istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
istio.io/content/en/docs/setup/install/standalone-operator/index.md

7.6 KiB
Raw Blame History

title description weight keywords aliases test
Standalone Operator Install Instructions to install Istio in a Kubernetes cluster using the Istio operator. 25
kubernetes
operator
no

This guide installs Istio using the standalone Istio operator. The only dependencies required are a supported Kubernetes cluster, the kubectl command at the version to match the cluster, and the istioctl command at the desired release version.

The operator is beta in 1.6 and suitable for production use.

Prerequisites

  1. Perform any necessary platform-specific setup.

  2. Check the Requirements for Pods and Services.

  3. Install the {{< istioctl >}} command.

  4. Deploy the Istio operator:

    {{< text bash >}} $ istioctl operator init {{< /text >}}

    This command runs the operator by creating the following resources in the istio-operator namespace:

    • The operator custom resource definition
    • The operator controller deployment
    • A service to access operator metrics
    • Necessary Istio operator RBAC rules

    See the available istioctl operator init flags to control which namespaces the controller and Istio are installed into and the installed Istio image sources and versions.

    {{< tip >}} You can alternatively deploy the operator using Helm:

    {{< text bash >}} $ helm template manifests/charts/istio-operator/
    --set hub=docker.io/istio
    --set tag={{< istio_full_version >}}
    --set operatorNamespace=istio-operator
    --set istioNamespace=istio-system | kubectl apply -f - {{< /text >}}

    Note that you need to download the Istio release to run the above command. {{< /tip >}}

Install

To install the Istio demo configuration profile using the operator, run the following command:

{{< text bash >}} $ kubectl create ns istio-system $ kubectl apply -f - <<EOF apiVersion: install.istio.io/v1alpha1 kind: IstioOperator metadata: namespace: istio-system name: example-istiocontrolplane spec: profile: demo EOF {{< /text >}}

The controller will detect the IstioOperator resource and then install the Istio components corresponding to the specified (demo) configuration.

{{< tip >}} The Istio operator controller begins the process of installing Istio within 90 seconds of the creation of the IstioOperator resource. The Istio installation completes within 120 seconds. {{< /tip >}}

You can confirm the Istio control plane services have been deployed with the following commands:

{{< text bash >}} $ kubectl get svc -n istio-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE grafana ClusterIP 10.104.1.213 3000/TCP 13s istio-egressgateway ClusterIP 10.103.243.113 80/TCP,443/TCP,15443/TCP 17s istio-ingressgateway LoadBalancer 10.101.204.227 15020:31077/TCP,80:30689/TCP,443:32419/TCP,31400:31411/TCP,15443:30176/TCP 17s istiod ClusterIP 10.96.237.249 15010/TCP,15012/TCP,443/TCP,15014/TCP,53/UDP,853/TCP 30s jaeger-agent ClusterIP None 5775/UDP,6831/UDP,6832/UDP 13s jaeger-collector ClusterIP 10.109.244.165 14267/TCP,14268/TCP,14250/TCP 13s jaeger-collector-headless ClusterIP None 14250/TCP 13s jaeger-query ClusterIP 10.105.128.63 16686/TCP 13s kiali ClusterIP 10.102.172.30 20001/TCP 13s prometheus ClusterIP 10.102.190.194 9090/TCP 13s tracing ClusterIP 10.110.231.250 80/TCP 13s zipkin ClusterIP 10.96.63.117 9411/TCP 13s {{< /text >}}

{{< text bash >}} $ kubectl get pods -n istio-system NAME READY STATUS RESTARTS AGE grafana-54b54568fc-fk6p5 1/1 Running 0 82s istio-egressgateway-5444c68db8-9h6dz 1/1 Running 0 87s istio-ingressgateway-5c68cb968-x7qv9 1/1 Running 0 87s istio-tracing-9dd6c4f7c-hd9qq 1/1 Running 0 82s istiod-598984548d-wjq9j 1/1 Running 0 99s kiali-d45468dc4-4nqdv 1/1 Running 0 82s prometheus-6cf46c47fb-tvvkv 2/2 Running 0 82s {{< /text >}}

Update

Now, with the controller running, you can change the Istio configuration by editing or replacing the IstioOperator resource. The controller will detect the change and respond by updating the Istio installation correspondingly.

For example, you can switch the installation to the default profile with the following command:

{{< text bash >}} $ kubectl apply -f - <<EOF apiVersion: install.istio.io/v1alpha1 kind: IstioOperator metadata: namespace: istio-system name: example-istiocontrolplane spec: profile: default EOF {{< /text >}}

You can also enable or disable components and modify resource settings. For example, to enable the Grafana component and increase pilot memory requests:

{{< text bash >}} $ kubectl apply -f - <<EOF apiVersion: install.istio.io/v1alpha1 kind: IstioOperator metadata: namespace: istio-system name: example-istiocontrolplane spec: profile: default components: pilot: k8s: resources: requests: memory: 3072Mi addonComponents: grafana: enabled: true EOF {{< /text >}}

You can observe the changes that the controller makes in the cluster in response to IstioOperator CR updates by checking the operator controller logs:

{{< text bash >}} kubectl logs -f -n istio-operator(kubectl get pods -n istio-operator -lname=istio-operator -o jsonpath='{.items[0].metadata.name}') {{< /text >}}

Refer to the IstioOperator API for the complete set of configuration settings.

Uninstall

Delete the Istio deployment:

{{< text bash >}} $ kubectl delete istiooperators.install.istio.io -n istio-system example-istiocontrolplane {{< /text >}}

Wait until Istio is uninstalled - this may take some time. Delete the Istio operator:

{{< text bash >}} $ istioctl operator remove {{< /text >}}

Or:

{{< text bash >}} $ kubectl delete ns istio-operator --grace-period=0 --force {{< /text >}}

Note that deleting the operator before Istio is fully removed may result in leftover Istio resources. To clean up anything not removed by the operator:

{{< text bash >}} $ istioctl manifest generate | kubectl delete -f - $ kubectl delete ns istio-system --grace-period=0 --force {{< /text >}}