使用 Istioctl 安装 istio

下载 Istio

转到 Istio 发布 页面,下载针对你操作系统的安装文件, 或用自动化工具下载并提取最新版本(Linux 或 macOS):

[root@k8s-master-node1 ~]# curl -L https://istio.io/downloadIstio | sh -

若无法下载可以手动写入文件进行执行

脚本内容:

#!/bin/sh

# Copyright Istio Authors

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#    http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

#

# This file will be fetched as: curl -L https://git.io/getLatestIstio | sh -

# so it should be pure bourne shell, not bash (and not reference other scripts)

#

# The script fetches the latest Istio release candidate and untars it.

# You can pass variables on the command line to download a specific version

# or to override the processor architecture. For example, to download

# Istio 1.6.8 for the x86_64 architecture,

# run curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.6.8 TARGET_ARCH=x86_64 sh -.

set -e

# Determines the operating system.

OS="$(uname)"

if [ "x${OS}" = "xDarwin" ] ; then

  OSEXT="osx"

else

  OSEXT="linux"

fi

# Determine the latest Istio version by version number ignoring alpha, beta, and rc versions.

if [ "x${ISTIO_VERSION}" = "x" ] ; then

  ISTIO_VERSION="$(curl -sL https://github.com/istio/istio/releases | \

                  grep -o 'releases/[0-9]*.[0-9]*.[0-9]*/' | sort -V | \

                  tail -1 | awk -F'/' '{ print $2}')"

  ISTIO_VERSION="${ISTIO_VERSION##*/}"

fi

LOCAL_ARCH=$(uname -m)

if [ "${TARGET_ARCH}" ]; then

    LOCAL_ARCH=${TARGET_ARCH}

fi

case "${LOCAL_ARCH}" in

  x86_64)

    ISTIO_ARCH=amd64

    ;;

  armv8*)

    ISTIO_ARCH=arm64

    ;;

  aarch64*)

    ISTIO_ARCH=arm64

    ;;

  armv*)

    ISTIO_ARCH=armv7

    ;;

  amd64|arm64)

    ISTIO_ARCH=${LOCAL_ARCH}

    ;;

  *)

    echo "This system's architecture, ${LOCAL_ARCH}, isn't supported"

    exit 1

    ;;

esac

if [ "x${ISTIO_VERSION}" = "x" ] ; then

  printf "Unable to get latest Istio version. Set ISTIO_VERSION env var and re-run. For example: export ISTIO_VERSION=1.0.4"

  exit 1;

fi

NAME="istio-$ISTIO_VERSION"

URL="https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istio-${ISTIO_VERSION}-${OSEXT}.tar.gz"

ARCH_URL="https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istio-${ISTIO_VERSION}-${OSEXT}-${ISTIO_ARCH}.tar.gz"

with_arch() {

  printf "\nDownloading %s from %s ...\n" "$NAME" "$ARCH_URL"

  if ! curl -o /dev/null -sIf "$ARCH_URL"; then

    printf "\n%s is not found, please specify a valid ISTIO_VERSION and TARGET_ARCH\n" "$ARCH_URL"

    exit 1

  fi

  curl -fsLO "$ARCH_URL"

  filename="istio-${ISTIO_VERSION}-${OSEXT}-${ISTIO_ARCH}.tar.gz"

  tar -xzf "${filename}"

  rm "${filename}"

}

without_arch() {

  printf "\nDownloading %s from %s ..." "$NAME" "$URL"

  if ! curl -o /dev/null -sIf "$URL"; then

    printf "\n%s is not found, please specify a valid ISTIO_VERSION\n" "$URL"

    exit 1

  fi

  curl -fsLO "$URL"

  filename="istio-${ISTIO_VERSION}-${OSEXT}.tar.gz"

  tar -xzf "${filename}"

  rm "${filename}"

}

# Istio 1.6 and above support arch

# Istio 1.5 and below do not have arch support

ARCH_SUPPORTED="1.6"

if [ "${OS}" = "Linux" ] ; then

  # This checks if ISTIO_VERSION is less than ARCH_SUPPORTED (version-sort's before it)

  if [ "$(printf '%s\n%s' "${ARCH_SUPPORTED}" "${ISTIO_VERSION}" | sort -V | head -n 1)" = "${ISTIO_VERSION}" ]; then

    without_arch

  else

    with_arch

  fi

elif [ "x${OS}" = "xDarwin" ] ; then

  without_arch

else

  printf "\n\n"

  printf "Unable to download Istio %s at this moment!\n" "$ISTIO_VERSION"

  printf "Please verify the version you are trying to download.\n\n"

  exit 1

fi

printf ""

printf "\nIstio %s Download Complete!\n" "$ISTIO_VERSION"

printf "\n"

printf "Istio has been successfully downloaded into the %s folder on your system.\n" "$NAME"

printf "\n"

