istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
istio.io/content/en/docs/setup/install/kubernetes/index.md

8.6 KiB
Raw Blame History

title description weight keywords aliases
Quick Start Evaluation Install Instructions to install Istio in a Kubernetes cluster for evaluation. 5
kubernetes
/docs/setup/kubernetes/quick-start/
/docs/setup/kubernetes/install/kubernetes/

This guide installs Istio's built-in demo configuration profile. This installation lets you quickly evaluate Istio in a Kubernetes cluster on any platform.

{{< warning >}} The demo configuration profile is not suitable for performance evaluation. It is designed to showcase Istio functionality with high levels of tracing and access logging. {{< /warning >}}

To install Istio for production use, we recommend using the Installing with {{< istioctl >}} guide instead, which provides many more options for selecting and managing the Istio configuration. This permits customization of Istio to operator specific requirements.

Prerequisites

  1. Download the Istio release.

  2. Perform any necessary platform-specific setup.

Install the demo profile

{{< text bash >}} $ istioctl manifest apply --set profile=demo {{< /text >}}

Verifying the installation

  1. Ensure the following Kubernetes services are deployed and verify they all have an appropriate CLUSTER-IP except the jaeger-agent service:

    {{< text bash >}} $ kubectl get svc -n istio-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE grafana ClusterIP 172.21.211.123 3000/TCP 2m istio-citadel ClusterIP 172.21.177.222 8060/TCP,15014/TCP 2m istio-egressgateway ClusterIP 172.21.113.24 80/TCP,443/TCP,15443/TCP 2m istio-galley ClusterIP 172.21.132.247 443/TCP,15014/TCP,9901/TCP 2m istio-ingressgateway LoadBalancer 172.21.144.254 52.116.22.242 15020:31831/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:30318/TCP,15030:32645/TCP,15031:31933/TCP,15032:31188/TCP,15443:30838/TCP 2m istio-pilot ClusterIP 172.21.105.205 15010/TCP,15011/TCP,8080/TCP,15014/TCP 2m istio-policy ClusterIP 172.21.14.236 9091/TCP,15004/TCP,15014/TCP 2m istio-sidecar-injector ClusterIP 172.21.155.47 443/TCP,15014/TCP 2m istio-telemetry ClusterIP 172.21.196.79 9091/TCP,15004/TCP,15014/TCP,42422/TCP 2m jaeger-agent ClusterIP None 5775/UDP,6831/UDP,6832/UDP 2m jaeger-collector ClusterIP 172.21.135.51 14267/TCP,14268/TCP 2m jaeger-query ClusterIP 172.21.26.187 16686/TCP 2m kiali ClusterIP 172.21.155.201 20001/TCP 2m prometheus ClusterIP 172.21.63.159 9090/TCP 2m tracing ClusterIP 172.21.2.245 80/TCP 2m zipkin ClusterIP 172.21.182.245 9411/TCP 2m {{< /text >}}

    {{< tip >}} If your cluster is running in an environment that does not support an external load balancer (e.g., minikube), the EXTERNAL-IP of istio-ingressgateway will say <pending>. To access the gateway, use the service's NodePort, or use port-forwarding instead. {{< /tip >}}

  2. Ensure corresponding Kubernetes pods are deployed and have a STATUS of Running:

    {{< text bash >}} $ kubectl get pods -n istio-system NAME READY STATUS RESTARTS AGE grafana-f8467cc6-rbjlg 1/1 Running 0 1m istio-citadel-78df5b548f-g5cpw 1/1 Running 0 1m istio-cleanup-secrets-release-1.1-20190308-09-16-8s2mp 0/1 Completed 0 2m istio-egressgateway-78569df5c4-zwtb5 1/1 Running 0 1m istio-galley-74d5f764fc-q7nrk 1/1 Running 0 1m istio-grafana-post-install-release-1.1-20190308-09-16-2p7m5 0/1 Completed 0 2m istio-ingressgateway-7ddcfd665c-dmtqz 1/1 Running 0 1m istio-pilot-f479bbf5c-qwr28 2/2 Running 0 1m istio-policy-6fccc5c868-xhblv 2/2 Running 2 1m istio-security-post-install-release-1.1-20190308-09-16-bmfs4 0/1 Completed 0 2m istio-sidecar-injector-78499d85b8-x44m6 1/1 Running 0 1m istio-telemetry-78b96c6cb6-ldm9q 2/2 Running 2 1m istio-tracing-69b5f778b7-s2zvw 1/1 Running 0 1m kiali-99f7467dc-6rvwp 1/1 Running 0 1m prometheus-67cdb66cbb-9w2hm 1/1 Running 0 1m {{< /text >}}

Deploy your application

You can now deploy your own application or one of the sample applications provided with the installation like Bookinfo.

{{< warning >}} The application must use either the HTTP/1.1 or HTTP/2.0 protocols for all its HTTP traffic; HTTP/1.0 is not supported. {{< /warning >}}

When you deploy your application using kubectl apply, the Istio sidecar injector will automatically inject Envoy containers into your application pods if they are started in namespaces labeled with istio-injection=enabled:

{{< text bash >}} $ kubectl label namespace istio-injection=enabled $ kubectl create -n -f .yaml {{< /text >}}

In namespaces without the istio-injection label, you can use istioctl kube-inject to manually inject Envoy containers in your application pods before deploying them:

{{< text bash >}} $ istioctl kube-inject -f .yaml | kubectl apply -f - {{< /text >}}

Uninstall

The uninstall deletes the RBAC permissions, the istio-system namespace, and all resources hierarchically under it. It is safe to ignore errors for non-existent resources because they may have been deleted hierarchically.

{{< text bash >}} $ istioctl manifest generate --set profile=demo | kubectl delete -f - {{< /text >}}