istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updates to the doc after verifying the example with latest v1.1 build (#3109)

This commit is contained in:
Yossi Mesika 2019-01-21 17:45:55 +02:00 committed by istio-bot
parent 8a9d5cb92b
commit 004c301160
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
content/docs/examples/multicluster/split-horizon-eds/index.md
View File

@ -81,6 +81,7 @@ This will be used to access the `local` pilot securely using the ingress gateway
--set security.selfSigned=false \
--set mixer.telemetry.enabled=false \
--set mixer.policy.enabled=false \
--set global.useMCP=false \
--set global.controlPlaneSecurityEnabled=true \
--set gateways.istio-egressgateway.enabled=false \
--set global.meshExpansion.enabled=true \
@ -92,7 +93,7 @@ This will be used to access the `local` pilot securely using the ingress gateway
{{< text bash >}}
$ kubectl create --context=$CTX_LOCAL ns istio-system
$ kubectl create --context=$CTX_LOCAL secret generic cacerts -n istio-system --from-file=samples/certs/ca-cert.pem --from-file=samples/certs/ca-key.pem --from-file=samples/certs/root-cert.pem --from-file=samples/certs/cert-chain.pem
$ kubectl apply --context=$CTX_LOCAL -f install/kubernetes/helm/istio/templates/crds.yaml
$ helm install install/kubernetes/helm/istio-init --name istio-init
$ kubectl create --context=$CTX_LOCAL -f istio-auth.yaml
{{< /text >}}
@ -131,6 +132,7 @@ This will be used to access the `local` pilot securely using the ingress gateway
--set global.proxy.envoyStatsd.enabled=false \
--set global.disablePolicyChecks=true \
--set global.policyCheckFailOpen=true \
--set global.useMCP=false \
--set gateways.istio-ingressgateway.env.ISTIO_META_NETWORK="network2" \
--set global.network="network2" > istio-remote-auth.yaml
{{< /text >}}
@ -345,21 +347,21 @@ We will call the `helloworld.sample` service from another in-mesh `sleep` servic
1. Call the `helloworld.sample` service several times:
{{< text bash >}}
$ kubectl exec --context=$CTX_LOCAL -it -n sample sleep-57f9d6fd6b-q4k4h -- curl helloworld.sample:5000/hello
$ kubectl exec --context=$CTX_LOCAL -it -n sample $(kubectl get pod --context=$CTX_LOCAL -n sample -l app=sleep -o jsonpath={.items[0].metadata.name}) -- curl helloworld.sample:5000/hello
{{< /text >}}
If set up correctly, the traffic to the `helloworld.sample` service will be distributed between the local and the remote instances
resulting in responses with either `v1` or `v2` in the body:
{{< text bash >}}
$ kubectl exec --context=$CTX_LOCAL -it -n sample sleep-57f9d6fd6b-q4k4h -- curl helloworld.sample:5000/hello
$ kubectl exec --context=$CTX_LOCAL -it -n sample $(kubectl get pod --context=$CTX_LOCAL -n sample -l app=sleep -o jsonpath={.items[0].metadata.name}) -- curl helloworld.sample:5000/hello
Defaulting container name to sleep.
Use 'kubectl describe pod/sleep-57f9d6fd6b-q4k4h -n sample' to see all of the containers in this pod.
Hello version: v2, instance: helloworld-v2-758dd55874-6x4t8
{{< /text >}}
{{< text bash >}}
$ kubectl exec --context=$CTX_LOCAL -it -n sample sleep-57f9d6fd6b-q4k4h -- curl helloworld.sample:5000/hello
$ kubectl exec --context=$CTX_LOCAL -it -n sample $(kubectl get pod --context=$CTX_LOCAL -n sample -l app=sleep -o jsonpath={.items[0].metadata.name}) -- curl helloworld.sample:5000/hello
Defaulting container name to sleep.
Use 'kubectl describe pod/sleep-57f9d6fd6b-q4k4h -n sample' to see all of the containers in this pod.
Hello version: v1, instance: helloworld-v1-86f77cd7bd-cpxhv
@ -368,7 +370,7 @@ Hello version: v1, instance: helloworld-v1-86f77cd7bd-cpxhv
You can also verify the IP addresses used to access the endpoints by printing the log of the sleep's `istio-proxy` container.
{{< text bash >}}
$ kubectl logs --context=$CTX_LOCAL -n sample sleep-57f9d6fd6b-q4k4h istio-proxy
$ kubectl logs --context=$CTX_LOCAL -n sample $(kubectl get pod --context=$CTX_LOCAL -n sample -l app=sleep -o jsonpath={.items[0].metadata.name}) istio-proxy
[2018-11-25T12:37:52.077Z] "GET /hello HTTP/1.1" 200 - 0 60 190 189 "-" "curl/7.60.0" "6e096efe-f550-4dfa-8c8c-ba164baf4679" "helloworld.sample:5000" "192.23.120.32:443" outbound|5000||helloworld.sample.svc.cluster.local - 10.20.194.146:5000 10.10.0.89:59496 -
[2018-11-25T12:38:06.745Z] "GET /hello HTTP/1.1" 200 - 0 60 171 170 "-" "curl/7.60.0" "6f93c9cc-d32a-4878-b56a-086a740045d2" "helloworld.sample:5000" "10.10.0.90:5000" outbound|5000||helloworld.sample.svc.cluster.local - 10.20.194.146:5000 10.10.0.89:59646 -
{{< /text >}}
@ -384,8 +386,8 @@ Cleanup the `remote` cluster:
{{< text bash >}}
$ kubectl delete --context=$CTX_REMOTE -f istio-remote-auth.yaml
$ kubectl delete --context=$CTX_REMOTE ns istio-system
$ kubectl delete --context=$CTX_REMOTE -f install/kubernetes/helm/istio/templates/crds.yaml
$ kubectl delete --context=$CTX_REMOTE -f helloworld-v2.yaml -n sample
$ kubectl delete --context=$CTX_REMOTE ns sample
{{< /text >}}
Cleanup the `local` cluster:
@ -393,7 +395,8 @@ Cleanup the `local` cluster:
{{< text bash >}}
$ kubectl delete --context=$CTX_LOCAL -f istio-auth.yaml
$ kubectl delete --context=$CTX_LOCAL ns istio-system
$ kubectl delete --context=$CTX_LOCAL -f install/kubernetes/helm/istio/templates/crds.yaml
$ helm delete --purge --kube-context=$CTX_LOCAL istio-init
$ kubectl delete --context=$CTX_LOCAL -f helloworld-v1.yaml -n sample
$ kubectl delete --context=$CTX_LOCAL -f samples/sleep/sleep.yaml -n sample
$ kubectl delete --context=$CTX_LOCAL ns sample
{{< /text >}}