K8s下部署Istio
一、环境准备
1.1环境信息
| 主机名 | IP地址 | 用途 |
|---|---|---|
| zhengzw-k8s-master | 10.10.100.7 | K8s Master |
| zhengzw-k8s-node-1 | 10.10.100.15 | K8s Worker |
| zhengzw-k8s-node-1 | 10.10.100.52 | K8s Worker |
OS:Ubuntu 18.4
K8s version:1.15.5
Istio version:1.4.0
1.2软件下载
Windows:
cli: https://github.com/istio/istio/releases/download/1.4.0/istioctl-1.4.0-win.zip
release: https://github.com/istio/istio/releases/download/1.4.0/istio-1.4.0-win.zip
Linux:
cli: https://github.com/istio/istio/releases/download/1.4.0/istioctl-1.4.0-linux.tar.gz
release: https://github.com/istio/istio/releases/download/1.4.0/istio-1.4.0-linux.tar.gz
二、部署
2.1部署方式
2.1.1通过istioctl部署
需要把istioctl命令加入PATH环境变量
# 部署default类型
istioctl manifest apply
# 部署demo类型
istioctl manifest apply --set profile=demo
# 基于default调节功能参数
istioctl manifest apply --set values.global.mtls.enabled=true --set values.global.controlPlaneSecurityEnabled=true
2.1.2通过helm部署
# 创建istio-system命名空间
kubectl create namespace istio-system
# 创建istio CRD
helm template install/kubernetes/helm/istio-init --namespace istio-system | kubectl apply -f -
# 检查CRD是否部署完成
kubectl -n istio-system wait --for=condition=complete job --all
# 部署istio
helm template install/kubernetes/helm/istio --namespace istio-system | kubectl apply -f -
2.1.3通过istio-operator部署
kubectl apply -f https://istio.io/operator.yaml
kubectl apply -f - <<EOF
apiVersion: install.istio.io/v1alpha2
kind: IstioControlPlane
metadata:
namespace: istio-operator
name: example-istiocontrolplane
spec:
profile: demo
EOF
2.2查看istio-system资源
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ kubectl get all -n istio-system
NAME READY STATUS RESTARTS AGE
pod/grafana-6c8f45499-rg5p6 1/1 Running 0 12h
pod/istio-citadel-784d7df6b6-x8ztx 1/1 Running 0 12h
pod/istio-egressgateway-6d9bb5b7fd-t6q4b 1/1 Running 0 12h
pod/istio-galley-7c4f46cb88-5rfmq 1/1 Running 0 12h
pod/istio-ingressgateway-79f779dbd-5vbf8 1/1 Running 0 12h
pod/istio-pilot-7dbbc6d47c-8sjqb 1/1 Running 0 12h
pod/istio-policy-76cf7d86c-b6bmf 1/1 Running 12 12h
pod/istio-sidecar-injector-74cd6dcd84-z2csh 1/1 Running 0 12h
pod/istio-telemetry-7b969c885c-w5l4l 1/1 Running 12 12h
pod/istio-tracing-78548677bc-vpk6g 1/1 Running 0 12h
pod/kiali-fb5f485fb-kb82k 1/1 Running 0 12h
pod/prometheus-685585888b-vz8kk 1/1 Running 0 12h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/grafana NodePort 10.43.179.93 <none> 3000:32181/TCP 12h
service/istio-citadel ClusterIP 10.43.224.2 <none> 8060/TCP,15014/TCP 12h
service/istio-egressgateway ClusterIP 10.43.174.150 <none> 80/TCP,443/TCP,15443/TCP 12h
service/istio-galley ClusterIP 10.43.179.89 <none> 443/TCP,15014/TCP,9901/TCP,15019/TCP 12h
service/istio-ingressgateway LoadBalancer 10.43.23.250 <pending> 15020:32732/TCP,80:31542/TCP,443:30290/TCP,15029:30490/TCP,15030:32752/TCP,15031:31730/TCP,15032:31100/TCP,15443:31932/TCP 12h
service/istio-pilot ClusterIP 10.43.142.224 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 12h
service/istio-policy ClusterIP 10.43.109.166 <none> 9091/TCP,15004/TCP,15014/TCP 12h
service/istio-sidecar-injector ClusterIP 10.43.208.202 <none> 443/TCP 12h
