K8s下部署Istio
一、环境准备
1.1环境信息
| 主机名 | IP地址 | 用途 |
|---|---|---|
| zhengzw-k8s-master | 10.10.100.7 | K8s Master |
| zhengzw-k8s-node-1 | 10.10.100.15 | K8s Worker |
| zhengzw-k8s-node-1 | 10.10.100.52 | K8s Worker |
OS:Ubuntu 18.4
K8s version:1.15.5
Istio version:1.4.0
1.2软件下载
Windows:
cli: https://github.com/istio/istio/releases/download/1.4.0/istioctl-1.4.0-win.zip
release: https://github.com/istio/istio/releases/download/1.4.0/istio-1.4.0-win.zip
Linux:
cli: https://github.com/istio/istio/releases/download/1.4.0/istioctl-1.4.0-linux.tar.gz
release: https://github.com/istio/istio/releases/download/1.4.0/istio-1.4.0-linux.tar.gz
二、部署
2.1部署方式
2.1.1通过istioctl部署
需要把istioctl命令加入PATH环境变量
# 部署default类型
istioctl manifest apply
# 部署demo类型
istioctl manifest apply --set profile=demo
# 基于default调节功能参数
istioctl manifest apply --set values.global.mtls.enabled=true --set values.global.controlPlaneSecurityEnabled=true
2.1.2通过helm部署
# 创建istio-system命名空间
kubectl create namespace istio-system
# 创建istio CRD
helm template install/kubernetes/helm/istio-init --namespace istio-system | kubectl apply -f -
# 检查CRD是否部署完成
kubectl -n istio-system wait --for=condition=complete job --all
# 部署istio
helm template install/kubernetes/helm/istio --namespace istio-system | kubectl apply -f -
2.1.3通过istio-operator部署
kubectl apply -f https://istio.io/operator.yaml
kubectl apply -f - <<EOF
apiVersion: install.istio.io/v1alpha2
kind: IstioControlPlane
metadata:
namespace: istio-operator
name: example-istiocontrolplane
spec:
profile: demo
EOF
2.2查看istio-system资源
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ kubectl get all -n istio-system
NAME READY STATUS RESTARTS AGE
pod/grafana-6c8f45499-rg5p6 1/1 Running 0 12h
pod/istio-citadel-784d7df6b6-x8ztx 1/1 Running 0 12h
pod/istio-egressgateway-6d9bb5b7fd-t6q4b 1/1 Running 0 12h
pod/istio-galley-7c4f46cb88-5rfmq 1/1 Running 0 12h
pod/istio-ingressgateway-79f779dbd-5vbf8 1/1 Running 0 12h
pod/istio-pilot-7dbbc6d47c-8sjqb 1/1 Running 0 12h
pod/istio-policy-76cf7d86c-b6bmf 1/1 Running 12 12h
pod/istio-sidecar-injector-74cd6dcd84-z2csh 1/1 Running 0 12h
pod/istio-telemetry-7b969c885c-w5l4l 1/1 Running 12 12h
pod/istio-tracing-78548677bc-vpk6g 1/1 Running 0 12h
pod/kiali-fb5f485fb-kb82k 1/1 Running 0 12h
pod/prometheus-685585888b-vz8kk 1/1 Running 0 12h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/grafana NodePort 10.43.179.93 <none> 3000:32181/TCP 12h
service/istio-citadel ClusterIP 10.43.224.2 <none> 8060/TCP,15014/TCP 12h
service/istio-egressgateway ClusterIP 10.43.174.150 <none> 80/TCP,443/TCP,15443/TCP 12h
service/istio-galley ClusterIP 10.43.179.89 <none> 443/TCP,15014/TCP,9901/TCP,15019/TCP 12h
service/istio-ingressgateway LoadBalancer 10.43.23.250 <pending> 15020:32732/TCP,80:31542/TCP,443:30290/TCP,15029:30490/TCP,15030:32752/TCP,15031:31730/TCP,15032:31100/TCP,15443:31932/TCP 12h
