istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove Nomad & Consul docs (#4805) 

* Remove Nomad & Consul docs

* broken links

* more broken links

* more broken links

* fix spelling errors

* remove broken ref
This commit is contained in:
Frank Budinsky 2019-08-16 15:13:30 -04:00 committed by Istio Automation
parent 1c4e8bf523
commit ca7559cab2
163 changed files with 377 additions and 642 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.spelling
View File

@ -351,6 +351,7 @@ natively
netmask
networking.istio.io
nginx
NLBs
nodePorts
non-sandboxed
normalization

2
content/en/_index.md
View File

@ -106,7 +106,7 @@ description: Connect, secure, control, and observe services.
</div>
<div id="buttons">
<a title="Install Istio on Kubernetes today." class="btn" href="/docs/setup/kubernetes/getting-started/">GET STARTED</a>
<a title="Install Istio on Kubernetes today." class="btn" href="/docs/setup/getting-started/">GET STARTED</a>
<a title="Dive deeper to understand what Istio is and how it works." class="btn" href="/docs/concepts/what-is-istio/">LEARN MORE</a>
<a title="Download the latest release." class="btn" href="{{< istio_release_url >}}">DOWNLOAD {{< istio_release_name >}}</a>
</div>

14
content/en/about/feature-stages/index.md
View File

@ -92,20 +92,20 @@ The 'Authorization (RBAC)' runtime is considered Beta. However, its API is stil
| Feature | Phase
|-------------------|-------------------
| [Kubernetes: Envoy Installation and Traffic Interception](/docs/setup/kubernetes/) | Stable
| [Kubernetes: Istio Control Plane Installation](/docs/setup/kubernetes/) | Stable
| [Kubernetes: Envoy Installation and Traffic Interception](/docs/setup/) | Stable
| [Kubernetes: Istio Control Plane Installation](/docs/setup/) | Stable
| [Attribute Expression Language](/docs/reference/config/policy-and-telemetry/expression-language/) | Stable
| Mixer Out-of-Process Adapter Authoring Model | Beta
| [Helm](/docs/setup/kubernetes/install/helm/) | Beta
| [Multicluster Mesh over VPN](/docs/setup/kubernetes/install/multicluster/) | Alpha
| [Kubernetes: Istio Control Plane Upgrade](/docs/setup/kubernetes/) | Beta
| [Consul Integration](/docs/setup/consul/quick-start/) | Alpha
| [Helm](/docs/setup/install/helm/) | Beta
| [Multicluster Mesh over VPN](/docs/setup/install/multicluster/) | Alpha
| [Kubernetes: Istio Control Plane Upgrade](/docs/setup/) | Beta
| Consul Integration | Alpha
| Basic Configuration Resource Validation | Beta
| Configuration Processing with Galley | Beta
| [Mixer Self Monitoring](/faq/mixer/#mixer-self-monitoring) | Beta
| [Custom Mixer Build Model](https://github.com/istio/istio/wiki/Mixer-Compiled-In-Adapter-Dev-Guide) | deprecated
| [Out of Process Mixer Adapters (gRPC Adapters)](https://github.com/istio/istio/wiki/Mixer-Out-Of-Process-Adapter-Dev-Guide) | Beta
| [Istio CNI plugin](/docs/setup/kubernetes/additional-setup/cni/) | Alpha
| [Istio CNI plugin](/docs/setup/additional-setup/cni/) | Alpha
| IPv6 support for Kubernetes | Alpha
| [Distroless base images for Istio](/docs/ops/security/harden-docker-images/) | Alpha

2
content/en/blog/2017/0.2-announcement/index.md
View File

@ -37,7 +37,7 @@ you easily integrate your solution with Istio.
* _Mesh expansion_: Istio mesh can now span services running outside of Kubernetes - like those running in virtual machines while enjoying benefits such as automatic mutual TLS authentication, traffic management, telemetry, and policy enforcement across the mesh.
* _Running outside Kubernetes_: We know many customers use other service registry and orchestration solutions like [Consul/Nomad](/docs/setup/consul/quick-start/) and Eureka. Istio Pilot can now run standalone outside Kubernetes, consuming information from these systems, and manage the Envoy fleet in VMs or containers.
* _Running outside Kubernetes_: We know many customers use other service registry and orchestration solutions like Consul/Nomad and Eureka. Istio Pilot can now run standalone outside Kubernetes, consuming information from these systems, and manage the Envoy fleet in VMs or containers.
## Get involved in shaping the future of Istio

4
content/en/blog/2018/announcing-1.0/index.md
View File

@ -24,7 +24,7 @@ and [Styra](https://styra.com/) built extensions to our policy enforcement and n
Since the 0.8 release weve added some important new features and more importantly marked many of our existing features as Beta signaling that theyre ready for production use. This is captured in more detail in the [release notes](/about/notes/1.0/) but its worth calling out some highlights
* Multiple Kubernetes clusters can now be [added to a single mesh](/docs/setup/kubernetes/install/multicluster/) and enabling cross-cluster communication and consistent policy enforcement. Multi-cluster support is now Beta.
* Multiple Kubernetes clusters can now be [added to a single mesh](/docs/setup/install/multicluster/) and enabling cross-cluster communication and consistent policy enforcement. Multi-cluster support is now Beta.
* Networking APIs that enable fine grained control over the flow of traffic through a mesh are now Beta. Explicitly modeling ingress and egress concerns using Gateways allows operators to [control the network topology](/blog/2018/v1alpha3-routing/) and meet access security requirements at the edge.
@ -35,7 +35,7 @@ Since the 0.8 release weve added some important new features and more importa
* [Authorization policies](/docs/concepts/security/#authorization) which control access to services are now entirely evaluated locally in Envoy increasing
their performance and reliability.
* [Helm chart installation](/docs/setup/kubernetes/install/helm/) is now the recommended install method offering rich customization options to adopt Istio on your terms.
* [Helm chart installation](/docs/setup/install/helm/) is now the recommended install method offering rich customization options to adopt Istio on your terms.
* Weve put a lot of effort into performance including continuous regression testing, large scale environment simulation and targeted fixes. Were very happy with the results and will share more on this in detail in the coming weeks.

4
content/en/blog/2018/egress-https/index.md
View File

@ -20,7 +20,7 @@ HTTPS traffic and describe the pros and cons of each of the options.
## Initial setting
To demonstrate the scenario of consuming an external web service, I start with a Kubernetes cluster with [Istio installed](/docs/setup/kubernetes/install/kubernetes/#installation-steps). Then I deploy
To demonstrate the scenario of consuming an external web service, I start with a Kubernetes cluster with [Istio installed](/docs/setup/install/kubernetes/#installation-steps). Then I deploy
[Istio Bookinfo Sample Application](/docs/examples/bookinfo/). This application uses the _details_ microservice to fetch
book details, such as the number of pages and the publisher. The original _details_ microservice provides the book
details without consulting any external service.
@ -73,7 +73,7 @@ $ kubectl apply -f @samples/bookinfo/networking/virtual-service-details-v2.yaml@
Note that the virtual service relies on a destination rule that you created in the [Apply default destination rules](/docs/examples/bookinfo/#apply-default-destination-rules) section.
Access the web page of the application, after
[determining the ingress IP and port](/docs/examples/bookinfo/#determining-the-ingress-ip-and-port).
[determining the ingress IP and port](/docs/examples/bookinfo/#determine-the-ingress-ip-and-port).
Oops... Instead of the book details you have the _Error fetching product details_ message displayed:

4
content/en/blog/2018/egress-mongo/index.md
View File

@ -93,7 +93,7 @@ For this task you set up an instance of [MongoDB](https://www.mongodb.com). You
### Initial setting of Bookinfo application
To demonstrate the scenario of using an external database, you start with a Kubernetes cluster with [Istio installed](/docs/setup/kubernetes/install/kubernetes/#installation-steps). Then you deploy the
To demonstrate the scenario of using an external database, you start with a Kubernetes cluster with [Istio installed](/docs/setup/install/kubernetes/#installation-steps). Then you deploy the
[Istio Bookinfo sample application](/docs/examples/bookinfo/), [apply the default destination rules](/docs/examples/bookinfo/#apply-default-destination-rules), and
[change Istio to the blocking-egress-by-default policy](/docs/tasks/traffic-management/egress/egress-control/#change-to-the-blocking-by-default-policy).
@ -145,7 +145,7 @@ boundary of the service mesh is marked by a dashed line.
### Access the webpage
Access the webpage of the application, after
[determining the ingress IP and port](/docs/examples/bookinfo/#determining-the-ingress-ip-and-port).
[determining the ingress IP and port](/docs/examples/bookinfo/#determine-the-ingress-ip-and-port).
Since you did not configure the egress traffic control yet, the access to the MongoDB service is blocked by Istio.
This is why instead of the rating stars, the message _"Ratings service is currently unavailable"_ is currently

4
content/en/blog/2018/egress-tcp/index.md
View File

@ -149,7 +149,7 @@ Now you are ready to deploy a version of the Bookinfo application that will use
### Initial setting of Bookinfo application
To demonstrate the scenario of using an external database, you start with a Kubernetes cluster with [Istio installed](/docs/setup/kubernetes/install/kubernetes/#installation-steps). Then you deploy the
To demonstrate the scenario of using an external database, you start with a Kubernetes cluster with [Istio installed](/docs/setup/install/kubernetes/#installation-steps). Then you deploy the
[Istio Bookinfo sample application](/docs/examples/bookinfo/), [apply the default destination rules](/docs/examples/bookinfo/#apply-default-destination-rules), and [change Istio to the blocking-egress-by-default policy](/docs/tasks/traffic-management/egress/egress-control/#change-to-the-blocking-by-default-policy).
This application uses the `ratings` microservice to fetch
@ -228,7 +228,7 @@ Note that the MySQL database is outside the Istio service mesh, or more precisel
### Access the webpage
Access the webpage of the application, after
[determining the ingress IP and port](/docs/examples/bookinfo/#determining-the-ingress-ip-and-port).
[determining the ingress IP and port](/docs/examples/bookinfo/#determine-the-ingress-ip-and-port).
You have a problem... Instead of the rating stars, the message _"Ratings service is currently unavailable"_ is currently
displayed below each review:

4
content/en/blog/2018/export-logs-through-stackdriver/index.md
View File

@ -47,7 +47,7 @@ Common setup for all sinks:
1. Record the ID of the dataset. It will be needed to configure the Stackdriver handler.
It would be of the form `bigquery.googleapis.com/projects/[PROJECT_ID]/datasets/[DATASET_ID]`
1. Give [sinks writer identity](https://cloud.google.com/logging/docs/api/tasks/exporting-logs#writing_to_the_destination): `cloud-logs@system.gserviceaccount.com` BigQuery Data Editor role in IAM.
1. If using [Google Kubernetes Engine](/docs/setup/kubernetes/platform-setup/gke/), make sure `bigquery` [Scope](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create) is enabled on the cluster.
1. If using [Google Kubernetes Engine](/docs/setup/platform-setup/gke/), make sure `bigquery` [Scope](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create) is enabled on the cluster.
#### Google Cloud Storage (GCS)
@ -62,7 +62,7 @@ Common setup for all sinks:
1. Recode the ID of the topic. It will be needed to configure Stackdriver.
It would be of the form `pubsub.googleapis.com/projects/[PROJECT_ID]/topics/[TOPIC_ID]`
1. Give [sinks writer identity](https://cloud.google.com/logging/docs/api/tasks/exporting-logs#writing_to_the_destination): `cloud-logs@system.gserviceaccount.com` Pub/Sub Publisher role in IAM.
1. If using [Google Kubernetes Engine](/docs/setup/kubernetes/platform-setup/gke/), make sure `pubsub` [Scope](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create) is enabled on the cluster.
1. If using [Google Kubernetes Engine](/docs/setup/platform-setup/gke/), make sure `pubsub` [Scope](https://cloud.google.com/sdk/gcloud/reference/container/clusters/create) is enabled on the cluster.
### Setting up Stackdriver

6
content/en/blog/2018/incremental-traffic-management/index.md
View File

@ -44,9 +44,9 @@ Fortunately, a standard Istio deployment already includes a [Gateway](/docs/conc
## In action: traffic routing with Istio
A simple way to see this type of approach in action is to first setup your Kubernetes environment using the [Platform Setup](/docs/setup/kubernetes/platform-setup/) instructions, and then install the **minimal** Istio profile using [Helm](/docs/setup/kubernetes/install/helm/), including only the traffic management components (ingress gateway, egress gateway, Pilot). The following example uses [Google Kubernetes Engine](https://cloud.google.com/gke).
A simple way to see this type of approach in action is to first setup your Kubernetes environment using the [Platform Setup](/docs/setup/platform-setup/) instructions, and then install the **minimal** Istio profile using [Helm](/docs/setup/install/helm/), including only the traffic management components (ingress gateway, egress gateway, Pilot). The following example uses [Google Kubernetes Engine](https://cloud.google.com/gke).
First, setup and configure [GKE](/docs/setup/kubernetes/platform-setup/gke/):
First, setup and configure [GKE](/docs/setup/platform-setup/gke/):
{{< text bash >}}
$ gcloud container clusters create istio-inc --zone us-central1-f
@ -56,7 +56,7 @@ $ kubectl create clusterrolebinding cluster-admin-binding \
--user=$(gcloud config get-value core/account)
{{< /text >}}
Next, [install Helm](https://helm.sh/docs/securing_installation/) and [generate a minimal Istio install](/docs/setup/kubernetes/install/helm/) -- only traffic management components:
Next, [install Helm](https://helm.sh/docs/securing_installation/) and [generate a minimal Istio install](/docs/setup/install/helm/) -- only traffic management components:
{{< text bash >}}
$ helm template install/kubernetes/helm/istio \

2
content/en/blog/2018/soft-multitenancy/index.md
View File

@ -75,7 +75,7 @@ istio-system1 istio-mixer-7d4f7b9968-66z44 3/3 Running 0
istio-system1 istio-pilot-5bb6b7669c-779vb 2/2 Running 0 15d
{{< /text >}}
The Istio [sidecar](/docs/setup/kubernetes/additional-setup/sidecar-injection/)
The Istio [sidecar](/docs/setup/additional-setup/sidecar-injection/)
and [addons](/docs/tasks/telemetry/), if required, manifests must also be
deployed to match the configured `namespace` in use by the tenant's Istio
control plane.