BINDIR="$(cd "$NAME/bin" && pwd)"

printf "Next Steps:\n"

printf "See https://istio.io/latest/docs/setup/install/ to add Istio to your Kubernetes cluster.\n"

printf "\n"

printf "To configure the istioctl client tool for your workstation,\n"

printf "add the %s directory to your environment path variable with:\n" "$BINDIR"

printf "\t export PATH=\"\$PATH:%s\"\n" "$BINDIR"

printf "\n"

printf "Begin the Istio pre-installation check by running:\n"

printf "\t istioctl x precheck \n"

printf "\n"

printf "Need more information? Visit https://istio.io/latest/docs/setup/install/ \n"

[root@k8s-master-node1 ~]# bash istio.sh

转到 Istio 包目录。例如,如果包是 istio-1.11.4:

[root@k8s-master-node1 ~]# cd istio-1.11.4/

[root@k8s-master-node1 ~/istio-1.11.4]# ll

total 28

drwxr-x---.  2 root root    22 Oct 13 22:50 bin

-rw-r--r--.  1 root root 11348 Oct 13 22:50 LICENSE

drwxr-xr-x.  5 root root    52 Oct 13 22:50 manifests

-rw-r-----.  1 root root   854 Oct 13 22:50 manifest.yaml

-rw-r--r--.  1 root root  5866 Oct 13 22:50 README.md

drwxr-xr-x. 21 root root  4096 Oct 13 22:50 samples

drwxr-xr-x.  3 root root    57 Oct 13 22:50 tools

[root@k8s-master-node1 ~/istio-1.11.4]#

安装目录包含:

samples/ 目录下的示例应用程序

bin/ 目录下的 istioctl 客户端二进制文件 .

将 istioctl 客户端加入搜索路径(Linux or macOS):

$ export PATH=$PWD/bin:$PATH

export PATH=/root/istio-1.11.4/bin:$PATH
[root@k8s-master-node1 ~/istio-1.11.4]# export PATH=$PWD/bin:$PATH

[root@k8s-master-node1 ~/istio-1.11.4]#

[root@k8s-master-node1 ~/istio-1.11.4]# vim /etc/profile

[root@k8s-master-node1 ~/istio-1.11.4]# tail -n 2 /etc/profile

export PATH=/root/istio-1.11.4/bin:$PATH

[root@k8s-master-node1 ~/istio-1.11.4]#

使用默认配置档安装 Istio

最简单的选择是用下面命令安装 Istio 默认 配置档:

[root@k8s-master-node1 ~]# istioctl version

no running Istio pods in "istio-system"

1.11.4

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# istioctl install --set profile=demo -y

 Istio core installed

 Istiod installed

 Egress gateways installed

 Ingress gateways installed

 Installation complete

Thank you for installing Istio 1.11.  Please take a few minutes to tell us about your install/upgrade experience!  https://forms.gle/kWULBRjUv7hHci7T6

[root@k8s-master-node1 ~]#

查看istio相应的 namespace 和 pod 是否已经正常创建

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# kubectl get pods -n istio-system

NAME                                    READY   STATUS    RESTARTS   AGE

istio-egressgateway-756d4db566-wh949    1/1     Running   0          2m

istio-ingressgateway-8577c57fb6-2vrtg   1/1     Running   0          2m

istiod-5847c59c69-l2dt2                 1/1     Running   0          2m39s

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

检查 istio 的 CRD 和 API 资源

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# kubectl get crd |grep istio

authorizationpolicies.security.istio.io    2021-11-01T09:43:55Z

destinationrules.networking.istio.io       2021-11-01T09:43:55Z

envoyfilters.networking.istio.io           2021-11-01T09:43:55Z

gateways.networking.istio.io               2021-11-01T09:43:55Z

istiooperators.install.istio.io            2021-11-01T09:43:55Z

peerauthentications.security.istio.io      2021-11-01T09:43:55Z

requestauthentications.security.istio.io   2021-11-01T09:43:55Z

serviceentries.networking.istio.io         2021-11-01T09:43:55Z

sidecars.networking.istio.io               2021-11-01T09:43:55Z

telemetries.telemetry.istio.io             2021-11-01T09:43:55Z

virtualservices.networking.istio.io        2021-11-01T09:43:55Z

workloadentries.networking.istio.io        2021-11-01T09:43:55Z

workloadgroups.networking.istio.io         2021-11-01T09:43:55Z

[root@k8s-master-node1 ~]#
[root@k8s-master-node1 ~]# kubectl api-resources |grep istio