service/istio-pilot ClusterIP 10.43.142.224 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 12h
service/istio-policy ClusterIP 10.43.109.166 <none> 9091/TCP,15004/TCP,15014/TCP 12h
service/istio-sidecar-injector ClusterIP 10.43.208.202 <none> 443/TCP 12h
service/istio-telemetry ClusterIP 10.43.253.226 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 12h
service/jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 12h
service/jaeger-collector ClusterIP 10.43.207.194 <none> 14267/TCP,14268/TCP,14250/TCP 12h
service/jaeger-query ClusterIP 10.43.176.51 <none> 16686/TCP 12h
service/kiali NodePort 10.43.90.1 <none> 20001:31055/TCP 12h
service/prometheus ClusterIP 10.43.184.162 <none> 9090/TCP 12h
service/tracing ClusterIP 10.43.101.134 <none> 9411/TCP 12h
service/zipkin ClusterIP 10.43.52.101 <none> 9411/TCP 12h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/grafana 1/1 1 1 12h
deployment.apps/istio-citadel 1/1 1 1 12h
deployment.apps/istio-egressgateway 1/1 1 1 12h
deployment.apps/istio-galley 1/1 1 1 12h
deployment.apps/istio-ingressgateway 1/1 1 1 12h
deployment.apps/istio-pilot 1/1 1 1 12h
deployment.apps/istio-policy 1/1 1 1 12h
deployment.apps/istio-sidecar-injector 1/1 1 1 12h
deployment.apps/istio-telemetry 1/1 1 1 12h
deployment.apps/istio-tracing 1/1 1 1 12h
deployment.apps/kiali 1/1 1 1 12h
deployment.apps/prometheus 1/1 1 1 12h
NAME DESIRED CURRENT READY AGE
replicaset.apps/grafana-6c8f45499 1 1 1 12h
replicaset.apps/istio-citadel-784d7df6b6 1 1 1 12h
replicaset.apps/istio-egressgateway-6d9bb5b7fd 1 1 1 12h
replicaset.apps/istio-galley-7c4f46cb88 1 1 1 12h
replicaset.apps/istio-ingressgateway-79f779dbd 1 1 1 12h
replicaset.apps/istio-pilot-7dbbc6d47c 1 1 1 12h
replicaset.apps/istio-policy-76cf7d86c 1 1 1 12h
replicaset.apps/istio-sidecar-injector-74cd6dcd84 1 1 1 12h
replicaset.apps/istio-telemetry-7b969c885c 1 1 1 12h
replicaset.apps/istio-tracing-78548677bc 1 1 1 12h
replicaset.apps/kiali-fb5f485fb 1 1 1 12h
replicaset.apps/prometheus-685585888b 1 1 1 12h
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/istio-telemetry Deployment/istio-telemetry 2%/80% 1 5 1 12h
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ kubectl get all -n istio-system
NAME READY STATUS RESTARTS AGE
pod/grafana-6c8f45499-rg5p6 1/1 Running 0 12h
pod/istio-citadel-784d7df6b6-x8ztx 1/1 Running 0 12h
pod/istio-egressgateway-6d9bb5b7fd-t6q4b 1/1 Running 0 12h
pod/istio-galley-7c4f46cb88-5rfmq 1/1 Running 0 12h
pod/istio-ingressgateway-79f779dbd-5vbf8 1/1 Running 0 12h
pod/istio-pilot-7dbbc6d47c-8sjqb 1/1 Running 0 12h
pod/istio-policy-76cf7d86c-b6bmf 1/1 Running 12 12h
pod/istio-sidecar-injector-74cd6dcd84-z2csh 1/1 Running 0 12h
pod/istio-telemetry-7b969c885c-w5l4l 1/1 Running 12 12h
pod/istio-tracing-78548677bc-vpk6g 1/1 Running 0 12h
pod/kiali-fb5f485fb-kb82k 1/1 Running 0 12h