4
content/en/blog/2019/announcing-1.1/index.md
View File

@ -41,7 +41,7 @@ We listened to the community and improved defaults for traffic control and
policy. We introduced a new component called
[Galley](/docs/concepts/what-is-istio/#galley). Galley validates that sweet,
sweet YAML, reducing the chance of configuration errors. Galley will also be
instrumental in [multicluster setups](/docs/setup/kubernetes/install/multicluster/),
instrumental in [multicluster setups](/docs/setup/install/multicluster/),
gathering service discovery information from each Kubernetes cluster. We are
also supporting additional multicluster topologies including [shared control plane](/docs/concepts/multicluster-deployments/#shared-control-plane-topology)
and [dedicated control plane](/docs/concepts/multicluster-deployments/#dedicated-control-plane-topology) topologies
@ -68,4 +68,4 @@ us installing and upgrading to the early builds and helping us catch problems
before the release.
So: nows the time! Grab 1.1, check out [the updated documentation](/docs/),
[install it](/docs/setup/kubernetes/) and...happy meshing!
[install it](/docs/setup/) and...happy meshing!

2
content/en/blog/2019/egress-traffic-control-in-istio-part-3/index.md
View File

@ -146,6 +146,6 @@ In this case, Istio already provides you some benefits even before you start usi
[policies](/docs/tasks/policy-enforcement/) and [telemetry](/docs/tasks/telemetry/), applied to traffic between
microservices inside the cluster.
So, if you haven't had the chance to work with Istio yet, [install Istio](/docs/setup/kubernetes/install/) on your cluster
So, if you haven't had the chance to work with Istio yet, [install Istio](/docs/setup/install/) on your cluster
and check our [egress traffic control tasks](/docs/tasks/traffic-management/egress/) and the tasks for the other
[Istio features](/docs/tasks/). We also want to hear from you, please join us at [discuss.istio.io](https://discuss.istio.io).

2
content/en/blog/2019/evolving-istios-apis/index.md
View File

@ -49,7 +49,7 @@ Some areas of improvement that were working on for upcoming releases include:
- Support for routing all traffic by default to constrain routing incrementally
- Add a single global flag to enable mutual TLS and encrypt all inter-pod traffic
Oh, and if for some reason you judge a toolbox by the list of CRDs it installs, in Istio 1.2 we cut the number from 54 down to 23. Why? It turns out that if you have a bunch of features, you need to have a way to configure them all. With the improvements weve made to our installer, you can now install Istio using a [configuration](/docs/setup/kubernetes/additional-setup/config-profiles/) that works with your adapters.
Oh, and if for some reason you judge a toolbox by the list of CRDs it installs, in Istio 1.2 we cut the number from 54 down to 23. Why? It turns out that if you have a bunch of features, you need to have a way to configure them all. With the improvements weve made to our installer, you can now install Istio using a [configuration](/docs/setup/additional-setup/config-profiles/) that works with your adapters.
All service meshes and, by extension, Istio seeks to automate complex infrastructure operations, like networking and security. That means there will always be complexity in its APIs, but Istio will always aim to solve the needs of operators, while continuing to evolve the API to provide robust building blocks and prioritize flexibility through role-centric abstractions.

8
content/en/blog/2019/multicluster-version-routing/index.md
View File

@ -36,7 +36,7 @@ running in one cluster, versions `v2` and `v3` running in a second cluster.
To start, you'll need two Kubernetes clusters, both running a slightly customized configuration of Istio.
* Set up a multicluster environment with two Istio clusters by following the
[dedicated control planes](/docs/setup/kubernetes/install/multicluster/gateways/) instructions.
[dedicated control planes](/docs/setup/install/multicluster/gateways/) instructions.
* The `kubectl` command is used to access both clusters with the `--context` flag.
Use the following command to list your contexts:
@ -262,7 +262,7 @@ Just like any application, we'll use an Istio gateway to access the `bookinfo` a
$ kubectl apply --context=$CTX_CLUSTER1 -f @samples/bookinfo/networking/bookinfo-gateway.yaml@
{{< /text >}}
* Follow the [Bookinfo sample instructions](/docs/examples/bookinfo/#determining-the-ingress-ip-and-port)
* Follow the [Bookinfo sample instructions](/docs/examples/bookinfo/#determine-the-ingress-ip-and-port)
to determine the ingress IP and port and then point your browser to `http://$GATEWAY_URL/productpage`.
You should see the `productpage` with reviews, but without ratings, because only `v1` of the `reviews` service
@ -270,7 +270,7 @@ is running on `cluster1` and we have not yet configured access to `cluster2`.
## Create a service entry and destination rule on `cluster1` for the remote reviews service
As described in the [setup instructions](/docs/setup/kubernetes/install/multicluster/gateways/#setup-dns),
As described in the [setup instructions](/docs/setup/install/multicluster/gateways/#setup-dns),
remote services are accessed with a `.global` DNS name. In our case, it's `reviews.default.global`,
so we need to create a service entry and destination rule for that host.
The service entry will use the `cluster2` gateway as the endpoint address to access the service.
@ -329,7 +329,7 @@ EOF
The address `127.255.0.3` of the service entry can be any arbitrary unallocated IP.
Using an IP from the loopback range 127.0.0.0/8 is a good choice.
Check out the
[gateway-connected multicluster example](/docs/setup/kubernetes/install/multicluster/gateways/#configure-the-example-services)
[gateway-connected multicluster example](/docs/setup/install/multicluster/gateways/#configure-the-example-services)
for more details.
Note that the labels of the subsets in the destination rule map to the service entry

6
content/en/blog/2019/performance-best-practices/index.md
View File

@ -19,9 +19,9 @@ In the [Istio Tools repository](https://github.com/istio/tools/tree/81cc22348059
To accurately measure the performance of a service mesh at scale, it's important to use an [adequately-sized](https://github.com/istio/tools/tree/81cc22348059bb17ad9c2f571018e78780a1bbf5/perf/istio-install#istio-setup) Kubernetes cluster. We test using three worker nodes, each with at least 4 vCPUs and 15 GB of memory.
Then, it's important to use a production-ready Istio **installation profile** on that cluster. This lets us achieve performance-oriented settings such as control plane pod autoscaling, and ensures that resource limits are appropriate for heavy traffic load. The [default](/docs/setup/kubernetes/install/helm/#option-1-install-with-helm-via-helm-template) Istio installation is suitable for most benchmarking use cases. For extensive performance benchmarking, with thousands of proxy-injected services, we also provide [a tuned Istio install](https://github.com/istio/tools/blob/81cc22348059bb17ad9c2f571018e78780a1bbf5/perf/istio-install/values.yaml) that allocates extra memory and CPU to the Istio control plane.
Then, it's important to use a production-ready Istio **installation profile** on that cluster. This lets us achieve performance-oriented settings such as control plane pod autoscaling, and ensures that resource limits are appropriate for heavy traffic load. The [default](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template) Istio installation is suitable for most benchmarking use cases. For extensive performance benchmarking, with thousands of proxy-injected services, we also provide [a tuned Istio install](https://github.com/istio/tools/blob/81cc22348059bb17ad9c2f571018e78780a1bbf5/perf/istio-install/values.yaml) that allocates extra memory and CPU to the Istio control plane.
{{< warning_icon >}} Istio's [demo installation](/docs/setup/kubernetes/install/kubernetes/) is not suitable for performance testing, because it is designed to be deployed on a small trial cluster, and has full tracing and access logs enabled to showcase Istio's features.
{{< warning_icon >}} Istio's [demo installation](/docs/setup/install/kubernetes/) is not suitable for performance testing, because it is designed to be deployed on a small trial cluster, and has full tracing and access logs enabled to showcase Istio's features.
## 2. Focus on the data plane
@ -44,7 +44,7 @@ Why test with only two pods? Because scaling up throughput (RPS) and connections
## 3. Measure with and without proxies
While many Istio features, such as [mutual TLS authentication](/docs/concepts/security/#mutual-tls-authentication), rely on an Envoy proxy next to an application pod, you can [selectively disable](/docs/setup/kubernetes/additional-setup/sidecar-injection/#disabling-or-updating-the-webhook) sidecar proxy injection for some of your mesh services. As you scale up Istio for production, you may want to incrementally add the sidecar proxy to your workloads.
While many Istio features, such as [mutual TLS authentication](/docs/concepts/security/#mutual-tls-authentication), rely on an Envoy proxy next to an application pod, you can [selectively disable](/docs/setup/additional-setup/sidecar-injection/#disabling-or-updating-the-webhook) sidecar proxy injection for some of your mesh services. As you scale up Istio for production, you may want to incrementally add the sidecar proxy to your workloads.
To that end, the test scripts provide [three different modes](https://github.com/istio/tools/tree/81cc22348059bb17ad9c2f571018e78780a1bbf5/perf/benchmark#run-performance-tests). These modes analyze Istio's performance when a request goes through both the client and server proxies (`both`), just the server proxy (`serveronly`), and neither proxy (`baseline`).

2
content/en/boilerplates/before-you-begin-egress.md
View File

@ -6,7 +6,7 @@
* Deploy the [sleep]({{< github_tree >}}/samples/sleep) sample app to use as a test source for sending requests.
If you have
[automatic sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection)
[automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection)
enabled, run the following command to deploy the sample app:
{{< text bash >}}

2
content/en/boilerplates/notes/0.5.md
View File

@ -8,7 +8,7 @@ information on customized Istio deployments.
[mutating webhook feature](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#api-machinery) to provide automatic
pod-level proxy injection. Automatic injection requires Kubernetes 1.9 or beyond and
therefore doesn't work on older versions. The alpha initializer mechanism is no longer supported.
[Learn more](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection)
[Learn more](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection)
- **Revised Traffic Rules**. Based on user feedback, we have made significant changes to Istio's traffic management
(routing rules, destination rules, etc.). We would love your continuing feedback while we polish this in the coming weeks.

2
content/en/boilerplates/notes/0.7.md
View File

@ -7,5 +7,5 @@ change in 0.8 and beyond.
Known Issues:
Our [Helm chart](/docs/setup/kubernetes/install/helm)
Our [Helm chart](/docs/setup/install/helm)
currently requires some workaround to apply the chart correctly, see [4701](https://github.com/istio/istio/issues/4701) for details.

2
content/en/boilerplates/notes/0.8.md
View File

@ -3,7 +3,7 @@
- **Revamped Traffic Management Model**. We're finally ready to take the wraps off our
[new traffic management APIs](/blog/2018/v1alpha3-routing/). We believe this new model is easier to understand while covering more real world
deployment [use-cases](/docs/tasks/traffic-management/). For folks upgrading from earlier releases there is a
[migration guide](/docs/setup/kubernetes/upgrade/) and a conversion tool built into `istioctl` to help convert your configuration from the old model.
[migration guide](/docs/setup/upgrade/) and a conversion tool built into `istioctl` to help convert your configuration from the old model.
- **Streaming Envoy configuration**. By default Pilot now streams configuration to Envoy using its [ADS API](https://github.com/envoyproxy/data-plane-api/blob/master/xds_protocol.rst). This new approach increases effective scalability, reduces rollout delay and should eliminate spurious 404 errors.

6
content/en/boilerplates/notes/1.0.md
View File

@ -76,11 +76,11 @@ be configured using [authentication policies](/docs/concepts/security/#authentic
## Known issues with 1.0
- Amazon's EKS service does not implement automatic sidecar injection. Istio can be used in Amazon's
EKS by using [manual injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#manual-sidecar-injection) for
sidecars and turning off galley using the [Helm parameter](/docs/setup/kubernetes/install/helm)
EKS by using [manual injection](/docs/setup/additional-setup/sidecar-injection/#manual-sidecar-injection) for
sidecars and turning off galley using the [Helm parameter](/docs/setup/install/helm)
`--set galley.enabled=false`.
- In a [multicluster deployment](/docs/setup/kubernetes/install/multicluster) the mixer-telemetry
- In a [multicluster deployment](/docs/setup/install/multicluster) the mixer-telemetry
and mixer-policy components do not connect to the Kubernetes API endpoints of any of the remote
clusters. This results in a loss of telemetry fidelity as some of the metadata associated
with workloads on remote clusters is incomplete.

