istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update vm docs to uses latest makefile (#7664) 

* update vm docs to uses latest makefile

* fix typo
This commit is contained in:
Iris 2020-07-07 23:01:31 +08:00 committed by GitHub
parent 831950b1c9
commit 496e4b559d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
content/en/docs/setup/install/virtual-machine/index.md
View File

@ -66,7 +66,14 @@ deployment you place into production.
{{< text bash >}}
$ cd "${WORK_DIR}"
$ make -f "${ISTIO_DIR}"/tools/certs/Makefile NAME="${CLUSTER_NAME}" NAMESPACE="${SERVICE_NAMESPACE}" "${CLUSTER_NAME}"-certs-wl
$ make -f "${ISTIO_DIR}"/tools/certs/Makefile NAME="${CLUSTER_NAME}" NAMESPACE="${SERVICE_NAMESPACE}" "${CLUSTER_NAME}"-cacerts-selfSigned
{{< /text >}}
1. Execute the following commands to create certificates for use on the virtual machine.
{{< text bash >}}
$ cd "${WORK_DIR}"
$ make -f "${ISTIO_DIR}"/tools/certs/Makefile NAME="${CLUSTER_NAME}" NAMESPACE="${SERVICE_NAMESPACE}" "${NAMESPACE}"-certs-selfSigned
{{< /text >}}
## Install the Istio control plane
@ -78,10 +85,10 @@ The Istio control plane must be installed with virtual machine integration enabl
{{< text bash >}}
$ kubectl create namespace istio-system
$ kubectl create secret generic cacerts -n istio-system \
--from-file="${WORK_DIR}"/"${CLUSTER_NAME}"/ca-cert.pem \
--from-file="${WORK_DIR}"/"${CLUSTER_NAME}"/ca-key.pem \
--from-file="${WORK_DIR}"/"${CLUSTER_NAME}"/root-cert.pem \
--from-file="${WORK_DIR}"/"${CLUSTER_NAME}"/cert-chain.pem
--from-file=ca-cert.pem=="${WORK_DIR}"/"${CLUSTER_NAME}"/selfSigned-ca-cert.pem \
--from-file=ca-key.pem="${WORK_DIR}"/"${CLUSTER_NAME}"/selfSigned-ca-key.pem \
--from-file=root-cert.pem="${WORK_DIR}"/"${CLUSTER_NAME}"/root-cert.pem \
--from-file=cert-chain.pem="${WORK_DIR}"/"${CLUSTER_NAME}"/selfSigned-ca-cert-chain.pem
{{< /text >}}
1. Create the install `IstioOperator` custom resource:
@ -112,10 +119,9 @@ The Istio control plane must be installed with virtual machine integration enabl
1. Make a copy of files to copy to the virtual machine
{{< text bash >}}
$ cp -a "${WORK_DIR}"/"${CLUSTER_NAME}"/ca-cert.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/
$ cp -a "${WORK_DIR}"/"${CLUSTER_NAME}"/key.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/
$ cp -a "${WORK_DIR}"/"${CLUSTER_NAME}"/root-cert.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/
$ cp -a "${WORK_DIR}"/"${CLUSTER_NAME}"/workload-cert-chain.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/cert-chain.pem
$ cp -a "${WORK_DIR}"/"${SERVICE_NAMESPACE}"/key.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/
$ cp -a "${WORK_DIR}"/"${SERVICE_NAMESPACE}"/root-cert.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/
$ cp -a "${WORK_DIR}"/"${SERVICE_NAMESPACE}"/selfSigned-workload-cert-chain.pem "${WORK_DIR}"/"${CLUSTER_NAME}"/"${SERVICE_NAMESPACE}"/cert-chain.pem
{{< /text >}}
1. Generate a `cluster.env` configuration file that informs the virtual machine