使用 Istioctl 安装 istio

下载 Istio

转到 Istio 发布 页面,下载针对你操作系统的安装文件, 或用自动化工具下载并提取最新版本(Linux 或 macOS):

[root@k8s-master-node1 ~]# curl -L https://istio.io/downloadIstio | sh -

若无法下载可以手动写入文件进行执行

脚本内容:

#!/bin/sh

# Copyright Istio Authors

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#    http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

#

# This file will be fetched as: curl -L https://git.io/getLatestIstio | sh -

# so it should be pure bourne shell, not bash (and not reference other scripts)

#

# The script fetches the latest Istio release candidate and untars it.

# You can pass variables on the command line to download a specific version

# or to override the processor architecture. For example, to download

# Istio 1.6.8 for the x86_64 architecture,

# run curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.6.8 TARGET_ARCH=x86_64 sh -.

set -e

# Determines the operating system.

OS="$(uname)"

if [ "x${OS}" = "xDarwin" ] ; then

  OSEXT="osx"

else

  OSEXT="linux"

fi

# Determine the latest Istio version by version number ignoring alpha, beta, and rc versions.

if [ "x${ISTIO_VERSION}" = "x" ] ; then

  ISTIO_VERSION="$(curl -sL https://github.com/istio/istio/releases | \

                  grep -o 'releases/[0-9]*.[0-9]*.[0-9]*/' | sort -V | \

                  tail -1 | awk -F'/' '{ print $2}')"

  ISTIO_VERSION="${ISTIO_VERSION##*/}"

fi

LOCAL_ARCH=$(uname -m)

if [ "${TARGET_ARCH}" ]; then

    LOCAL_ARCH=${TARGET_ARCH}

fi

case "${LOCAL_ARCH}" in

  x86_64)

    ISTIO_ARCH=amd64

    ;;

  armv8*)

    ISTIO_ARCH=arm64

    ;;

  aarch64*)

    ISTIO_ARCH=arm64

    ;;

  armv*)

    ISTIO_ARCH=armv7

    ;;

  amd64|arm64)

    ISTIO_ARCH=${LOCAL_ARCH}

    ;;

  *)

    echo "This system's architecture, ${LOCAL_ARCH}, isn't supported"

    exit 1

    ;;

esac

if [ "x${ISTIO_VERSION}" = "x" ] ; then

  printf "Unable to get latest Istio version. Set ISTIO_VERSION env var and re-run. For example: export ISTIO_VERSION=1.0.4"

  exit 1;

fi

NAME="istio-$ISTIO_VERSION"

URL="https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istio-${ISTIO_VERSION}-${OSEXT}.tar.gz"

ARCH_URL="https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istio-${ISTIO_VERSION}-${OSEXT}-${ISTIO_ARCH}.tar.gz"

with_arch() {

  printf "\nDownloading %s from %s ...\n" "$NAME" "$ARCH_URL"

  if ! curl -o /dev/null -sIf "$ARCH_URL"; then

    printf "\n%s is not found, please specify a valid ISTIO_VERSION and TARGET_ARCH\n" "$ARCH_URL"

    exit 1

  fi

  curl -fsLO "$ARCH_URL"

  filename="istio-${ISTIO_VERSION}-${OSEXT}-${ISTIO_ARCH}.tar.gz"

  tar -xzf "${filename}"

  rm "${filename}"

}

without_arch() {

  printf "\nDownloading %s from %s ..." "$NAME" "$URL"

  if ! curl -o /dev/null -sIf "$URL"; then

    printf "\n%s is not found, please specify a valid ISTIO_VERSION\n" "$URL"

    exit 1

  fi

  curl -fsLO "$URL"

  filename="istio-${ISTIO_VERSION}-${OSEXT}.tar.gz"

  tar -xzf "${filename}"

  rm "${filename}"

}

# Istio 1.6 and above support arch

# Istio 1.5 and below do not have arch support

ARCH_SUPPORTED="1.6"

if [ "${OS}" = "Linux" ] ; then

  # This checks if ISTIO_VERSION is less than ARCH_SUPPORTED (version-sort's before it)

  if [ "$(printf '%s\n%s' "${ARCH_SUPPORTED}" "${ISTIO_VERSION}" | sort -V | head -n 1)" = "${ISTIO_VERSION}" ]; then

    without_arch

  else

    with_arch

  fi

elif [ "x${OS}" = "xDarwin" ] ; then

  without_arch

else

  printf "\n\n"

  printf "Unable to download Istio %s at this moment!\n" "$ISTIO_VERSION"

  printf "Please verify the version you are trying to download.\n\n"

  exit 1

fi

printf ""

printf "\nIstio %s Download Complete!\n" "$ISTIO_VERSION"

printf "\n"

printf "Istio has been successfully downloaded into the %s folder on your system.\n" "$NAME"

printf "\n"