14
content/en/boilerplates/notes/1.1.md
View File

@ -2,15 +2,15 @@
In addition to the new features and improvements listed below, Istio 1.1 has introduced
a number of significant changes from 1.0 that can alter the behavior of applications.
A concise list of these changes can be found in the [upgrade notice](/docs/setup/kubernetes/upgrade/notice).
A concise list of these changes can be found in the [upgrade notice](/docs/setup/upgrade/notice).
## Upgrades
We recommend a manual upgrade of the control plane and data plane to 1.1. See
the [upgrades documents](/docs/setup/kubernetes/upgrade/) for more information.
the [upgrades documents](/docs/setup/upgrade/) for more information.
{{< warning >}}
Be sure to check out the [upgrade notice](/docs/setup/kubernetes/upgrade/notice) for a
Be sure to check out the [upgrade notice](/docs/setup/upgrade/notice) for a
concise list of things you should know before upgrading your deployment to Istio 1.1.
{{< /warning >}}
@ -25,12 +25,12 @@ concise list of things you should know before upgrading your deployment to Istio
- **Installation Configuration Profiles**. Added several installation
configuration profiles to simplify the installation process using well-known
and well-tested patterns. Learn more about the better user experience
afforded by the [installation profile feature](/docs/setup/kubernetes/additional-setup/config-profiles/).
afforded by the [installation profile feature](/docs/setup/additional-setup/config-profiles/).
- **Improved Multicluster Integration**. Consolidated the 1.0 `istio-remote`
chart previously used for
[multicluster VPN](/docs/setup/kubernetes/install/multicluster/shared-vpn/) and
[multicluster split horizon](/docs/setup/kubernetes/install/multicluster/shared-gateways/) remote cluster installation
[multicluster VPN](/docs/setup/install/multicluster/shared-vpn/) and
[multicluster split horizon](/docs/setup/install/multicluster/shared-gateways/) remote cluster installation
into the Istio Helm chart simplifying the operational experience.
## Traffic management
@ -200,7 +200,7 @@ concise list of things you should know before upgrading your deployment to Istio
replace`, `istioctl get`, and `istioctl delete` commands. Use the
[`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl)
equivalents instead. Deprecated the `istioctl gen-deploy` command too. Use a
[`helm template`](/docs/setup/kubernetes/install/helm/#option-1-install-with-helm-via-helm-template)
[`helm template`](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template)
instead. Release 1.2 will remove these commands.
- **Short Commands**. Included short commands in `kubectl` for gateways,

2
content/en/boilerplates/notes/1.2.md
View File

@ -65,7 +65,7 @@ Refer to the [installation option change page](/docs/reference/config/installati
## Others
- **Added** [Istio CNI support](/docs/setup/kubernetes/additional-setup/cni/) to setup sidecar network redirection and remove the use of `istio-init` containers requiring `NET_ADMIN` capability.
- **Added** [Istio CNI support](/docs/setup/additional-setup/cni/) to setup sidecar network redirection and remove the use of `istio-init` containers requiring `NET_ADMIN` capability.
- **Added** a new experimental ['a-la-carte' Istio installer](https://github.com/istio/installer/wiki) to enable users to install and upgrade Istio with desired isolation and security.
- **Added** the [DNS-discovery](https://github.com/istio-ecosystem/dns-discovery) and [iter8](https://github.com/istio-ecosystem/iter8) in [Istio ecosystem](https://github.com/istio-ecosystem).
- **Added** [environment variable and configuration file support](https://docs.google.com/document/d/1M-qqBMNbhbAxl3S_8qQfaeOLAiRqSBpSgfWebFBRuu8/edit) for configuring Galley, in addition to command-line flags.

2
content/en/boilerplates/start-httpbin-service.md
View File

@ -2,7 +2,7 @@
---
* Start the [httpbin]({{< github_tree >}}/samples/httpbin) sample.
If you have enabled [automatic sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection), deploy the `httpbin` service:
If you have enabled [automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection), deploy the `httpbin` service:
{{< text bash >}}
$ kubectl apply -f @samples/httpbin/httpbin.yaml@

6
content/en/docs/concepts/multicluster-deployments/index.md
View File

@ -80,7 +80,7 @@ configuration. You configure service discovery of `foo.ns.global` by creating an
[service entry](/docs/concepts/traffic-management/#service-entries).
To configure this type of multicluster topology, visit our
[dedicated control planes instructions](/docs/setup/kubernetes/install/multicluster/gateways/).
[dedicated control planes instructions](/docs/setup/install/multicluster/gateways/).
### Shared control plane topology
@ -106,7 +106,7 @@ overlap and DNS resolution for services on remote clusters is not automatic. Use
the services on every participating cluster.
To configure this type of multicluster topology, visit our
[single-network shared control plane instructions](/docs/setup/kubernetes/install/multicluster/shared-vpn/).
[single-network shared control plane instructions](/docs/setup/install/multicluster/shared-vpn/).
#### Multi-network shared control plane topology
@ -127,4 +127,4 @@ is forwarded to the local service IP as usual. If the destination workload is ru
different cluster, the remote cluster Gateway IP is used to connect to the service instead.
To configure this type of multicluster topology, visit our
[multi-network shared control plane instructions](/docs/setup/kubernetes/install/multicluster/shared-gateways/).
[multi-network shared control plane instructions](/docs/setup/install/multicluster/shared-gateways/).

2
content/en/docs/concepts/traffic-management/index.md
View File

@ -994,7 +994,7 @@ outside of the mesh:
- Add a service running in a Virtual Machine (VM) to the mesh to [expand your mesh](/docs/examples/mesh-expansion/).
- Logically add services from a different cluster to the mesh to configure a
[multicluster Istio mesh](/docs/setup/kubernetes/install/multicluster/gateways/#configure-the-example-services)
[multicluster Istio mesh](/docs/setup/install/multicluster/gateways/#configure-the-example-services)
on Kubernetes.
You dont need to add a service entry for every external service that you

80
content/en/docs/examples/bookinfo/index.md
View File

@ -39,15 +39,14 @@ for the `reviews` service.
## Before you begin
If you haven't already done so, setup Istio by following the instructions
corresponding to your platform [installation guide](/docs/setup/).
in the [installation guide](/docs/setup/).
## Deploying the application
To run the sample with Istio requires no changes to the
application itself. Instead, we simply need to configure and run the services in an
application itself. Instead, you simply need to configure and run the services in an
Istio-enabled environment, with Envoy sidecars injected along side each service.
The needed commands and configuration vary depending on the runtime environment
although in all cases the resulting deployment will look like this:
The resulting deployment will look like this:
{{< image width="80%" link="./withistio.svg" caption="Bookinfo Application" >}}
@ -56,12 +55,7 @@ and outgoing calls for the services, providing the hooks needed to externally co
via the Istio control plane, routing, telemetry collection, and policy enforcement
for the application as a whole.
To start the application, follow the instructions corresponding to your Istio runtime environment.
* [If you are running on Kubernetes](#if-you-are-running-on-kubernetes)
* [If you are running on Docker with Consul](#if-you-are-running-on-docker-with-consul)
### If you are running on Kubernetes
### Start the application services
{{< tip >}}
If you use GKE, please ensure your cluster has at least 4 standard GKE nodes. If you use Minikube, please ensure you have at least 4GB RAM.
@ -69,7 +63,7 @@ If you use GKE, please ensure your cluster has at least 4 standard GKE nodes. If
1. Change directory to the root of the Istio installation.
1. The default Istio installation uses [automatic sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection).
1. The default Istio installation uses [automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection).
Label the namespace that will host the application with `istio-injection=enabled`:
{{< text bash >}}
@ -84,7 +78,7 @@ If you use GKE, please ensure your cluster has at least 4 standard GKE nodes. If
{{< warning >}}
If you disabled automatic sidecar injection during installation and rely on [manual sidecar injection]
(/docs/setup/kubernetes/additional-setup/sidecar-injection/#manual-sidecar-injection),
(/docs/setup/additional-setup/sidecar-injection/#manual-sidecar-injection),
use the `istioctl kube-inject` command to modify the `bookinfo.yaml`
file before deploying your application. For more information please
visit the `istioctl` [reference documentation](/docs/reference/commands/istioctl/#istioctl-kube-inject).
@ -136,7 +130,7 @@ If you use GKE, please ensure your cluster has at least 4 standard GKE nodes. If
<title>Simple Bookstore App</title>
{{< /text >}}
#### Determining the ingress IP and port
### Determine the ingress IP and port
Now that the Bookinfo services are up and running, you need to make the application accessible from outside of your
Kubernetes cluster, e.g., from a browser. An [Istio Gateway](/docs/concepts/traffic-management/#gateways)
@ -164,43 +158,6 @@ is used for this purpose.
$ export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT
{{< /text >}}
1. Proceed to [Confirm the app is running](#confirm-the-app-is-accessible-from-outside-the-cluster), below.
### If you are running on Docker with Consul
1. Change directory to the root of the Istio installation directory.
1. Bring up the application containers.
To test with Consul, run the following commands:
{{< text bash >}}
$ docker-compose -f @samples/bookinfo/platform/consul/bookinfo.yaml@ up -d
$ docker-compose -f samples/bookinfo/platform/consul/bookinfo.sidecars.yaml up -d
{{< /text >}}
1. Confirm that all docker containers are running:
{{< text bash >}}
$ docker ps -a
{{< /text >}}
{{< tip >}}
If the Istio Pilot container terminates, re-run the command `docker-compose -f install/consul/istio.yaml up -d`.
{{< /tip >}}
1. Set `GATEWAY_URL`:
{{< text bash >}}
$ export GATEWAY_URL=localhost:9081
{{< /text >}}
1. __Note for Consul users:__ In the following instructions, and when performing any follow-on routing tasks, the yaml files
in `samples/bookinfo/networking` will not work due to an issue with the current implementation of the default subdomain
for short service host names. For now, you need to use the corresponding yaml files in `samples/bookinfo/platform/consul`.
For example, replace `samples/bookinfo/networking/destination-rule-all.yaml` with
`samples/bookinfo/platform/consul/destination-rule-all.yaml` in the `kubectl apply` command, below.
## Confirm the app is accessible from outside the cluster
To confirm that the Bookinfo application is accessible from outside the cluster, run the following `curl` command:
@ -254,9 +211,7 @@ is a good place to start for beginners.
## Cleanup
When you're finished experimenting with the Bookinfo sample, uninstall and clean
it up using the following instructions corresponding to your Istio runtime environment.
### Uninstall from Kubernetes environment
it up using the following instructions:
1. Delete the routing rules and terminate the application pods
@ -270,22 +225,5 @@ it up using the following instructions corresponding to your Istio runtime envir
$ kubectl get virtualservices #-- there should be no virtual services
$ kubectl get destinationrules #-- there should be no destination rules
$ kubectl get gateway #-- there should be no gateway
$ kubectl get pods #-- the Bookinfo pods should be deleted
{{< /text >}}
### Uninstall from Docker with Consul environment
1. Delete the routing rules and application containers
In a Consul setup, run the following command:
{{< text bash >}}
$ @samples/bookinfo/platform/consul/cleanup.sh@
{{< /text >}}
1. Confirm cleanup
{{< text bash >}}
$ kubectl get virtualservices #-- there should be no more routing rules
$ docker ps -a #-- the Bookinfo containers should be deleted
$ kubectl get pods #-- the Bookinfo pods should be deleted
{{< /text >}}

4
content/en/docs/examples/endpoints/index.md
View File

@ -21,7 +21,7 @@ You may test the service using the following command:
$ curl --request POST --header "content-type:application/json" --data '{"message":"hello world"}' "http://${EXTERNAL_IP}/echo?key=${ENDPOINTS_KEY}"
{{< /text >}}
To install Istio for GKE, follow our [Quick Start with Google Kubernetes Engine](/docs/setup/kubernetes/platform-setup/gke).
To install Istio for GKE, follow our [Quick Start with Google Kubernetes Engine](/docs/setup/platform-setup/gke).
## HTTP Endpoints service
@ -73,7 +73,7 @@ Otherwise, ESP will not be able to access Google cloud service control.
EOF
{{< /text >}}
1. Get the ingress gateway IP and port by following the [instructions](/docs/tasks/traffic-management/ingress/ingress-control#determining-the-ingress-ip-and-ports).
1. Get the ingress gateway IP and port by following the [instructions](/docs/tasks/traffic-management/ingress/ingress-control/#determining-the-ingress-ip-and-ports).
You can verify accessing the Endpoints service through Istio ingress:
{{< text bash >}}

2
content/en/docs/examples/mesh-expansion/bookinfo-expanded/index.md
View File

@ -28,7 +28,7 @@ https://docs.google.com/drawings/d/1G1592HlOVgtbsIqxJnmMzvy6ejIdhajCosxF1LbvspI/
## Before you begin
* Setup Istio by following the instructions in the
[Installation guide](/docs/setup/kubernetes/install/kubernetes/).
[Installation guide](/docs/setup/install/kubernetes/).
* Deploy the [Bookinfo](/docs/examples/bookinfo/) sample application (in the `bookinfo` namespace).