service/istio-telemetry ClusterIP 10.43.253.226 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 12h
service/jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 12h
service/jaeger-collector ClusterIP 10.43.207.194 <none> 14267/TCP,14268/TCP,14250/TCP 12h
service/jaeger-query ClusterIP 10.43.176.51 <none> 16686/TCP 12h
service/kiali NodePort 10.43.90.1 <none> 20001:31055/TCP 12h
service/prometheus ClusterIP 10.43.184.162 <none> 9090/TCP 12h
service/tracing ClusterIP 10.43.101.134 <none> 9411/TCP 12h
service/zipkin ClusterIP 10.43.52.101 <none> 9411/TCP 12h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/grafana 1/1 1 1 12h
deployment.apps/istio-citadel 1/1 1 1 12h
deployment.apps/istio-egressgateway 1/1 1 1 12h
deployment.apps/istio-galley 1/1 1 1 12h
deployment.apps/istio-ingressgateway 1/1 1 1 12h
deployment.apps/istio-pilot 1/1 1 1 12h
deployment.apps/istio-policy 1/1 1 1 12h
deployment.apps/istio-sidecar-injector 1/1 1 1 12h
deployment.apps/istio-telemetry 1/1 1 1 12h
deployment.apps/istio-tracing 1/1 1 1 12h
deployment.apps/kiali 1/1 1 1 12h
deployment.apps/prometheus 1/1 1 1 12h
NAME DESIRED CURRENT READY AGE
replicaset.apps/grafana-6c8f45499 1 1 1 12h
replicaset.apps/istio-citadel-784d7df6b6 1 1 1 12h
replicaset.apps/istio-egressgateway-6d9bb5b7fd 1 1 1 12h
replicaset.apps/istio-galley-7c4f46cb88 1 1 1 12h
replicaset.apps/istio-ingressgateway-79f779dbd 1 1 1 12h
replicaset.apps/istio-pilot-7dbbc6d47c 1 1 1 12h
replicaset.apps/istio-policy-76cf7d86c 1 1 1 12h
replicaset.apps/istio-sidecar-injector-74cd6dcd84 1 1 1 12h
replicaset.apps/istio-telemetry-7b969c885c 1 1 1 12h
replicaset.apps/istio-tracing-78548677bc 1 1 1 12h
replicaset.apps/kiali-fb5f485fb 1 1 1 12h
replicaset.apps/prometheus-685585888b 1 1 1 12h
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/istio-telemetry Deployment/istio-telemetry 2%/80% 1 5 1 12h
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ kubectl get all -n istio-system
NAME READY STATUS RESTARTS AGE
pod/grafana-6c8f45499-rg5p6 1/1 Running 0 12h
pod/istio-citadel-784d7df6b6-x8ztx 1/1 Running 0 12h
pod/istio-egressgateway-6d9bb5b7fd-t6q4b 1/1 Running 0 12h
pod/istio-galley-7c4f46cb88-5rfmq 1/1 Running 0 12h
pod/istio-ingressgateway-79f779dbd-5vbf8 1/1 Running 0 12h
pod/istio-pilot-7dbbc6d47c-8sjqb 1/1 Running 0 12h
pod/istio-policy-76cf7d86c-b6bmf 1/1 Running 12 12h
pod/istio-sidecar-injector-74cd6dcd84-z2csh 1/1 Running 0 12h
pod/istio-telemetry-7b969c885c-w5l4l 1/1 Running 12 12h
pod/istio-tracing-78548677bc-vpk6g 1/1 Running 0 12h
pod/kiali-fb5f485fb-kb82k 1/1 Running 0 12h
pod/prometheus-685585888b-vz8kk 1/1 Running 0 12h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/grafana NodePort 10.43.179.93 <none> 3000:32181/TCP 12h
service/istio-citadel ClusterIP 10.43.224.2 <none> 8060/TCP,15014/TCP 12h
service/istio-egressgateway ClusterIP 10.43.174.150 <none> 80/TCP,443/TCP,15443/TCP 12h
service/istio-galley ClusterIP 10.43.179.89 <none> 443/TCP,15014/TCP,9901/TCP,15019/TCP 12h
service/istio-ingressgateway LoadBalancer 10.43.23.250 <pending> 15020:32732/TCP,80:31542/TCP,443:30290/TCP,15029:30490/TCP,15030:32752/TCP,15031:31730/TCP,15032:31100/TCP,15443:31932/TCP 12h