istiooperators                    iop,io       install.istio.io/v1alpha1              true         IstioOperator

destinationrules                  dr           networking.istio.io/v1beta1            true         DestinationRule

envoyfilters                                   networking.istio.io/v1alpha3           true         EnvoyFilter

gateways                          gw           networking.istio.io/v1beta1            true         Gateway

serviceentries                    se           networking.istio.io/v1beta1            true         ServiceEntry

sidecars                                       networking.istio.io/v1beta1            true         Sidecar

virtualservices                   vs           networking.istio.io/v1beta1            true         VirtualService

workloadentries                   we           networking.istio.io/v1beta1            true         WorkloadEntry

workloadgroups                    wg           networking.istio.io/v1alpha3           true         WorkloadGroup

authorizationpolicies                          security.istio.io/v1beta1              true         AuthorizationPolicy

peerauthentications               pa           security.istio.io/v1beta1              true         PeerAuthentication

requestauthentications            ra           security.istio.io/v1beta1              true         RequestAuthentication

telemetries                       telemetry    telemetry.istio.io/v1alpha1            true         Telemetry

[root@k8s-master-node1 ~]#

安装 dashboard 组件。命令如下

[root@k8s-master-node1 ~]# kubectl apply -f /root/istio-1.11.4/samples/addons/ -n istio-system

serviceaccount/grafana created

configmap/grafana created

service/grafana created

deployment.apps/grafana created

configmap/istio-grafana-dashboards created

configmap/istio-services-grafana-dashboards created

deployment.apps/jaeger created

service/tracing created

service/zipkin created

service/jaeger-collector created

serviceaccount/kiali created

configmap/kiali created

clusterrole.rbac.authorization.k8s.io/kiali-viewer created

clusterrole.rbac.authorization.k8s.io/kiali created

clusterrolebinding.rbac.authorization.k8s.io/kiali created

role.rbac.authorization.k8s.io/kiali-controlplane created

rolebinding.rbac.authorization.k8s.io/kiali-controlplane created

service/kiali created

deployment.apps/kiali created

serviceaccount/prometheus created

configmap/prometheus created

clusterrole.rbac.authorization.k8s.io/prometheus created

clusterrolebinding.rbac.authorization.k8s.io/prometheus created

service/prometheus created

deployment.apps/prometheus created

[root@k8s-master-node1 ~]#
[root@k8s-master-node1 ~]# kubectl get pods -n istio-system

NAME                                    READY   STATUS    RESTARTS   AGE

grafana-68cc7d6d78-792cw                1/1     Running   0          88s

istio-egressgateway-756d4db566-wh949    1/1     Running   0          6m9s

istio-ingressgateway-8577c57fb6-2vrtg   1/1     Running   0          6m9s

istiod-5847c59c69-l2dt2                 1/1     Running   0          6m48s

jaeger-5d44bc5c5d-n6zjq                 1/1     Running   0          88s

kiali-fd9f88575-svz7g                   1/1     Running   0          87s

prometheus-77b49cb997-7d4s9             2/2     Running   0          86s

[root@k8s-master-node1 ~]#

将istio-ingressgateway改为NodePort方式,方便访问

[root@k8s-master-node1 ~]# kubectl patch service istio-ingressgateway -n istio-system -p '{"spec":{"type":"NodePort"}}'

service/istio-ingressgateway patched

[root@k8s-master-node1 ~]#

https://blog.csdn.net/qq_33921750

https://my.oschina.net/u/3981543

https://www.zhihu.com/people/chen-bu-yun-2

https://segmentfault.com/u/hppyvyv6/articles

https://juejin.cn/user/3315782802482007

https://space.bilibili.com/352476552/article

https://cloud.tencent.com/developer/column/93230

知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云

使用 Istioctl 安装 istio的更多相关文章

  1. 如何解决安装istio后istioctl命令每次使用都需要重新配置路径

    Kubernetes在安装istio后初次使用istioctl命令时会提示istioctl command not found 这时候如果在istio文件夹的根目录下配置 export PATH=$P ...