4
content/en/docs/examples/mesh-expansion/multi-network/index.md
View File

@ -35,7 +35,7 @@ cluster for mesh expansion, run the following commands on a machine with cluster
{{< /text >}}
For further details and customization options, refer to the
[Installation with Helm](/docs/setup/kubernetes/install/helm/) instructions.
[Installation with Helm](/docs/setup/install/helm/) instructions.
1. Deploy Istio control plane into the cluster
@ -403,7 +403,7 @@ The `server: envoy` header indicates that the sidecar intercepted the traffic.
{{< /text >}}
{{< tip >}}
Ensure you have added `istioctl` client to your `PATH` environment variable, as described in the [Download page](/docs/setup/kubernetes/#downloading-the-release).
Ensure you have added `istioctl` client to your `PATH` environment variable, as described in the [Download page](/docs/setup/#downloading-the-release).
{{< /tip >}}
1. Deploy a pod running the `sleep` service in the Kubernetes cluster, and wait until it is ready:

2
content/en/docs/examples/mesh-expansion/single-network/index.md
View File

@ -12,7 +12,7 @@ an Istio mesh deployed on Kubernetes.
## Prerequisites
* You have already set up Istio on Kubernetes. If you haven't done so, you can find out how in the [Installation guide](/docs/setup/kubernetes/install/kubernetes/).
* You have already set up Istio on Kubernetes. If you haven't done so, you can find out how in the [Installation guide](/docs/setup/install/kubernetes/).
* Mesh expansion machines must have IP connectivity to the endpoints in the mesh. This
typically requires a VPC or a VPN, as well as a container network that

2
content/en/docs/examples/multicluster/gke/index.md
View File

@ -313,7 +313,7 @@ $ kubectl label secret ${CLUSTER_NAME} istio/multiCluster=true -n ${NAMESPACE}
## Uninstalling
The following should be done in addition to the uninstall of Istio as described in the
[VPN-based multicluster uninstall section](/docs/setup/kubernetes/install/multicluster/shared-vpn/):
[VPN-based multicluster uninstall section](/docs/setup/install/multicluster/shared-vpn/):
1. Delete the Google Cloud firewall rule:

4
content/en/docs/examples/multicluster/icp/index.md
View File

@ -147,14 +147,14 @@ across all nodes in the two IBM Cloud Private Clusters.
## Install Istio for multicluster
Follow the [single-network shared control plane instructions](/docs/setup/kubernetes/install/multicluster/shared-vpn/) to install and configure
Follow the [single-network shared control plane instructions](/docs/setup/install/multicluster/shared-vpn/) to install and configure
local Istio control plane and Istio remote on `cluster-1` and `cluster-2`.
In this guide, it is assumed that the local Istio control plane is deployed in `cluster-1`, while the Istio remote is deployed in `cluster-2`.
## Deploy the Bookinfo example across clusters
The following example enables [automatic sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection).
The following example enables [automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection).
1. Install `bookinfo` on the first cluster `cluster-1`. Remove the `reviews-v3` deployment which will be deployed on cluster `cluster-2` in the following step:

6
content/en/docs/ops/security/harden-docker-images/index.md
View File

@ -21,15 +21,15 @@ For ease of the installation, they are available with a `-distroless` suffix.
## Install distroless images
You should follow the [Installation Steps](/docs/setup/kubernetes/install/helm/) to setup Istio. You can pass the following parameter to `helm` to use the *distroless images*
You should follow the [Installation Steps](/docs/setup/install/helm/) to setup Istio. You can pass the following parameter to `helm` to use the *distroless images*
For [Option 1](/docs/setup/kubernetes/install/helm/#option-1-install-with-helm-via-helm-template) use
For [Option 1](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template) use
{{< text bash >}}
$ helm template [...] --set global.tag={{< istio_full_version >}}-distroless
{{< /text >}}
For [Option 2](/docs/setup/kubernetes/install/helm/#option-2-install-with-helm-and-tiller-via-helm-install)
For [Option 2](/docs/setup/install/helm/#option-2-install-with-helm-and-tiller-via-helm-install)
{{< text bash >}} use
$ helm install [...] --set global.tag={{< istio_full_version >}}-distroless

4
content/en/docs/ops/security/root-transition/index.md
View File

@ -68,7 +68,7 @@ please follow the procedure and check whether you will be affected.
Because the Pilot has issue using the old root certificate to verify the new workload certificates.
This may cause disconnection between Pilot and Envoy.
Please see the [here](#how-to-check-if-pilot-has-an-envoy-sidecar) for how to check.
The [Istio upgrade guide](/docs/setup/kubernetes/upgrade/steps/)
The [Istio upgrade guide](/docs/setup/upgrade/steps/)
by default installs Pilot with Envoy sidecar.
{{< /warning >}}
@ -122,7 +122,7 @@ please follow the procedure and check whether you will be affected.
{{< /warning >}}
Upgrade your control plane and `istio-proxy` sidecars to 1.0.8, 1.1.8 or later.
Please follow the Istio [upgrade procedure](/docs/setup/kubernetes/upgrade/steps/).
Please follow the Istio [upgrade procedure](/docs/setup/upgrade/steps/).
1. Verify the new workload certificates are loaded by Envoy:

4
content/en/docs/ops/setup/app-health-check/index.md
View File

@ -26,7 +26,7 @@ mutual TLS enabled.
* Understand [Kubernetes liveness and readiness probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/), Istio
[authentication policy](/docs/concepts/security/#authentication-policies) and [mutual TLS authentication](/docs/concepts/security/#mutual-tls-authentication) concepts.
* Have a Kubernetes cluster with Istio installed, without global mutual TLS enabled (meaning use `istio.yaml` as described in [installation steps](/docs/setup/kubernetes/install/kubernetes/#installation-steps), or set `global.mtls.enabled` to false using [Helm](/docs/setup/kubernetes/install/helm/)).
* Have a Kubernetes cluster with Istio installed, without global mutual TLS enabled (meaning use `istio.yaml` as described in [installation steps](/docs/setup/install/kubernetes/#installation-steps), or set `global.mtls.enabled` to false using [Helm](/docs/setup/install/helm/)).
## Liveness and readiness probes with command option
@ -99,7 +99,7 @@ You have two ways to enable Istio to rewrite the liveness HTTP probes.
#### Enable via Helm Option Globally
[Install Istio](/docs/setup/kubernetes/install/helm/) with the `sidecarInjectorWebhook.rewriteAppHTTPProbe=true`
[Install Istio](/docs/setup/install/helm/) with the `sidecarInjectorWebhook.rewriteAppHTTPProbe=true`
[Helm installation option](/docs/reference/config/installation-options/#sidecarinjectorwebhook-options).
**Alternatively**, update the configuration map of Istio sidecar injection:

4
content/en/docs/ops/setup/webhook/index.md
View File

@ -27,7 +27,7 @@ detailed documentation of the mutating and validating webhook configuration.
## Verify dynamic admission webhook prerequisites
See the [quick start prerequisites](/docs/setup/kubernetes/install/kubernetes/#prerequisites)
See the [quick start prerequisites](/docs/setup/install/kubernetes/#prerequisites)
for Kubernetes provider specific setup instructions. Webhooks will not
function properly if the cluster is misconfigured. You can follow
these steps once the cluster has been configured and dynamic
@ -51,7 +51,7 @@ webhooks and dependent features are not functioning properly.
1. Verify `MutatingAdmissionWebhook` and `ValidatingAdmissionWebhook` plugins are
listed in the `kube-apiserver --enable-admission-plugins`. Access
to this flag is [provider specific](/docs/setup/kubernetes/install/kubernetes/#prerequisites).
to this flag is [provider specific](/docs/setup/install/kubernetes/#prerequisites).
1. Verify the Kubernetes api-server has network connectivity to the
webhook pod. e.g. incorrect `http_proxy` settings can interfere

2
content/en/docs/ops/telemetry/missing-metrics/index.md
View File

@ -41,7 +41,7 @@ Mixer generates metrics to monitor its own behavior. The first step is to check
If you do not see any data for `grpc_io_server_completed_rpcs` with a `grpc_server_method="istio.mixer.v1.Mixer/Report"`, then Envoy is not calling Mixer to report telemetry.
1. In this case, ensure you integrated the services properly into the mesh. You can achieve this task with either [automatic or manual sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/).
1. In this case, ensure you integrated the services properly into the mesh. You can achieve this task with either [automatic or manual sidecar injection](/docs/setup/additional-setup/sidecar-injection/).
## Verify the Mixer rules exist

4
content/en/docs/ops/traffic-management/proxy-cmd/index.md
View File

@ -16,8 +16,8 @@ to inspect Envoy configuration and diagnose the issue.
If you want to try the commands described below, you can either:
* Have a Kubernetes cluster with Istio and Bookinfo installed (e.g use `istio.yaml` as described in
[installation steps](/docs/setup/kubernetes/install/kubernetes/#installation-steps) and
[Bookinfo installation steps](/docs/examples/bookinfo/#if-you-are-running-on-kubernetes)).
[installation steps](/docs/setup/install/kubernetes/#installation-steps) and
[Bookinfo installation steps](/docs/examples/bookinfo/#deploying-the-application)).
OR

2
content/en/docs/ops/traffic-management/troubleshooting/index.md
View File

@ -51,7 +51,7 @@ but similar version routing rules have no effect on your own application, it may
your Kubernetes services need to be changed slightly.
Kubernetes services must adhere to certain restrictions in order to take advantage of
Istio's L7 routing features.
Refer to the [Requirements for Pods and Services](/docs/setup/kubernetes/additional-setup/requirements/)
Refer to the [Requirements for Pods and Services](/docs/setup/additional-setup/requirements/)
for details.
Another potential issue is that the route rules may simply be slow to take effect.

2
content/en/docs/reference/config/installation-options-changes/index.md
View File

@ -65,7 +65,7 @@ The tables below show changes made to the installation options used to customize
| --- | --- | --- |
| `sidecarInjectorWebhook.podAntiAffinityLabelSelector` | `[]` | |
| `sidecarInjectorWebhook.podAntiAffinityTermLabelSelector` | `[]` | |
| `sidecarInjectorWebhook.neverInjectSelector` | `[]` | `You can use the field called alwaysInjectSelector and neverInjectSelector which will always inject the sidecar or always skip the injection on pods that match that label selector, regardless of the global policy. See https://istio.io/docs/setup/kubernetes/additional-setup/sidecar-injection/more-control-adding-exceptions` |
| `sidecarInjectorWebhook.neverInjectSelector` | `[]` | `You can use the field called alwaysInjectSelector and neverInjectSelector which will always inject the sidecar or always skip the injection on pods that match that label selector, regardless of the global policy. See https://istio.io/docs/setup/additional-setup/sidecar-injection/more-control-adding-exceptions` |
| `sidecarInjectorWebhook.alwaysInjectSelector` | `[]` | |
### New `global` key/value pairs

2
content/en/docs/reference/config/installation-options/index.md
View File

@ -444,7 +444,7 @@ To customize Istio install using Helm, use the `--set <key>=<value>` option in H
| `sidecarInjectorWebhook.podAntiAffinityLabelSelector` | `[]` | |
| `sidecarInjectorWebhook.podAntiAffinityTermLabelSelector` | `[]` | |
| `sidecarInjectorWebhook.rewriteAppHTTPProbe` | `false` | `If true, webhook or istioctl injector will rewrite PodSpec for liveness health check to redirect request to sidecar. This makes liveness check work even when mTLS is enabled.` |
| `sidecarInjectorWebhook.neverInjectSelector` | `[]` | `You can use the field called alwaysInjectSelector and neverInjectSelector which will always inject the sidecar or always skip the injection on pods that match that label selector, regardless of the global policy. See https://istio.io/docs/setup/kubernetes/additional-setup/sidecar-injection/more-control-adding-exceptions` |
| `sidecarInjectorWebhook.neverInjectSelector` | `[]` | `You can use the field called alwaysInjectSelector and neverInjectSelector which will always inject the sidecar or always skip the injection on pods that match that label selector, regardless of the global policy. See https://istio.io/docs/setup/additional-setup/sidecar-injection/more-control-adding-exceptions` |
| `sidecarInjectorWebhook.alwaysInjectSelector` | `[]` | |
## `tracing` options

2
content/en/docs/reference/config/policy-and-telemetry/adapters/kubernetesenv/index.html
View File

@ -76,7 +76,7 @@ This controls how frequently the complete resync occurs.</p>
<p>Details on multicluster and the Kubernetes secret required to
access the remote cluster&rsquo;s credentials can be found in
<a href="/docs/setup/kubernetes/install/multicluster/">multicluster install</a>.</p>
<a href="/docs/setup/install/multicluster/">multicluster install</a>.</p>
<p>NOTE: If <code>cluster_registries_namespace</code> is not set then the environment
variable <code>POD_NAMESPACE</code> is checked/used. If <code>POD_NAMESPACE</code> is not

