClusterIP 10.43.142.36 <none> 8060/TCP,15014/TCP 2d20h
istio-galley ClusterIP 10.43.124.145 <none> 443/TCP,15014/TCP,9901/TCP 2d20h
istio-ingressgateway NodePort 10.43.73.211 <none> 15020:32240/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:32216/TCP,15030:31943/TCP,15031:32118/TCP,15032:32435/TCP,15443:31343/TCP 2d20h
istio-pilot ClusterIP 10.43.72.148 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 2d20h
istio-policy ClusterIP 10.43.19.133 <none> 9091/TCP,15004/TCP,15014/TCP 2d20h
istio-sidecar-injector ClusterIP 10.43.144.147 <none> 443/TCP,15014/TCP 2d20h
istio-telemetry ClusterIP 10.43.89.78 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 2d20h
jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 2d20h
jaeger-collector ClusterIP 10.43.29.41 <none> 14267/TCP,14268/TCP,14250/TCP 2d20h
jaeger-query ClusterIP 10.43.145.48 <none> 16686/TCP 2d20h
kiali ClusterIP 10.43.215.248 <none> 20001/TCP 2d20h
prometheus ClusterIP 10.43.161.98 <none> 9090/TCP 2d20h
tracing ClusterIP 10.43.204.201 <none> 80/TCP 2d20h
zipkin ClusterIP 10.43.45.55 <none> 9411/TCP 2d20h

默认grafana、Jaeger、kiali的service是cluster-ip类型的,若需要方便外部访问,可以将其修改为nodeport类型或使用ingress对外暴露

1
2
3
4
5
6
7
8
kubectl patch svc grafana -p '{"spec": {"type": "NodePort"}}' -n istio-system
kubectl patch svc kiali -p '{"spec": {"type": "NodePort"}}' -n istio-system
kubectl patch svc kiali -p '{"spec": {"type": "NodePort"}}' -n istio-system
kubectl patch svc jaeger-query -p '{"spec": {"type": "NodePort"}}' -n istio-system

访问

grafana:在这里将prometheus收集过来的各类监控指标图表化,包含对各个后端的请求速率、访问成功率,资源使用统计等。

Kiali
kiali是一个Redhat开源的Service mesh可视化工具,它可以看见应用模块之间的拓扑图、流量走向图、健康检查状态等

Jaeger
jaeger是CNCF基金会管理项目主要用于istio中的分布式链路追踪,服务依赖分析等

卸载

1
2
3
4
helm delete --purge istio
helm delete --purge istio-init
helm delete --purge istio-cni
kubectl delete namespace istio-system

1
kubectl delete -f install/kubernetes/helm/istio-init/files

参考链接:

https://jimmysong.io/istio-handbook/setup/istio-installation.html

https://istio.io/docs/setup/install/helm/