BINDIR="$(cd "$NAME/bin" && pwd)"

printf "Next Steps:\n"

printf "See https://istio.io/latest/docs/setup/install/ to add Istio to your Kubernetes cluster.\n"

printf "\n"

printf "To configure the istioctl client tool for your workstation,\n"

printf "add the %s directory to your environment path variable with:\n" "$BINDIR"

printf "\t export PATH=\"\$PATH:%s\"\n" "$BINDIR"

printf "\n"

printf "Begin the Istio pre-installation check by running:\n"

printf "\t istioctl x precheck \n"

printf "\n"

printf "Need more information? Visit https://istio.io/latest/docs/setup/install/ \n"

[root@k8s-master-node1 ~]# bash istio.sh

转到 Istio 包目录。例如,如果包是 istio-1.11.4:

[root@k8s-master-node1 ~]# cd istio-1.11.4/

[root@k8s-master-node1 ~/istio-1.11.4]# ll

total 28

drwxr-x---.  2 root root    22 Oct 13 22:50 bin

-rw-r--r--.  1 root root 11348 Oct 13 22:50 LICENSE

drwxr-xr-x.  5 root root    52 Oct 13 22:50 manifests

-rw-r-----.  1 root root   854 Oct 13 22:50 manifest.yaml

-rw-r--r--.  1 root root  5866 Oct 13 22:50 README.md

drwxr-xr-x. 21 root root  4096 Oct 13 22:50 samples

drwxr-xr-x.  3 root root    57 Oct 13 22:50 tools

[root@k8s-master-node1 ~/istio-1.11.4]#

安装目录包含:

samples/ 目录下的示例应用程序

bin/ 目录下的 istioctl 客户端二进制文件 .

将 istioctl 客户端加入搜索路径(Linux or macOS):

$ export PATH=$PWD/bin:$PATH

export PATH=/root/istio-1.11.4/bin:$PATH
[root@k8s-master-node1 ~/istio-1.11.4]# export PATH=$PWD/bin:$PATH

[root@k8s-master-node1 ~/istio-1.11.4]#

[root@k8s-master-node1 ~/istio-1.11.4]# vim /etc/profile

[root@k8s-master-node1 ~/istio-1.11.4]# tail -n 2 /etc/profile

export PATH=/root/istio-1.11.4/bin:$PATH

[root@k8s-master-node1 ~/istio-1.11.4]#

使用默认配置档安装 Istio

最简单的选择是用下面命令安装 Istio 默认 配置档:

[root@k8s-master-node1 ~]# istioctl version

no running Istio pods in "istio-system"

1.11.4

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# istioctl install --set profile=demo -y

 Istio core installed

 Istiod installed

 Egress gateways installed

 Ingress gateways installed

 Installation complete

Thank you for installing Istio 1.11.  Please take a few minutes to tell us about your install/upgrade experience!  https://forms.gle/kWULBRjUv7hHci7T6

[root@k8s-master-node1 ~]#

查看istio相应的 namespace 和 pod 是否已经正常创建

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# kubectl get pods -n istio-system

NAME                                    READY   STATUS    RESTARTS   AGE

istio-egressgateway-756d4db566-wh949    1/1     Running   0          2m

istio-ingressgateway-8577c57fb6-2vrtg   1/1     Running   0          2m

istiod-5847c59c69-l2dt2                 1/1     Running   0          2m39s

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]#

检查 istio 的 CRD 和 API 资源

[root@k8s-master-node1 ~]#

[root@k8s-master-node1 ~]# kubectl get crd |grep istio

authorizationpolicies.security.istio.io    2021-11-01T09:43:55Z

destinationrules.networking.istio.io       2021-11-01T09:43:55Z

envoyfilters.networking.istio.io           2021-11-01T09:43:55Z

gateways.networking.istio.io               2021-11-01T09:43:55Z

istiooperators.install.istio.io            2021-11-01T09:43:55Z

peerauthentications.security.istio.io      2021-11-01T09:43:55Z

requestauthentications.security.istio.io   2021-11-01T09:43:55Z

serviceentries.networking.istio.io         2021-11-01T09:43:55Z

sidecars.networking.istio.io               2021-11-01T09:43:55Z

telemetries.telemetry.istio.io             2021-11-01T09:43:55Z

virtualservices.networking.istio.io        2021-11-01T09:43:55Z

workloadentries.networking.istio.io        2021-11-01T09:43:55Z

workloadgroups.networking.istio.io         2021-11-01T09:43:55Z

[root@k8s-master-node1 ~]#
[root@k8s-master-node1 ~]# kubectl api-resources |grep istio