104
content/en/docs/setup/_index.md
View File

@ -1,6 +1,108 @@
---
title: Setup
description: How to deploy and upgrade Istio in various environments such as Kubernetes and Consul.
description: Instructions for installing the Istio control plane on Kubernetes and adding virtual machines into the mesh.
weight: 15
icon: setup
aliases:
- /docs/tasks/installing-istio.html
- /docs/setup/install-kubernetes.html
- /docs/setup/kubernetes/quick-start.html
- /docs/setup/kubernetes/download-release/
- /docs/setup/kubernetes/download/
- /docs/setup/kubernetes/
keywords: [kubernetes,install,quick-start,setup,installation]
content_above: true
---
{{< tip >}}
Istio {{< istio_version >}} has been tested with these Kubernetes releases: {{< supported_kubernetes_versions >}}.
{{< /tip >}}
Visit our [getting started guide](/docs/setup/getting-started/) to
learn how to evaluate and try Istio's basic features quickly.
Istio offers multiple installation flows
depending on your platform and whether or not you intend to use Istio in production.
At a high level, the basic flow is the same regardless of platform:
1. [Review the pod requirements](/docs/setup/additional-setup/requirements/)
1. [Prepare your platform for Istio](/docs/setup/platform-setup/)
1. [Download the Istio release](#downloading-the-release)
1. [Install Istio on your platform](#installing-istio)
## Installing Istio
Choose one of the following installation options, depending on your intended use:
- [Demo installation](/docs/setup/install/kubernetes/):
This option is ideal if you're new to Istio and just want to try it out.
It allows you to experiment with many Istio features with modest resource requirements.
- [Custom installation with Helm](/docs/setup/install/helm/):
This option is ideal to install Istio for production use or for performance evaluation.
- [Supported platform installation](/docs/setup/install/platform/):
This option is ideal if your platform provides native support for Istio-enabled clusters
with a [configuration profile](/docs/setup/additional-setup/config-profiles/)
corresponding to your intended use.
After choosing an option and installing Istio on your cluster, you can deploy
your own applications or experiment with some of our [tasks](/docs/tasks/) and [examples](/docs/examples/).
{{< tip >}}
If you're running your own applications, make sure to
check the [requirements for pods and services](/docs/setup/additional-setup/requirements/).
{{< /tip >}}
When you're ready to consider more advanced Istio use cases, check out the following resources:
- To install using Istio's Container Network Interface
(CNI) plugin, visit our [CNI guide](/docs/setup/additional-setup/cni/).
- To perform a multicluster setup, visit our
[multicluster installation documents](/docs/setup/install/multicluster/).
- To expand your existing mesh with additional containers or VMs not running on
your mesh's Kubernetes cluster, follow our [mesh expansion guide](/docs/examples/mesh-expansion/).
- To add services requires a detailed understanding of sidecar injection. Visit our
[sidecar injection guide](/docs/setup/additional-setup/sidecar-injection/)
to learn more.
## Downloading the release
Istio is installed in its own `istio-system` namespace and can manage
services from all other namespaces.
1. Go to the [Istio release](https://github.com/istio/istio/releases) page to
download the installation file corresponding to your OS. On a macOS or
Linux system, you can run the following command to download and
extract the latest release automatically:
{{< text bash >}}
$ curl -L https://git.io/getLatestIstio | ISTIO_VERSION={{< istio_full_version >}} sh -
{{< /text >}}
1. Move to the Istio package directory. For example, if the package is
`istio-{{< istio_full_version >}}`:
{{< text bash >}}
$ cd istio-{{< istio_full_version >}}
{{< /text >}}
The installation directory contains:
- Installation YAML files for Kubernetes in `install/kubernetes`
- Sample applications in `samples/`
- The `istioctl` client binary in the `bin/` directory. `istioctl` is
used when manually injecting Envoy as a sidecar proxy.
1. Add the `istioctl` client to your `PATH` environment variable, on a macOS or
Linux system:
{{< text bash >}}
$ export PATH=$PWD/bin:$PATH
{{< /text >}}
1. You can enable the [auto-completion option](/docs/ops/setup/istioctl) when working with a bash or ZSH console.

1
content/en/docs/setup/kubernetes/additional-setup/_index.md → content/en/docs/setup/additional-setup/_index.md
View File

@ -5,5 +5,6 @@ weight: 100
aliases:
- /docs/tasks/installing-istio.html
- /docs/setup/install-kubernetes.html
- /docs/setup/kubernetes/additional-setup/
keywords: [sidecar-injection, mesh-expansion, pod-requirements, piecemeal-install]
---

13
content/en/docs/setup/kubernetes/additional-setup/cni/index.md → content/en/docs/setup/additional-setup/cni/index.md
View File

@ -4,6 +4,7 @@ description: Install and use Istio with the Istio CNI plugin, allowing operators
weight: 70
aliases:
- /docs/setup/kubernetes/install/cni
- /docs/setup/kubernetes/additional-setup/cni
keywords: [kubernetes,cni,sidecar,proxy,network,helm]
---
@ -23,7 +24,7 @@ networking functionality but without requiring Istio users to enable elevated
Kubernetes RBAC permissions.
The Istio CNI plugin performs the Istio mesh pod traffic redirection in the Kubernetes pod lifecycle's network
setup phase, thereby removing the [`NET_ADMIN` capability requirement](/docs/setup/kubernetes/additional-setup/requirements/)
setup phase, thereby removing the [`NET_ADMIN` capability requirement](/docs/setup/additional-setup/requirements/)
for users deploying pods into the Istio mesh. The [Istio CNI plugin](https://github.com/istio/cni)
replaces the functionality provided by the `istio-init` container.
@ -46,7 +47,7 @@ replaces the functionality provided by the `istio-init` container.
Refer to [Hosted Kubernetes settings](#hosted-kubernetes-settings) for any non-default settings required.
1. Install Istio CNI and Istio using Helm.
Refer to the [Customizable Install with Helm](/docs/setup/kubernetes/install/helm/#cni) instructions and the
Refer to the [Customizable Install with Helm](/docs/setup/install/helm/#cni) instructions and the
**Istio CNI enabled** profile.
Pass `--set cniBinDir=...` and/or `--set cniConfDir=...` options when installing `istio-cni` if non-default,
as determined in the previous step.
@ -76,7 +77,7 @@ This example uses Helm to perform the following tasks:
* `foo_ns`
* `bar_ns`
Refer to the [Customizable Install with Helm](/docs/setup/kubernetes/install/helm/#cni) for complete instructions.
Refer to the [Customizable Install with Helm](/docs/setup/install/helm/#cni) for complete instructions.
Use the following command to render and apply Istio CNI components and override the default configuration of the
`istio-cni` Helm chart's `logLevel` and `excludeNamespaces` parameters:
@ -104,7 +105,7 @@ The following table shows the required settings for many common Kubernetes envir
### GKE setup
1. Refer to the procedure to [prepare a GKE cluster for Istio](/docs/setup/kubernetes/platform-setup/gke/) and
1. Refer to the procedure to [prepare a GKE cluster for Istio](/docs/setup/platform-setup/gke/) and
enable [network-policy](https://cloud.google.com/kubernetes-engine/docs/how-to/network-policy) in your cluster.
{{< warning >}}
@ -122,12 +123,12 @@ The following table shows the required settings for many common Kubernetes envir
The use of the Istio CNI plugin requires Kubernetes pods to be deployed with a sidecar injection method
that uses the `istio-sidecar-injector` configmap created from the Helm installation with the
`istio_cni.enabled=true`. Refer to [Istio sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/)
`istio_cni.enabled=true`. Refer to [Istio sidecar injection](/docs/setup/additional-setup/sidecar-injection/)
for details about Istio sidecar injection methods.
The following sidecar injection methods are supported for use with the Istio CNI plugin:
1. [Automatic sidecar injection](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection)
1. [Automatic sidecar injection](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection)
1. Manual sidecar injection with the `istio-sidecar-injector` configmap
1. `istioctl kube-inject` using the configmap directly:

8
content/en/docs/setup/kubernetes/additional-setup/config-profiles/index.md → content/en/docs/setup/additional-setup/config-profiles/index.md
View File

@ -2,11 +2,13 @@
title: Installation Configuration Profiles
description: Describes the built-in Istio installation configuration profiles.
weight: 35
aliases:
- /docs/setup/kubernetes/additional-setup/config-profiles/
keywords: [profiles,install,helm]
---
This page describes the built-in configuration profiles that can be used when
[installing Istio using helm](/docs/setup/kubernetes/install/helm/).
[installing Istio using helm](/docs/setup/install/helm/).
The profiles provide customization of the Istio control plane and of the sidecars for the Istio data plane.
You can start with one of Istios built-in configuration profiles and then further customize the configuration for
your specific needs. The following built-in configuration profiles are currently available:
@ -16,7 +18,7 @@ your specific needs. The following built-in configuration profiles are currently
1. **demo**: configuration designed to showcase Istio functionality with modest resource requirements.
It is suitable to run the [Bookinfo](/docs/examples/bookinfo/) application and associated tasks.
This is the same configuration that is installed with the [Quick Start](/docs/setup/kubernetes/install/kubernetes/) instructions, only using helm has the advantage
This is the same configuration that is installed with the [Quick Start](/docs/setup/install/kubernetes/) instructions, only using helm has the advantage
that you can more easily enable additional features if you later wish to explore more advanced tasks.
This profile comes in two variants, either with or without authentication enabled.
@ -90,4 +92,4 @@ This profile installs the same components as the Istio **default** configuration
1. The `coredns` addon.
Refer to the [multicluster installation instructions](/docs/setup/kubernetes/install/multicluster/) for more details.
Refer to the [multicluster installation instructions](/docs/setup/install/multicluster/) for more details.

4
content/en/docs/setup/kubernetes/additional-setup/customize/index.md → content/en/docs/setup/additional-setup/customize/index.md
View File

@ -2,6 +2,8 @@
title: Advanced Install Options
description: Customize the Istio installation.
weight: 35
aliases:
- /docs/setup/kubernetes/additional-setup/customize/
keywords: [kubernetes]
draft: true
---
@ -57,6 +59,6 @@ istio-citadel-b48446f79-wd4tk 1/1 Running 0 1m
istio-pilot-58c65f74bc-2f5xn 2/2 Running 0 1m
{{< /text >}}
With this minimal set you can install your own application and [configure request routing](/docs/tasks/traffic-management/request-routing/). You will need to [manually inject the sidecar](/docs/setup/kubernetes/additional-setup/sidecar-injection/#manual-sidecar-injection).
With this minimal set you can install your own application and [configure request routing](/docs/tasks/traffic-management/request-routing/). You will need to [manually inject the sidecar](/docs/setup/additional-setup/sidecar-injection/#manual-sidecar-injection).
[Installation Options](/docs/reference/config/installation-options/) has the full list of options allowing you to tailor the Istio installation to your needs. Before you override the default value with `--set` in `helm install`, please check the configurations for the option in `install/kubernetes/helm/istio/values.yaml` and uncomment the commented context if needed.

3
content/en/docs/setup/kubernetes/additional-setup/requirements/index.md → content/en/docs/setup/additional-setup/requirements/index.md
View File

@ -6,6 +6,7 @@ aliases:
- /docs/setup/kubernetes/spec-requirements/
- /docs/setup/kubernetes/prepare/spec-requirements/
- /docs/setup/kubernetes/prepare/requirements/
- /docs/setup/kubernetes/additional-setup/requirements/
keywords: [kubernetes,sidecar,sidecar-injection]
---
@ -61,7 +62,7 @@ cluster must satisfy the following requirements:
with the user ID (UID) value of **1337**.
- **`NET_ADMIN` capability**: If your cluster enforces pod security policies,
pods must allow the `NET_ADMIN` capability. If you use the [Istio CNI Plugin](/docs/setup/kubernetes/additional-setup/cni/),
pods must allow the `NET_ADMIN` capability. If you use the [Istio CNI Plugin](/docs/setup/additional-setup/cni/),
this requirement no longer applies. To learn more about the `NET_ADMIN`
capability, visit [Required Pod Capabilities](/docs/ops/setup/required-pod-capabilities/).

