istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
istio.io/content/en/docs/setup/additional-setup/config-profiles/index.md

4.5 KiB
Raw Blame History

title description weight aliases keywords
Installation Configuration Profiles Describes the built-in Istio installation configuration profiles. 35
/docs/setup/kubernetes/additional-setup/config-profiles/
profiles
install
helm

This page describes the built-in configuration profiles that can be used when installing Istio using helm. The profiles provide customization of the Istio control plane and of the sidecars for the Istio data plane. You can start with one of Istios built-in configuration profiles and then further customize the configuration for your specific needs. The following built-in configuration profiles are currently available:

  1. default: enables components according to the default Installation Options (recommend for production deployments).

  2. demo: configuration designed to showcase Istio functionality with modest resource requirements. It is suitable to run the Bookinfo application and associated tasks. This is the same configuration that is installed with the Quick Start instructions, but uses Helm, allowing you to more easily enable additional features if you later wish to explore more advanced tasks.

    {{< warning >}} This profile enables high levels of tracing and access logging so it is not suitable for performance tests. {{< /warning >}}

  3. minimal: the minimal set of components necessary to use Istio's traffic management features.

  4. sds-auth: similar to the default profile, but also enables Istio's SDS (secret discovery service). This profile comes with additional authentication features enabled by default (Strict Mutual TLS).

The components marked as X are installed within each profile:

default demo minimal sds
Profile filename values.yaml values-istio-demo.yaml values-istio-minimal.yaml values-istio-sds-auth.yaml
Core components
      istio-citadel X X X
      istio-egressgateway X
      istio-galley X X X
      istio-ingressgateway X X X
      istio-nodeagent X
      istio-pilot X X X X
      istio-policy X X X
      istio-sidecar-injector X X X
      istio-telemetry X X X
Addons
      grafana X
      istio-tracing X
      kiali X
      prometheus X X X

To further customize Istio and install addons, you can add one or more --set <key>=<value> options in the helm template or helm install command that you use when installing Istio. The Installation Options lists the complete set of supported installation key and value pairs.

Multicluster profiles

Istio provides two additional built-in configuration profiles that are used exclusively for configuring a multicluster deployment:

  1. remote: used for configuring remote clusters of a multicluster mesh with a shared control plane.

  2. multicluster-gateways: used for configuring clusters of a multicluster mesh with replicated control planes.

The remote profile is configured using the values file values-istio-remote.yaml. This profile installs only two Istio core components:

  1. istio-citadel

  2. istio-sidecar-injector

The multicluster-gateways profile is configured using the values file values-istio-multicluster-gateways.yaml. This profile installs the same components as the Istio default configuration profile plus two additional components:

  1. The istio-egressgateway core component.

  2. The coredns addon.

Refer to the multicluster installation instructions for more details.