istiooperators                    iop,io       install.istio.io/v1alpha1              true         IstioOperator

destinationrules                  dr           networking.istio.io/v1beta1            true         DestinationRule

envoyfilters                                   networking.istio.io/v1alpha3           true         EnvoyFilter

gateways                          gw           networking.istio.io/v1beta1            true         Gateway

serviceentries                    se           networking.istio.io/v1beta1            true         ServiceEntry

sidecars                                       networking.istio.io/v1beta1            true         Sidecar

virtualservices                   vs           networking.istio.io/v1beta1            true         VirtualService

workloadentries                   we           networking.istio.io/v1beta1            true         WorkloadEntry

workloadgroups                    wg           networking.istio.io/v1alpha3           true         WorkloadGroup

authorizationpolicies                          security.istio.io/v1beta1              true         AuthorizationPolicy

peerauthentications               pa           security.istio.io/v1beta1              true         PeerAuthentication

requestauthentications            ra           security.istio.io/v1beta1              true         RequestAuthentication

telemetries                       telemetry    telemetry.istio.io/v1alpha1            true         Telemetry

[root@k8s-master-node1 ~]#

安装 dashboard 组件。命令如下

[root@k8s-master-node1 ~]# kubectl apply -f /root/istio-1.11.4/samples/addons/ -n istio-system

serviceaccount/grafana created

configmap/grafana created

service/grafana created

deployment.apps/grafana created

configmap/istio-grafana-dashboards created

configmap/istio-services-grafana-dashboards created

deployment.apps/jaeger created

service/tracing created

service/zipkin created

service/jaeger-collector created

serviceaccount/kiali created

configmap/kiali created

clusterrole.rbac.authorization.k8s.io/kiali-viewer created

clusterrole.rbac.authorization.k8s.io/kiali created

clusterrolebinding.rbac.authorization.k8s.io/kiali created

role.rbac.authorization.k8s.io/kiali-controlplane created

rolebinding.rbac.authorization.k8s.io/kiali-controlplane created

service/kiali created

deployment.apps/kiali created

serviceaccount/prometheus created

configmap/prometheus created

clusterrole.rbac.authorization.k8s.io/prometheus created

clusterrolebinding.rbac.authorization.k8s.io/prometheus created

service/prometheus created

deployment.apps/prometheus created

[root@k8s-master-node1 ~]#
[root@k8s-master-node1 ~]# kubectl get pods -n istio-system

NAME                                    READY   STATUS    RESTARTS   AGE

grafana-68cc7d6d78-792cw                1/1     Running   0          88s

istio-egressgateway-756d4db566-wh949    1/1     Running   0          6m9s

istio-ingressgateway-8577c57fb6-2vrtg   1/1     Running   0          6m9s

istiod-5847c59c69-l2dt2                 1/1     Running   0          6m48s

jaeger-5d44bc5c5d-n6zjq                 1/1     Running   0          88s

kiali-fd9f88575-svz7g                   1/1     Running   0          87s

prometheus-77b49cb997-7d4s9             2/2     Running   0          86s

[root@k8s-master-node1 ~]#

将istio-ingressgateway改为NodePort方式,方便访问

[root@k8s-master-node1 ~]# kubectl patch service istio-ingressgateway -n istio-system -p '{"spec":{"type":"NodePort"}}'

service/istio-ingressgateway patched

[root@k8s-master-node1 ~]#

https://blog.csdn.net/qq_33921750

https://my.oschina.net/u/3981543

https://www.zhihu.com/people/chen-bu-yun-2

https://segmentfault.com/u/hppyvyv6/articles

https://juejin.cn/user/3315782802482007

https://space.bilibili.com/352476552/article

https://cloud.tencent.com/developer/column/93230

知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云

使用 Istioctl 安装 istio的更多相关文章

  1. 如何解决安装istio后istioctl命令每次使用都需要重新配置路径

    Kubernetes在安装istio后初次使用istioctl命令时会提示istioctl command not found 这时候如果在istio文件夹的根目录下配置 export PATH=$P ...