3
content/en/docs/setup/kubernetes/additional-setup/sidecar-injection/index.md → content/en/docs/setup/additional-setup/sidecar-injection/index.md
View File

@ -6,6 +6,7 @@ keywords: [kubernetes,sidecar,sidecar-injection]
aliases:
- /docs/setup/kubernetes/automatic-sidecar-inject.html
- /docs/setup/kubernetes/sidecar-injection/
- /docs/setup/kubernetes/additional-setup/sidecar-injection/
---
## Injection
@ -81,7 +82,7 @@ Note that unlike manual injection, automatic injection occurs at the pod-level.
#### Disabling or updating the webhook
The sidecar injecting webhook is enabled by default. If you wish to disable the webhook, you can
use [Helm](/docs/setup/kubernetes/install/helm/) to generate an updated `istio.yaml`
use [Helm](/docs/setup/install/helm/) to generate an updated `istio.yaml`
with the option `sidecarInjectorWebhook.enabled` set to `false`. E.g.
{{< text bash >}}

6
content/en/docs/setup/consul/_index.md
View File

@ -1,6 +0,0 @@
---
title: Nomad & Consul
description: Instructions for installing the Istio control plane in a Consul based environment, with or without Nomad.
weight: 20
keywords: [consul]
---

127
content/en/docs/setup/consul/install/index.md
View File

@ -1,127 +0,0 @@
---
title: Installation
description: Instructions for installing the Istio control plane in a Consul-based environment, with or without Nomad.
weight: 30
keywords: [consul]
---
{{< warning >}}
Setup on Nomad has not been tested.
{{< /warning >}}
Using Istio in a non-Kubernetes environment involves a few key tasks:
1. Setting up the Istio control plane with the Istio API server
1. Adding the Istio sidecar to every instance of a service
1. Ensuring requests are routed through the sidecars
## Setting up the control plane
Istio control plane consists of four main services: Pilot, Mixer, Citadel, and
the API server.
### API Server
Istio's API server (based on Kubernetes' API server) provides key functions
such as configuration management and Role-Based Access Control. The API
server requires an
[etcd cluster](https://v1-12.docs.kubernetes.io/docs/setup/scratch/#etcd)
as a persistent store. See the
[instructions for setting up the API server](https://v1-12.docs.kubernetes.io/docs/getting-started-guides/scratch/#apiserver-controller-manager-and-scheduler).
#### Local install
For _proof of concept_ purposes, it is possible to install
a simple single container API server using the following Docker-compose file:
{{< text yaml >}}
version: '2'
services:
etcd:
image: quay.io/coreos/etcd:latest
networks:
istiomesh:
aliases:
- etcd
ports:
- "4001:4001"
- "2380:2380"
- "2379:2379"
environment:
- SERVICE_IGNORE=1
command: [
"/usr/local/bin/etcd",
"-advertise-client-urls=http://0.0.0.0:2379",
"-listen-client-urls=http://0.0.0.0:2379"
]
istio-apiserver:
image: gcr.io/google_containers/kube-apiserver-amd64:v1.7.3
networks:
istiomesh:
ipv4_address: 172.28.0.13
aliases:
- apiserver
ports:
- "8080:8080"
privileged: true
environment:
- SERVICE_IGNORE=1
command: [
"kube-apiserver", "--etcd-servers", "http://etcd:2379",
"--service-cluster-ip-range", "10.99.0.0/16",
"--insecure-port", "8080",
"-v", "2",
"--insecure-bind-address", "0.0.0.0"
]
{{< /text >}}
### Other Istio components
Debian packages for Istio Pilot, Mixer, and Citadel are available through the
Istio release. Alternatively, these components can be run as Docker
containers (`docker.io/istio/pilot`, `docker.io/istio/mixer`,
`docker.io/istio/citadel`). Note that these components are stateless and can
be scaled horizontally. Each of these components depends on the Istio API
server, which in turn depends on the etcd cluster for persistence. To
achieve high availability, each control plane service could be run as a
[job](https://www.nomadproject.io/docs/job-specification/index.html) in
Nomad, where the
[service stanza](https://www.nomadproject.io/docs/job-specification/service.html)
can be used to describe the desired properties of the control plane services. Some
of these components may require additional install artifacts to be present in the
Istio API server to function appropriately.
## Adding sidecars to service instances
Each instance of a service in an application must be accompanied by the
Istio sidecar. Depending on the unit of your installation (Docker
containers, VM, bare metal nodes), the Istio sidecar needs to be installed
into these components. For example, if your infrastructure uses VMs, the
Istio sidecar process must be run on each VM that needs to be part of the
service mesh.
One way to package the sidecars into a Nomad-based deployment is to add the
Istio sidecar process as a task in a
[task group](https://www.nomadproject.io/docs/job-specification/group.html). A
task group is a collection of one or more related tasks that are guaranteed to be
colocated on the same host. However, unlike Kubernetes Pods, tasks in a
group do not share the same network namespace. Hence, care must be taken to
ensure that only one task group is run per host, when using `iptables`
rules to transparently re-route all network traffic via the Istio
sidecar. When support for non-transparent proxying (application explicitly
talks to the sidecar) is available in Istio, this restriction will no
longer apply.
## Routing traffic through Istio sidecars
Part of the sidecar installation should involve setting up appropriate IP
Table rules to transparently route application's network traffic through
the Istio sidecars. The IP table script to setup such forwarding can be
found in the
[here]({{< github_file >}}/tools/packaging/common/istio-iptables.sh).
{{< warning >}}
This script must be executed before starting the application or
the sidecar process.
{{< /warning >}}

105
content/en/docs/setup/consul/quick-start/index.md
View File

@ -1,105 +0,0 @@
---
title: Quick Start on Docker
description: Quick Start instructions to setup the Istio service mesh with Docker Compose.
weight: 10
keywords: [consul]
---
Quick Start instructions to install and configure Istio networking in a Docker Compose setup.
## Prerequisites
* [Docker](https://docs.docker.com/engine/installation/)
* [Docker Compose](https://docs.docker.com/compose/install/)
## Installation steps
1. Go to the [Istio release](https://github.com/istio/istio/releases) page to download the
installation file corresponding to your OS. If you are using a macOS or Linux system, you can also
run the following command to download and extract the latest release automatically:
{{< text bash >}}
$ curl -L https://git.io/getLatestIstio | ISTIO_VERSION={{< istio_full_version >}} sh -
{{< /text >}}
1. Extract the installation file and change the directory to the file location. The
installation directory contains:
* Sample applications in `samples/`
* The `istioctl` client binary in the `bin/` directory. `istioctl` is used for some debug and diagnostics tasks.
* The `istio.VERSION` configuration file
1. Add the `istioctl` client to your PATH.
For example, run the following command on a macOS or Linux system:
{{< text bash >}}
$ export PATH=$PWD/bin:$PATH
{{< /text >}}
1. Install `kubectl` using [these instructions](https://kubernetes.io/docs/tasks/tools/install-kubectl).
`kubectl` is used to create, read, modify, and delete Istio API resources.
1. For Linux users, configure the `DOCKER_GATEWAY` environment variable
{{< text bash >}}
$ export DOCKER_GATEWAY=172.28.0.1:
{{< /text >}}
1. Change directory to the root of the Istio installation directory.
1. Bring up the Istio networking control plane containers:
{{< text bash >}}
$ docker-compose -f install/consul/istio.yaml up -d
{{< /text >}}
{{< warning >}}
The Consul install only configures Istio Pilot. To use Istio Mixer (policy enforcement and telemetry reporting) or Istio Galley, further installation steps
will be necessary. Those steps are beyond the scope of this guide.
{{< /warning >}}
1. Confirm that all Docker containers are running:
{{< text bash >}}
$ docker ps -a
{{< /text >}}
{{< tip >}}
If the Istio Pilot container terminates, ensure that you ran the `kubectl config` commands below and re-run the command from the previous step.
{{< /tip >}}
1. Configure `kubectl` to use mapped local port for the API server:
{{< text bash >}}
$ kubectl config set-context istio --cluster=istio
$ kubectl config set-cluster istio --server=http://localhost:8080
$ kubectl config use-context istio
{{< /text >}}
## Deploy your application
You can now deploy your own application or one of the sample applications provided with the
installation like[Bookinfo](/docs/examples/bookinfo/#if-you-are-running-on-docker-with-consul).
{{< tip >}}
Since there is no concept of pods in a Docker setup, the Istio
sidecar runs in the same container as the application. We will
use [Registrator](https://gliderlabs.github.io/registrator/latest/) to
automatically register instances of services in the Consul service
registry.
The application must use HTTP/1.1 or HTTP/2.0 protocol for all its HTTP traffic because HTTP/1.0 is not supported.
{{< /tip >}}
{{< text bash >}}
$ docker-compose -f <your-app-spec>.yaml up -d
{{< /text >}}
## Uninstalling
Uninstall Istio core components by removing the Docker containers:
{{< text bash >}}
$ docker-compose -f install/consul/istio.yaml down
{{< /text >}}

10
content/en/docs/setup/kubernetes/getting-started/index.md → content/en/docs/setup/getting-started/index.md
View File

@ -2,6 +2,8 @@
title: Getting Started
description: Download, install, and try out Istio.
weight: 5
aliases:
- /docs/setup/kubernetes/getting-started/
skip_toc: true
keywords: [getting-started, install, bookinfo, quick-start, kubernetes]
---
@ -10,11 +12,11 @@ This guide lets you try out Istio quickly and it's the ideal starting
point if you are new to the project. To get started, download and install
Istio's built-in **demo** configuration:
1. [Setup your platform](/docs/setup/kubernetes/platform-setup/)
1. [Download the Istio release](/docs/setup/kubernetes/#downloading-the-release)
1. [Follow the quick-start installation instructions](/docs/setup/kubernetes/install/kubernetes)
1. [Setup your platform](/docs/setup/platform-setup/)
1. [Download the Istio release](/docs/setup/#downloading-the-release)
1. [Follow the quick-start installation instructions](/docs/setup/install/kubernetes)
With Istio installed, you can [deploy the Bookinfo sample](/docs/examples/bookinfo/#if-you-are-running-on-kubernetes)
With Istio installed, you can [deploy the Bookinfo sample](/docs/examples/bookinfo/#deploying-the-application)
and evaluate Istio's features for traffic routing, fault injection, rate
limiting, etc. Explore the various [Istio tasks](/docs/tasks/), and try out the
tasks that interest you. If you are not sure where to begin, the following

2
content/en/docs/setup/kubernetes/install/_index.md → content/en/docs/setup/install/_index.md
View File

@ -3,6 +3,8 @@ title: Installation Guides
linktitle: Install
description: Choose the guide that best suits your needs and platform.
weight: 20
aliases:
- /docs/setup/kubernetes/install/
---
{{< tip >}}

23
content/en/docs/setup/kubernetes/install/helm/index.md → content/en/docs/setup/install/helm/index.md
View File

@ -7,6 +7,7 @@ aliases:
- /docs/setup/kubernetes/helm.html
- /docs/tasks/integrating-services-into-istio.html
- /docs/setup/kubernetes/helm-install/
- /docs/setup/kubernetes/install/helm/
icon: helm
---
@ -28,16 +29,16 @@ using `kubectl apply`, or you can choose to use `helm install` and let
completely manage the installation.
Using these instructions, you can select any one of Istio's built-in
[configuration profiles](/docs/setup/kubernetes/additional-setup/config-profiles/)
[configuration profiles](/docs/setup/additional-setup/config-profiles/)
and then further customize the configuration for your specific needs.
## Prerequisites
1. [Download the Istio release](/docs/setup/kubernetes/#downloading-the-release).
1. [Download the Istio release](/docs/setup/#downloading-the-release).
1. Perform any necessary [platform-specific setup](/docs/setup/kubernetes/platform-setup/).
1. Perform any necessary [platform-specific setup](/docs/setup/platform-setup/).
1. Check the [Requirements for Pods and Services](/docs/setup/kubernetes/additional-setup/requirements/).
1. Check the [Requirements for Pods and Services](/docs/setup/additional-setup/requirements/).
1. [Install a Helm client](https://github.com/helm/helm/blob/master/docs/install.md) with a version higher than 2.10.
@ -63,8 +64,8 @@ extra white space in the command line is not properly handled resulting in a `he
or `helm install` operation that produces an incorrect manifest.
{{< /warning >}}
1. To deploy Istio without using Tiller, follow the instructions for [option 1](/docs/setup/kubernetes/install/helm/#option-1-install-with-helm-via-helm-template).
1. To use [Helm's Tiller pod](https://helm.sh/) to manage your Istio release, follow the instructions for [option 2](/docs/setup/kubernetes/install/helm/#option-2-install-with-helm-and-tiller-via-helm-install).
1. To deploy Istio without using Tiller, follow the instructions for [option 1](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template).
1. To use [Helm's Tiller pod](https://helm.sh/) to manage your Istio release, follow the instructions for [option 2](/docs/setup/install/helm/#option-2-install-with-helm-and-tiller-via-helm-install).
{{< tip >}}
Istio, by default, uses `LoadBalancer` service object types. Some platforms do not support `LoadBalancer`
@ -94,7 +95,7 @@ deployed and you don't want to install it.
1. {{< boilerplate verify-crds >}}
1. Select a [configuration profile](/docs/setup/kubernetes/additional-setup/config-profiles/)
1. Select a [configuration profile](/docs/setup/additional-setup/config-profiles/)
and then render and apply Istio's core components corresponding to your chosen profile.
The **default** profile is recommended for production deployments:
@ -151,7 +152,7 @@ $ helm template install/kubernetes/helm/istio --name istio --namespace istio-sys
{{< tab name="Istio CNI enabled" cookie-value="cni" >}}
Install the [Istio CNI](/docs/setup/kubernetes/additional-setup/cni/) components:
Install the [Istio CNI](/docs/setup/additional-setup/cni/) components:
{{< text bash >}}
$ helm template install/kubernetes/helm/istio-cni --name=istio-cni --namespace=istio-system | kubectl apply -f -
@ -198,7 +199,7 @@ to manage the lifecycle of Istio.
1. {{< boilerplate verify-crds >}}
1. Select a [configuration profile](/docs/setup/kubernetes/additional-setup/config-profiles/)
1. Select a [configuration profile](/docs/setup/additional-setup/config-profiles/)
and then install the `istio` chart corresponding to your chosen profile.
The **default** profile is recommended for production deployments:
@ -255,7 +256,7 @@ $ helm install install/kubernetes/helm/istio --name istio --namespace istio-syst
{{< tab name="Istio CNI enabled" cookie-value="cni" >}}
Install the [Istio CNI](/docs/setup/kubernetes/additional-setup/cni/) chart:
Install the [Istio CNI](/docs/setup/additional-setup/cni/) chart:
{{< text bash >}}
$ helm install install/kubernetes/helm/istio-cni --name istio-cni --namespace istio-system
@ -275,7 +276,7 @@ $ helm install install/kubernetes/helm/istio --name istio --namespace istio-syst
## Verifying the installation
1. Referring to components table in
[configuration profiles](/docs/setup/kubernetes/additional-setup/config-profiles/),
[configuration profiles](/docs/setup/additional-setup/config-profiles/),
verify that the Kubernetes services corresponding to your selected profile have been deployed.
{{< text bash >}}