  2. k8s1.13.3安装istio(helm方式)

    官方文档:https://istio.io/zh/docs/setup/kubernetes/install/helm/ 一.环境信息 centos7 k8s1.13.3 主机名 ip cpu ram ...

  3. 安装istio v1.0 详细过程和步骤

      创建 istio 目录 [root@centos-110 ~]# mkdir istio [root@centos-110 ~]# cd istio   方案一: # 去下面的地址下载压缩包  # ...

  4. k8s 安装 istio 的坑

    本文针对于二进制部署的k8s安装istio1.67版本 没有设置admin.conf的小伙伴请参考 https://www.cnblogs.com/Tempted/p/13469772.html 1. ...

  5. 服务网格Istio入门-详细记录Kubernetes安装Istio并使用

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 服务网格Istio Istio是开源的Service Mesh实现,一般用于Kubernetes ...

  6. 在Mac上安装Istio并使用,有丰富的监控Kiali、Grafana、Jaeger

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 简介 之前在文章<服务网格Istio入门-详细记录Kubernetes安装Istio并使用 ...

  7. Kubernetes-使用Helm安装istio

    添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...

  8. 在k3d上快速安装Istio,助你在本地灵活使用K8S!

    作者丨Mitsuyuki Shiiba 原文链接: https://dev.to/bufferings/tried-k8s-istio-in-my-local-machine-with-k3d-52g ...

  9. Istio安全-证书管理(实操一)

    Istio安全-证书管理 目录 Istio安全-证书管理 插入现有CA证书 插入现有证书和密钥 部署Istio 配置示例services 校验证书 卸载 Istio的DNS证书管理 DNS证书的提供和 ...

  10. k8s 安装并试用Istio service mesh

    本文根据官网的文档整理而成,步骤包括安装istio 0.5.1并创建一个bookinfo的微服务来测试istio的功能. 文中使用的yaml文件可以在kubernetes-handbook的manif ...

随机推荐

  1. 20200924--图像相似度(奥赛一本通P92 5多维数组)

    给出两幅相同大小的黑白图像(用0-1矩阵)表示,求它们的相似度.说明:若两幅图像在相同位置上的像素点颜色相同,则称它们在该位置具有相同的像素点.两幅图像的相似度定义为相同像素点数占总像素点数的百分比. ...

  2. 二,使用axios

    1,下载https://unpkg.com/axios@1.3.2/dist/axios.min.js保存在js目录下,命名为axios.js 2,http.js let baseUrl = &quo ...

  3. K8SYaml文件详解

    一.K8S支持的文件格式 kubernetes支持YAML和JSON文件格式管理资源对象. JSON格式:主要用于api接口之间消息的传递 YAML格式:用于配置和管理,YAML是一种简洁的非标记性语 ...

  4. vue3.0+vite+ts项目搭建--初始化项目

    使用yarn yarn create vite 使用pnpm pnpx create-vite(pnpm create vite + 项目名) 根据提示输入项目名称,选择vue框架,选择vue-ts, ...

  5. ES5及ES6的新增特性

    介绍 es表示ECMASCript ,他是从es3,es5,es6,es5是2009.12月发布的,es6是2015.6月发布的.vue2完全支持es5的(vue3完全支持es6的),react完全支 ...

  6. 利用fread读取二进制文件的bug

    最近在做一个项目时需要读取二进制文件,我用C语言的fread进行读取,代码如下: FILE *fp; int read_data; fopen_s(&fp, file_path, " ...

  7. requests使用socks代理

    requests在2.10.0版本开始支持socks代理 自己搭了个服务器所以就想顺便用一下. import requests url = 'xxx' my_proxies={"http&q ...

  8. Eclipse's Import error and remove

    1.导入项目之前,请确认工作空间编码已设置为utf-8:window->Preferences->General->Wrokspace->Text file encoding- ...

  9. Java8中Stream()流的用法总结

    简单的集合遍历 foreach遍历 import java.util.ArrayList; import java.util.List; /** * @author rx * @date 2022/6 ...

  10. WordPress标题分隔符”-“被转义为“&#8211”怎么办?

    按照百度搜索资源平台<百度搜索网页标题规范:让标题回归标题本身>百度官方文档参考,如果WordPress标题里出现不规范"– 2.停止wptexturize转义任何字符 add_ ...