  2. k8s1.13.3安装istio(helm方式)

    官方文档:https://istio.io/zh/docs/setup/kubernetes/install/helm/ 一.环境信息 centos7 k8s1.13.3 主机名 ip cpu ram ...

  3. 安装istio v1.0 详细过程和步骤

      创建 istio 目录 [root@centos-110 ~]# mkdir istio [root@centos-110 ~]# cd istio   方案一: # 去下面的地址下载压缩包  # ...

  4. k8s 安装 istio 的坑

    本文针对于二进制部署的k8s安装istio1.67版本 没有设置admin.conf的小伙伴请参考 https://www.cnblogs.com/Tempted/p/13469772.html 1. ...

  5. 服务网格Istio入门-详细记录Kubernetes安装Istio并使用

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 服务网格Istio Istio是开源的Service Mesh实现,一般用于Kubernetes ...

  6. 在Mac上安装Istio并使用,有丰富的监控Kiali、Grafana、Jaeger

    我最新最全的文章都在南瓜慢说 www.pkslow.com,文章更新也只在官网,欢迎大家来喝茶~~ 1 简介 之前在文章<服务网格Istio入门-详细记录Kubernetes安装Istio并使用 ...

  7. Kubernetes-使用Helm安装istio

    添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...

  8. 在k3d上快速安装Istio,助你在本地灵活使用K8S!

    作者丨Mitsuyuki Shiiba 原文链接: https://dev.to/bufferings/tried-k8s-istio-in-my-local-machine-with-k3d-52g ...

  9. Istio安全-证书管理(实操一)

    Istio安全-证书管理 目录 Istio安全-证书管理 插入现有CA证书 插入现有证书和密钥 部署Istio 配置示例services 校验证书 卸载 Istio的DNS证书管理 DNS证书的提供和 ...

  10. k8s 安装并试用Istio service mesh

    本文根据官网的文档整理而成,步骤包括安装istio 0.5.1并创建一个bookinfo的微服务来测试istio的功能. 文中使用的yaml文件可以在kubernetes-handbook的manif ...

随机推荐

  1. python脚本监控定时任务

    1.linux服务器中输入命令 crontab -l 查看当前系统的所有定时任务 2. 输入命令 crontab -e ,然后按"i"进行编辑(可新增.修改定时任务).具体定时任务 ...

  2. 纯css实现卡券式半圆及阴影(整理)

    <!-- html部分 --> <div class="a"> <!-- a这个大卡片里边分上下两个卡片,对应上边灰色和下边白色部分 --> & ...

  3. Verilog中的时间尺度与延迟

    在Verilog的建模中,时间尺度和延迟是非常重要的概念,设置好时间尺度和延迟,可以充分模拟逻辑电路发生的各种情况和事件发生的时间点,来评估数字IC设计的各种要求,达到充分评估和仿真的作用.注意延迟语 ...

  4. redis事务和锁机制、持久化操作RDB/AOF

    一.Redis事务介绍 Redis事务是一个单独的隔离操作 :事务中的所有命令都会序列化.按顺序地执行.事务在执行的过程中,不会被其他客户端发送来的命令请求所打断.Redis事务的主要作用就是串联多个 ...

  5. 洛谷 P2105 K皇后 题解

    START: 2021-08-06 16:34:44 题目链接: https://www.luogu.com.cn/problem/P2105 题目详情: 小 Z 最近捡到了一个棋盘,他想在棋盘上摆放 ...

  6. Vue+SSM+Element-Ui实现前后端分离(2)

    前言:后台使用ssm搭建,对以前学习知识的一个回顾,与此同时来发现自己不足.这里主要采用配置文件方式进行,有部分注解. 目标:搭建ssm框架,并测试成功:(其中也有aop切面的编写) 一.开发工具 I ...

  7. MySQL日常维护指南

    一.常用命令 1.查看数据库默认编码 show variables like 'character%'; show variables like 'collation%'; 2.启动停止数据库 /et ...

  8. Flask-Migrate数据库模型映射

    1.Flask-Migrate介绍 flask-migrate可以十分方便的进行数据库的迁移与映射,将我们修改过的ORM模型映射到数据库中.flask-migrate是基于Alembic进行的一个封装 ...

  9. TP5.1模板循环标签

    第一种volist name=assign中的变量名 id=数组中的key offset=开始循环的位置 length=步长 {volist name='list' id='vo' offset='0 ...

  10. Pandas嵌套词典解析或取值

    # tribe列只保留name 值 df['tribe']=df['tribe'].apply(lambda x:eval(x)['name']) # tribe 列全部项目展开 df=df['con ...