service/istio-pilot ClusterIP 10.43.142.224 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 12h
service/istio-policy ClusterIP 10.43.109.166 <none> 9091/TCP,15004/TCP,15014/TCP 12h
service/istio-sidecar-injector ClusterIP 10.43.208.202 <none> 443/TCP 12h
service/istio-telemetry ClusterIP 10.43.253.226 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 12h
service/jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 12h
service/jaeger-collector ClusterIP 10.43.207.194 <none> 14267/TCP,14268/TCP,14250/TCP 12h
service/jaeger-query ClusterIP 10.43.176.51 <none> 16686/TCP 12h
service/kiali NodePort 10.43.90.1 <none> 20001:31055/TCP 12h
service/prometheus ClusterIP 10.43.184.162 <none> 9090/TCP 12h
service/tracing ClusterIP 10.43.101.134 <none> 9411/TCP 12h
service/zipkin ClusterIP 10.43.52.101 <none> 9411/TCP 12h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/grafana 1/1 1 1 12h
deployment.apps/istio-citadel 1/1 1 1 12h
deployment.apps/istio-egressgateway 1/1 1 1 12h
deployment.apps/istio-galley 1/1 1 1 12h
deployment.apps/istio-ingressgateway 1/1 1 1 12h
deployment.apps/istio-pilot 1/1 1 1 12h
deployment.apps/istio-policy 1/1 1 1 12h
deployment.apps/istio-sidecar-injector 1/1 1 1 12h
deployment.apps/istio-telemetry 1/1 1 1 12h
deployment.apps/istio-tracing 1/1 1 1 12h
deployment.apps/kiali 1/1 1 1 12h
deployment.apps/prometheus 1/1 1 1 12h
NAME DESIRED CURRENT READY AGE
replicaset.apps/grafana-6c8f45499 1 1 1 12h
replicaset.apps/istio-citadel-784d7df6b6 1 1 1 12h
replicaset.apps/istio-egressgateway-6d9bb5b7fd 1 1 1 12h
replicaset.apps/istio-galley-7c4f46cb88 1 1 1 12h
replicaset.apps/istio-ingressgateway-79f779dbd 1 1 1 12h
replicaset.apps/istio-pilot-7dbbc6d47c 1 1 1 12h
replicaset.apps/istio-policy-76cf7d86c 1 1 1 12h
replicaset.apps/istio-sidecar-injector-74cd6dcd84 1 1 1 12h
replicaset.apps/istio-telemetry-7b969c885c 1 1 1 12h
replicaset.apps/istio-tracing-78548677bc 1 1 1 12h
replicaset.apps/kiali-fb5f485fb 1 1 1 12h
replicaset.apps/prometheus-685585888b 1 1 1 12h
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/istio-telemetry Deployment/istio-telemetry 2%/80% 1 5 1 12h
2.3查看版本
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ istioctl version
client version: 1.4.0
control plane version: 1.4.0
data plane version: 1.4.0 (2 proxies)
2.4为default添加istio注入
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/install/kubernetes$ kubectl label namespace default istio-injection=enable
namespace/default labeled
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/install/kubernetes$ kubectl get ns -L istio-injection
NAME STATUS AGE ISTIO-INJECTION
cattle-system Active 16h
default Active 16h enable
ingress-nginx Active 16h
istio-system Active 12h disabled
kube-node-lease Active 16h
kube-public Active 16h
kube-system Active 16h
K8s下部署Istio的更多相关文章
- 第五章 用Helm部署Istio
5.1 Istio Chart概述 Helm是目前Istio官方推荐的安装方式.还可以对输入值进行一些调整,完成对Istio的部分配置工作.Istio Chart是一个总分结构,其分级结构和设计结构是 ...
- Dubbo 在 K8s 下的思考
作者 | 曹胜利 Apache Dubbo PMC 导读:Dubbo 作为高性能 Java RPC 框架的刻板印象早已深入人心,在 Cloud Native 的架构选型上,Spring Cloud ...
- Kubernetes之在k8s中部署Java应用
部署好了k8s以后 部署参考https://www.cnblogs.com/minseo/p/12055731.html 怎么在k8s部署应用 项目迁移到k8s平台是怎样的流程 1,制作镜像 2,控制 ...