13
content/en/docs/setup/kubernetes/install/kubernetes/index.md → content/en/docs/setup/install/kubernetes/index.md
View File

@ -5,9 +5,10 @@ weight: 10
keywords: [kubernetes]
aliases:
- /docs/setup/kubernetes/quick-start/
- /docs/setup/kubernetes/install/kubernetes/
---
This guide installs Istio's built-in **demo** [configuration profile](/docs/setup/kubernetes/additional-setup/config-profiles/)
This guide installs Istio's built-in **demo** [configuration profile](/docs/setup/additional-setup/config-profiles/)
using basic Kubernetes commands without needing to download or install
[Helm](https://github.com/helm/helm). This installation lets you quickly
evaluate Istio in a Kubernetes cluster on any platform.
@ -19,14 +20,14 @@ access logging.
{{< /warning >}}
To install Istio for production use, we recommend using the
[Helm Installation guide](/docs/setup/kubernetes/install/helm/)
[Helm Installation guide](/docs/setup/install/helm/)
instead, which provides many more options for selecting and managing the Istio
configuration. This permits customization of Istio to operator specific
requirements.
## Prerequisites
1. [Download the Istio release](/docs/setup/kubernetes/#downloading-the-release).
1. [Download the Istio release](/docs/setup/#downloading-the-release).
{{< warning >}}
These quick-start instructions will not work with a downloaded [istio repository](https://github.com/istio/istio)
@ -35,9 +36,9 @@ requirements.
refer to the [developer wiki](https://github.com/istio/istio/wiki) for instructions.
{{< /warning >}}
1. Perform any necessary [platform-specific setup](/docs/setup/kubernetes/platform-setup/).
1. Perform any necessary [platform-specific setup](/docs/setup/platform-setup/).
1. Check the [Requirements for Pods and Services](/docs/setup/kubernetes/additional-setup/requirements/).
1. Check the [Requirements for Pods and Services](/docs/setup/additional-setup/requirements/).
## Installation steps
@ -155,7 +156,7 @@ traffic; HTTP/1.0 is not supported.
{{< /warning >}}
When you deploy your application using `kubectl apply`,
the [Istio sidecar injector](/docs/setup/kubernetes/additional-setup/sidecar-injection/#automatic-sidecar-injection)
the [Istio sidecar injector](/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection)
will automatically inject Envoy containers into your
application pods if they are started in namespaces labeled with `istio-injection=enabled`:

1
content/en/docs/setup/kubernetes/install/multicluster/_index.md → content/en/docs/setup/install/multicluster/_index.md
View File

@ -5,6 +5,7 @@ weight: 30
aliases:
- /docs/setup/kubernetes/multicluster-install/
- /docs/setup/kubernetes/multicluster/
- /docs/setup/kubernetes/install/multicluster/
keywords: [kubernetes,multicluster]
---

19
content/en/docs/setup/kubernetes/install/multicluster/gateways/index.md → content/en/docs/setup/install/multicluster/gateways/index.md
View File

@ -3,9 +3,10 @@ title: Dedicated control planes
description: Install an Istio mesh across multiple Kubernetes clusters with individually deployed control planes.
weight: 2
aliases:
- /docs/setup/kubernetes/multicluster-install/gateways/
- /docs/examples/multicluster/gateways/
- /docs/tasks/multicluster/gateways/
- /docs/setup/kubernetes/multicluster-install/gateways/
- /docs/examples/multicluster/gateways/
- /docs/tasks/multicluster/gateways/
- /docs/setup/kubernetes/install/multicluster/gateways/
keywords: [kubernetes,multicluster,gateway]
---
@ -30,7 +31,7 @@ Cross-cluster communication occurs over Istio gateways of the respective cluster
* Two or more Kubernetes clusters with versions: {{< supported_kubernetes_versions >}}.
* Authority to deploy the [Istio control plane using Helm](/docs/setup/kubernetes/install/helm/)
* Authority to deploy the [Istio control plane using Helm](/docs/setup/install/helm/)
on **each** Kubernetes cluster.
* The IP address of the `istio-ingressgateway` service in each cluster must be accessible
@ -38,7 +39,7 @@ Cross-cluster communication occurs over Istio gateways of the respective cluster
Not all cloud providers support NLBs and some require special annotations to use them,
so please consult your cloud providers documentation for enabling NLBs for
service object type load balancers. When deploying on platforms without
NLB support, it may be necessary to modify the healthchecks for the load
NLB support, it may be necessary to modify the health checks for the load
balancer to register the ingress gateway.
* A **Root CA**. Cross cluster communication requires mutual TLS connection
@ -48,7 +49,7 @@ Cross-cluster communication occurs over Istio gateways of the respective cluster
sample root CA certificate available in the Istio installation
under the `samples/certs` directory.
## Deploy the Istio control plane in each cluster {#deploy-istio}
## Deploy the Istio control plane in each cluster
1. Generate intermediate CA certificates for each cluster's Citadel from your
organization's root CA. The shared root CA enables mutual TLS communication
@ -67,7 +68,7 @@ Cross-cluster communication occurs over Istio gateways of the respective cluster
{{< /text >}}
For further details and customization options, refer to the
[Installation with Helm](/docs/setup/kubernetes/install/helm/) instructions.
[Installation with Helm](/docs/setup/install/helm/) instructions.
1. Run the following commands in **every cluster** to deploy an identical Istio control plane
configuration in all of them.
@ -309,8 +310,8 @@ running in a second cluster. Before you begin:
`<IPofCluster2IngressGateway>:15443` over a mutual TLS connection.
The gateway for port 15443 is a special SNI-aware Envoy
preconfigured and installed as part of the multicluster Istio installation step
in the [deploy the Istio control plane](#deploy-istio) section. Traffic entering port 15443 will be
preconfigured and installed when you deployed the Istio control plane in the cluster.
Traffic entering port 15443 will be
load balanced among pods of the appropriate internal service of the target
cluster (in this case, `httpbin.bar` in `cluster2`).

0
content/en/docs/setup/kubernetes/install/multicluster/gateways/multicluster-with-gateways.svg → content/en/docs/setup/install/multicluster/gateways/multicluster-with-gateways.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 251 KiB

After

Width:  |  Height:  |  Size: 251 KiB

0
content/en/docs/setup/kubernetes/install/multicluster/shared-gateways/diagram.svg → content/en/docs/setup/install/multicluster/shared-gateways/diagram.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 116 KiB

After

Width:  |  Height:  |  Size: 116 KiB

5
content/en/docs/setup/kubernetes/install/multicluster/shared-gateways/index.md → content/en/docs/setup/install/multicluster/shared-gateways/index.md
View File

@ -6,6 +6,7 @@ keywords: [kubernetes,multicluster]
aliases:
- /docs/examples/multicluster/split-horizon-eds/
- /docs/tasks/multicluster/split-horizon-eds/
- /docs/setup/kubernetes/install/multicluster/shared-gateways/
---
Follow this guide to configure a multicluster mesh using a
@ -28,7 +29,7 @@ No VPN connectivity nor direct network access between workloads in different clu
* Two or more Kubernetes clusters with versions: {{< supported_kubernetes_versions >}}.
* Authority to deploy the [Istio control plane using Helm](/docs/setup/kubernetes/install/helm/)
* Authority to deploy the [Istio control plane using Helm](/docs/setup/install/helm/)
* Two Kubernetes clusters (referred to as `cluster1` and `cluster2`).
@ -55,7 +56,7 @@ This will be used to access pilot on `cluster1` securely using the ingress gatew
{{< warning >}}
When you enable the additional components necessary for multicluster operation, the resource footprint
of the Istio control plane may increase beyond the capacity of the default Kubernetes cluster you created when
completing the [Platform setup](/docs/setup/kubernetes/platform-setup/) steps.
completing the [Platform setup](/docs/setup/platform-setup/) steps.
If the Istio services aren't getting scheduled due to insufficient CPU or memory, consider
adding more nodes to your cluster or upgrading to larger memory instances as necessary.
{{< /warning >}}

5
content/en/docs/setup/kubernetes/install/multicluster/shared-vpn/index.md → content/en/docs/setup/install/multicluster/shared-vpn/index.md
View File

@ -6,6 +6,7 @@ keywords: [kubernetes,multicluster,federation,vpn]
aliases:
- /docs/setup/kubernetes/multicluster-install/vpn/
- /docs/setup/kubernetes/install/multicluster/vpn/
- /docs/setup/kubernetes/install/multicluster/shared-vpn/
---
Follow this guide to install an Istio [multicluster service mesh](/docs/concepts/multicluster-deployments/)
@ -25,7 +26,7 @@ control plane and form a mesh network across multiple clusters.
* Two or more clusters running a supported Kubernetes version ({{< supported_kubernetes_versions >}}).
* The ability to deploy the [Istio control plane](/docs/setup/kubernetes/install/kubernetes/)
* The ability to deploy the [Istio control plane](/docs/setup/install/kubernetes/)
on **one** of the clusters.
* A RFC1918 network, VPN, or an alternative more advanced network technique
@ -45,7 +46,7 @@ manifests and Helm charts provided within the Istio repository.
## Deploy the local control plane
Install the [Istio control plane](/docs/setup/kubernetes/install/kubernetes/#installation-steps)
Install the [Istio control plane](/docs/setup/install/kubernetes/#installation-steps)
on **one** Kubernetes cluster.
## Install the Istio remote

0
content/en/docs/setup/kubernetes/install/multicluster/shared-vpn/multicluster-with-vpn.svg → content/en/docs/setup/install/multicluster/shared-vpn/multicluster-with-vpn.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 152 KiB

After

Width:  |  Height:  |  Size: 152 KiB

2
content/en/docs/setup/kubernetes/install/platform/_index.md → content/en/docs/setup/install/platform/_index.md
View File

@ -2,4 +2,6 @@
title: Platform-specific Instructions
description: Additional installation instructions for supported Kubernetes platforms.
weight: 40
aliases:
- /docs/setup/kubernetes/install/platform/
---

0
content/en/docs/setup/kubernetes/install/platform/alicloud/app-catalog-istio-1.0.0.png → content/en/docs/setup/install/platform/alicloud/app-catalog-istio-1.0.0.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 126 KiB

After

Width:  |  Height:  |  Size: 126 KiB

1
content/en/docs/setup/kubernetes/install/platform/alicloud/index.md → content/en/docs/setup/install/platform/alicloud/index.md
View File

@ -6,6 +6,7 @@ weight: 60
keywords: [kubernetes,alibabacloud,aliyun]
aliases:
- /docs/setup/kubernetes/quick-start-alicloud-ack/
- /docs/setup/kubernetes/install/platform/alicloud/
---
Follow this guide to install and configure an Istio mesh in the

0
content/en/docs/setup/kubernetes/install/platform/gke/dm-tracing.png → content/en/docs/setup/install/platform/gke/dm-tracing.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 75 KiB

After

Width:  |  Height:  |  Size: 75 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_bookinfo.png → content/en/docs/setup/install/platform/gke/dm_bookinfo.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 68 KiB

After

Width:  |  Height:  |  Size: 68 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_gcp_iam.png → content/en/docs/setup/install/platform/gke/dm_gcp_iam.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 32 KiB

After

Width:  |  Height:  |  Size: 32 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_gcp_iam_role.png → content/en/docs/setup/install/platform/gke/dm_gcp_iam_role.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 34 KiB

After

Width:  |  Height:  |  Size: 34 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_grafana.png → content/en/docs/setup/install/platform/gke/dm_grafana.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 228 KiB

After

Width:  |  Height:  |  Size: 228 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_kiali.png → content/en/docs/setup/install/platform/gke/dm_kiali.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 115 KiB

After

Width:  |  Height:  |  Size: 115 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_kubernetes_workloads.png → content/en/docs/setup/install/platform/gke/dm_kubernetes_workloads.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 64 KiB

After

Width:  |  Height:  |  Size: 64 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_launcher.png → content/en/docs/setup/install/platform/gke/dm_launcher.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 40 KiB

After

Width:  |  Height:  |  Size: 40 KiB

0
content/en/docs/setup/kubernetes/install/platform/gke/dm_prometheus.png → content/en/docs/setup/install/platform/gke/dm_prometheus.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 68 KiB

After

Width:  |  Height:  |  Size: 68 KiB

1
content/en/docs/setup/kubernetes/install/platform/gke/index.md → content/en/docs/setup/install/platform/gke/index.md
View File

@ -7,6 +7,7 @@ keywords: [kubernetes,gke,google]
aliases:
- /docs/setup/kubernetes/quick-start-gke-dm/
- /docs/setup/kubernetes/quick-start/
- /docs/setup/kubernetes/install/platform/gke/
---
Follow this guide to install and configure an Istio mesh Istio in the