- kubernetes之三 使用kubectl在k8s上部署应用
在上一篇中,我们学习了使用minikube来搭建k8s集群.k8s集群启动后,就可以在上面部署应用了.本篇,我们就来学习如何使用kubectl在k8s上部署应用. 学习之前,可以先从下面这篇博客上了解 ...
- 在Kubernetes下部署Prometheus
使用ConfigMaps管理应用配置 当使用Deployment管理和部署应用程序时,用户可以方便了对应用进行扩容或者缩容,从而产生多个Pod实例.为了 能够统一管理这些Pod的配置信息,在Kuber ...
- 在k8s上部署日志系统elfk
日志系统elfk 前言 经过上周的技术预研,在本周一通过开会研究,根据公司的现有业务流量和技术栈,决定选择的日志系统方案为:elasticsearch(es)+logstash(lo)+filebea ...
- 使用Rancher在K8S上部署高性能PHP应用程序
介 绍 PHP是网络上最流行的编程语言之一,许多被广泛使用的内容管理系统都使用它开发,如WordPress和Drupal,并为现代服务器端框架(如Laravel和Symfony)提供核心代码. 尽管P ...
- 【原创】一层Nginx反向代理K8S化部署实践
目录: 1)背景介绍 2)方案分析 3)实现细节 4)监控告警 5)日志收集 6)测试 一.背景介绍 如下图所示,传统方式部署一层Nginx,随着业务扩大,维护管理变得复杂,繁琐,耗时耗力和易 ...
- k8s下的jenkins如何设置maven
关于k8s环境的jenkins集群 k8s下搭建了jenkins集群后,执行任务时会新建pod,任务完成后pod被销毁,架构如下图所示: 在k8s搭建jenkins集群的步骤请参照<> 关 ...
随机推荐
- Hyperledger Fabric动态配置Raft节点
Hyperledger Fabric动态配置Raft节点 最近看官方文档发现新的共识算法etcdRaft允许动态添加或删除排序节点,所以也花了一天时间操作了以下,写篇文章把整个过程记录一下. 初始网络 ...
- linux下tomcat相关的命令
1.查看Tomcat是否以关闭 ps -ef|grep tomcat 2.直接干掉Tomcat可以使用kill命令,直接杀死Tomcat进程(这个命令用在当你关闭tomcat报错的时候直接杀死进程) ...
- javaweb项目添加log4j日志
谈到我们在Java程序中经常用的日志,Log4j应该是耳熟能详了.这里先提下slf4j,英文全名是Simple Logging Facade for Java,直面意思是:Java的简单日志门面.sl ...
- mysql授权用户权限
mysql 用户管理和权限设置 用户管理 mysql>use mysql; 查看 mysql> select host,user,password from user ; 创建 mys ...
- .NET Core 3 WPF MVVM框架 Prism系列之命令
本文将介绍如何在.NET Core3环境下使用MVVM框架Prism的命令的用法 一.创建DelegateCommand命令 我们在上一篇.NET Core 3 WPF MVVM框架 Prism系列之 ...
- 洛谷$P4585\ [FJOI2015]$火星商店问题 线段树+$trie$树
正解:线段树+$trie$树 解题报告: 传送门$QwQ$ $umm$题目有点儿长我先写下题目大意趴$QwQ$,就说有$n$个初始均为空的集合和$m$次操作,每次操作为向某个集合内加入一个数$x$,或 ...
- $[NOIp2015]$ 子串 $dp$
\(Sol\) 不知道为啥看起来就很\(dp\)的亚子.我们关心的只有\(A\)串当前用到哪一个,\(B\)串已经匹配到哪个位置,已经匹配的被分成了多少段.所以设\(f_{i,j,k,0/1}\)表示 ...
- 【DDD】持久化领域对象的方法实践
[toc] 概述 在实践领域驱动设计(DDD)的过程中,我们会根据项目的所在领域以及需求情况捕获出一定数量的领域对象.设计得足够好的领域对象便于我们更加透彻的理解业务,方便系统后期的扩展和维护,不至于 ...
- Q&A系列一:DataPipeline常见问题回答
不知不觉中,大家已经陪伴DataPipeline走过了3年时间.在这期间,得益于客户们的积极反馈和沟通,我们总结了一些日常工作中比较常见的问题,并基于这些问题进行了总结. 为避免突兀,我们会先从比较基 ...
- mysql索引最佳实践
索引最佳实践使用的表CREATE TABLE `employees` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(24) NOT ...