0
content/en/docs/setup/kubernetes/install/platform/ibm/add-on-install.png → content/en/docs/setup/install/platform/ibm/add-on-install.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 127 KiB

After

Width:  |  Height:  |  Size: 127 KiB

15
content/en/docs/setup/kubernetes/install/platform/ibm/index.md → content/en/docs/setup/install/platform/ibm/index.md
View File

@ -6,6 +6,7 @@ weight: 70
keywords: [kubernetes,ibm,icp]
aliases:
- /docs/setup/kubernetes/quick-start-ibm/
- /docs/setup/kubernetes/install/platform/ibm/
---
Follow this guide to install and configure an Istio mesh in IBM Cloud.
@ -26,17 +27,17 @@ To install the managed Istio add-on in IBM Cloud Public, you can use the UI or t
1. In your [cluster dashboard](https://cloud.ibm.com/kubernetes/clusters), click the name of a cluster.
1. Click the **Add-ons** tab.
1. Click the `Add-ons` tab.
1. On the Istio card, click **Install**. The Istio check box is already selected. To also install the Istio extras and BookInfo sample app, select the Istio Extras and the Istio Sample check boxes.
1. On the Istio card, click **Install**. The Istio check box is already selected. To also install the Istio extras and Bookinfo sample app, select the Istio Extras and the Istio Sample check boxes.
{{< image link="./add-on-install.png" caption="Enable managed Istio add-ons in the IBM Cloud console" >}}
1. Click Install. On the Istio card, verify that the add-ons you enabled are listed.
1. Click Install. On the Istio card, verify that the addons you enabled are listed.
**To use the CLI**:
1. Install the `istio`, `istio-extras`, and `istio-sample-bookinfo` add-ons.
1. Install the `istio`, `istio-extras`, and `istio-sample-bookinfo` addons.
{{< text bash >}}
$ ibmcloud ks cluster-addon-enable istio --cluster <cluster_name_or_ID>
@ -60,7 +61,7 @@ To install the managed Istio add-on in IBM Cloud Public, you can use the UI or t
$ kubectl get pods -n istio-system
{{< /text >}}
1. Verify that the BookInfo microservices are deployed and their corresponding pods have a `STATUS` of `Running`.
1. Verify that the Bookinfo microservices are deployed and their corresponding pods have a `STATUS` of `Running`.
{{< text bash >}}
$ kubectl get svc -n default
@ -72,9 +73,9 @@ To install the managed Istio add-on in IBM Cloud Public, you can use the UI or t
### Manual Istio install
Follow [these instructions](/docs/setup/kubernetes/) to install and run the current release version of Istio in [IBM Cloud Public](https://www.ibm.com/cloud/) using the IBM Cloud Kubernetes Service (IKS).
Follow [these instructions](/docs/setup/) to install and run the current release version of Istio in [IBM Cloud Public](https://www.ibm.com/cloud/) using the IBM Cloud Kubernetes Service (IKS).
To upgrade Istio in an existing IKS cluster, follow the [upgrade instructions](/docs/setup/kubernetes/upgrade) instead.
To upgrade Istio in an existing IKS cluster, follow the [upgrade instructions](/docs/setup/upgrade) instead.
## IBM Cloud Private

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-catalog-1.png → content/en/docs/setup/install/platform/ibm/istio-catalog-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 124 KiB

After

Width:  |  Height:  |  Size: 124 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-catalog-2.png → content/en/docs/setup/install/platform/ibm/istio-catalog-2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 70 KiB

After

Width:  |  Height:  |  Size: 70 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-deletion.png → content/en/docs/setup/install/platform/ibm/istio-deletion.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 54 KiB

After

Width:  |  Height:  |  Size: 54 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-installation-1.png → content/en/docs/setup/install/platform/ibm/istio-installation-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 186 KiB

After

Width:  |  Height:  |  Size: 186 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-installation-2.png → content/en/docs/setup/install/platform/ibm/istio-installation-2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 147 KiB

After

Width:  |  Height:  |  Size: 147 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-release.png → content/en/docs/setup/install/platform/ibm/istio-release.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 61 KiB

After

Width:  |  Height:  |  Size: 61 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-upgrade-1.png → content/en/docs/setup/install/platform/ibm/istio-upgrade-1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 72 KiB

After

Width:  |  Height:  |  Size: 72 KiB

0
content/en/docs/setup/kubernetes/install/platform/ibm/istio-upgrade-2.png → content/en/docs/setup/install/platform/ibm/istio-upgrade-2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 54 KiB

After

Width:  |  Height:  |  Size: 54 KiB

108
content/en/docs/setup/kubernetes/_index.md
View File

@ -1,108 +0,0 @@
---
title: Installing on Kubernetes
linktitle: Kubernetes
description: Instructions for installing the Istio control plane on Kubernetes and adding virtual machines into the mesh.
weight: 10
aliases:
- /docs/tasks/installing-istio.html
- /docs/setup/install-kubernetes.html
- /docs/setup/kubernetes/quick-start.html
- /docs/setup/kubernetes/download-release/
- /docs/setup/kubernetes/download/
icon: kubernetes
keywords: [kubernetes,install,quick-start,setup,installation]
content_above: true
---
{{< tip >}}
Istio {{< istio_version >}} has been tested with these Kubernetes releases: {{< supported_kubernetes_versions >}}.
{{< /tip >}}
Visit our [getting started guide](/docs/setup/kubernetes/getting-started/) to
learn how to evaluate and try Istio's basic features quickly.
Istio offers multiple installation flows
depending on your platform and whether or not you intend to use Istio in production.
At a high level, the basic flow is the same regardless of platform:
1. [Review the pod requirements](/docs/setup/kubernetes/additional-setup/requirements/)
1. [Prepare your platform for Istio](/docs/setup/kubernetes/platform-setup/)
1. [Download the Istio release](#downloading-the-release)
1. [Install Istio on your platform](#installing-istio)
## Installing Istio
Choose one of the following installation options, depending on your intended use:
- [Demo installation](/docs/setup/kubernetes/install/kubernetes/):
This option is ideal if you're new to Istio and just want to try it out.
It allows you to experiment with many Istio features with modest resource requirements.
- [Custom installation with Helm](/docs/setup/kubernetes/install/helm/):
This option is ideal to install Istio for production use or for performance evaluation.
- [Supported platform installation](/docs/setup/kubernetes/install/platform/):
This option is ideal if your platform provides native support for Istio-enabled clusters
with a [configuration profile](/docs/setup/kubernetes/additional-setup/config-profiles/)
corresponding to your intended use.
After choosing an option and installing Istio on your cluster, you can deploy
your own applications or experiment with some of our [tasks](/docs/tasks/) and [examples](/docs/examples/).
{{< tip >}}
If you're running your own applications, make sure to
check the [requirements for pods and services](/docs/setup/kubernetes/additional-setup/requirements/).
{{< /tip >}}
When you're ready to consider more advanced Istio use cases, check out the following resources:
- To install using Istio's Container Network Interface
(CNI) plugin, visit our [CNI guide](/docs/setup/kubernetes/additional-setup/cni/).
- To perform a multicluster setup, visit our
[multicluster installation documents](/docs/setup/kubernetes/install/multicluster/).
- To expand your existing mesh with additional containers or VMs not running on
your mesh's Kubernetes cluster, follow our [mesh expansion guide](/docs/examples/mesh-expansion/).
- To add services requires a detailed understanding of sidecar injection. Visit our
[sidecar injection guide](/docs/setup/kubernetes/additional-setup/sidecar-injection/)
to learn more.
## Downloading the release
Istio is installed in its own `istio-system` namespace and can manage
services from all other namespaces.
1. Go to the [Istio release](https://github.com/istio/istio/releases) page to
download the installation file corresponding to your OS. On a macOS or
Linux system, you can run the following command to download and
extract the latest release automatically:
{{< text bash >}}
$ curl -L https://git.io/getLatestIstio | ISTIO_VERSION={{< istio_full_version >}} sh -
{{< /text >}}
1. Move to the Istio package directory. For example, if the package is
`istio-{{< istio_full_version >}}`:
{{< text bash >}}
$ cd istio-{{< istio_full_version >}}
{{< /text >}}
The installation directory contains:
- Installation YAML files for Kubernetes in `install/kubernetes`
- Sample applications in `samples/`
- The `istioctl` client binary in the `bin/` directory. `istioctl` is
used when manually injecting Envoy as a sidecar proxy.
1. Add the `istioctl` client to your `PATH` environment variable, on a macOS or
Linux system:
{{< text bash >}}
$ export PATH=$PWD/bin:$PATH
{{< /text >}}
1. You can enable the [auto-completion option](/docs/ops/setup/istioctl) when working with a bash or ZSH console.

2
content/en/docs/setup/kubernetes/platform-setup/_index.md → content/en/docs/setup/platform-setup/_index.md
View File

@ -2,6 +2,8 @@
title: Platform Setup
description: How to prepare various Kubernetes platforms before installing Istio.
weight: 10
aliases:
- /docs/setup/kubernetes/platform-setup/
keywords: [platform-setup]
---

0
content/en/docs/setup/kubernetes/platform-setup/alicloud/csconsole.png → content/en/docs/setup/platform-setup/alicloud/csconsole.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 251 KiB

After

Width:  |  Height:  |  Size: 251 KiB

1
content/en/docs/setup/kubernetes/platform-setup/alicloud/index.md → content/en/docs/setup/platform-setup/alicloud/index.md
View File

@ -5,6 +5,7 @@ weight: 3
skip_seealso: true
aliases:
- /docs/setup/kubernetes/prepare/platform-setup/alicloud/
- /docs/setup/kubernetes/platform-setup/alicloud/
keywords: [platform-setup,alibaba-cloud,aliyun,alicloud]
---

3
content/en/docs/setup/kubernetes/platform-setup/azure/index.md → content/en/docs/setup/platform-setup/azure/index.md
View File

@ -4,7 +4,8 @@ description: Instructions to setup an Azure cluster for Istio.
weight: 9
skip_seealso: true
aliases:
- /docs/setup/kubernetes/prepare/platform-setup/azure
- /docs/setup/kubernetes/prepare/platform-setup/azure/
- /docs/setup/kubernetes/platform-setup/azure/
keywords: [platform-setup,azure]
---

0
content/en/docs/setup/kubernetes/platform-setup/docker/dockerprefs.png → content/en/docs/setup/platform-setup/docker/dockerprefs.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 113 KiB

After

Width:  |  Height:  |  Size: 113 KiB

1
content/en/docs/setup/kubernetes/platform-setup/docker/index.md → content/en/docs/setup/platform-setup/docker/index.md
View File

@ -6,6 +6,7 @@ skip_seealso: true
aliases:
- /docs/setup/kubernetes/prepare/platform-setup/docker-for-desktop/
- /docs/setup/kubernetes/prepare/platform-setup/docker/
- /docs/setup/kubernetes/platform-setup/docker/
keywords: [platform-setup,kubernetes,docker-desktop]
---

0
content/en/docs/setup/kubernetes/platform-setup/gardener/images/gardener_addon_checkboxes.png → content/en/docs/setup/platform-setup/gardener/images/gardener_addon_checkboxes.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 125 KiB

After

Width:  |  Height:  |  Size: 125 KiB

0
content/en/docs/setup/kubernetes/platform-setup/gardener/images/gardener_service_account.png → content/en/docs/setup/platform-setup/gardener/images/gardener_service_account.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 38 KiB

0
content/en/docs/setup/kubernetes/platform-setup/gardener/images/gardener_shoot_creation.png → content/en/docs/setup/platform-setup/gardener/images/gardener_shoot_creation.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 111 KiB

After

Width:  |  Height:  |  Size: 111 KiB

2
content/en/docs/setup/kubernetes/platform-setup/gardener/index.md → content/en/docs/setup/platform-setup/gardener/index.md
View File

@ -2,6 +2,8 @@
title: Kubernetes Gardener
description: Instructions to setup a Gardener cluster for Istio.
weight: 19
aliases:
- /docs/setup/kubernetes/platform-setup/gardener/
skip_seealso: true
keywords: [platform-setup,kubernetes,gardener,sap]
---

3
content/en/docs/setup/kubernetes/platform-setup/gke/index.md → content/en/docs/setup/platform-setup/gke/index.md
View File

@ -4,7 +4,8 @@ description: Instructions to setup a Google Kubernetes Engine cluster for Istio.
weight: 15
skip_seealso: true
aliases:
- /docs/setup/kubernetes/prepare/platform-setup/gke
- /docs/setup/kubernetes/prepare/platform-setup/gke/
- /docs/setup/kubernetes/platform-setup/gke/
keywords: [platform-setup,kubernetes,gke,google]
---

1
content/en/docs/setup/kubernetes/platform-setup/ibm/index.md → content/en/docs/setup/platform-setup/ibm/index.md
View File

@ -5,6 +5,7 @@ weight: 18
skip_seealso: true
aliases:
- /docs/setup/kubernetes/prepare/platform-setup/ibm/
- /docs/setup/kubernetes/platform-setup/ibm/
keywords: [platform-setup,ibm,iks]
---

Some files were not shown because too many files have changed in this diff Show More