pod/prometheus-685585888b-vz8kk 1/1 Running 0 12h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/grafana NodePort 10.43.179.93 <none> 3000:32181/TCP 12h
service/istio-citadel ClusterIP 10.43.224.2 <none> 8060/TCP,15014/TCP 12h
service/istio-egressgateway ClusterIP 10.43.174.150 <none> 80/TCP,443/TCP,15443/TCP 12h
service/istio-galley ClusterIP 10.43.179.89 <none> 443/TCP,15014/TCP,9901/TCP,15019/TCP 12h
service/istio-ingressgateway LoadBalancer 10.43.23.250 <pending> 15020:32732/TCP,80:31542/TCP,443:30290/TCP,15029:30490/TCP,15030:32752/TCP,15031:31730/TCP,15032:31100/TCP,15443:31932/TCP 12h
service/istio-pilot ClusterIP 10.43.142.224 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP 12h
service/istio-policy ClusterIP 10.43.109.166 <none> 9091/TCP,15004/TCP,15014/TCP 12h
service/istio-sidecar-injector ClusterIP 10.43.208.202 <none> 443/TCP 12h
service/istio-telemetry ClusterIP 10.43.253.226 <none> 9091/TCP,15004/TCP,15014/TCP,42422/TCP 12h
service/jaeger-agent ClusterIP None <none> 5775/UDP,6831/UDP,6832/UDP 12h
service/jaeger-collector ClusterIP 10.43.207.194 <none> 14267/TCP,14268/TCP,14250/TCP 12h
service/jaeger-query ClusterIP 10.43.176.51 <none> 16686/TCP 12h
service/kiali NodePort 10.43.90.1 <none> 20001:31055/TCP 12h
service/prometheus ClusterIP 10.43.184.162 <none> 9090/TCP 12h
service/tracing ClusterIP 10.43.101.134 <none> 9411/TCP 12h
service/zipkin ClusterIP 10.43.52.101 <none> 9411/TCP 12h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/grafana 1/1 1 1 12h
deployment.apps/istio-citadel 1/1 1 1 12h
deployment.apps/istio-egressgateway 1/1 1 1 12h
deployment.apps/istio-galley 1/1 1 1 12h
deployment.apps/istio-ingressgateway 1/1 1 1 12h
deployment.apps/istio-pilot 1/1 1 1 12h
deployment.apps/istio-policy 1/1 1 1 12h
deployment.apps/istio-sidecar-injector 1/1 1 1 12h
deployment.apps/istio-telemetry 1/1 1 1 12h
deployment.apps/istio-tracing 1/1 1 1 12h
deployment.apps/kiali 1/1 1 1 12h
deployment.apps/prometheus 1/1 1 1 12h
NAME DESIRED CURRENT READY AGE
replicaset.apps/grafana-6c8f45499 1 1 1 12h
replicaset.apps/istio-citadel-784d7df6b6 1 1 1 12h
replicaset.apps/istio-egressgateway-6d9bb5b7fd 1 1 1 12h
replicaset.apps/istio-galley-7c4f46cb88 1 1 1 12h
replicaset.apps/istio-ingressgateway-79f779dbd 1 1 1 12h
replicaset.apps/istio-pilot-7dbbc6d47c 1 1 1 12h
replicaset.apps/istio-policy-76cf7d86c 1 1 1 12h
replicaset.apps/istio-sidecar-injector-74cd6dcd84 1 1 1 12h
replicaset.apps/istio-telemetry-7b969c885c 1 1 1 12h
replicaset.apps/istio-tracing-78548677bc 1 1 1 12h
replicaset.apps/kiali-fb5f485fb 1 1 1 12h
replicaset.apps/prometheus-685585888b 1 1 1 12h
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/istio-telemetry Deployment/istio-telemetry 2%/80% 1 5 1 12h
2.3查看版本
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/samples/bookinfo/platform/kube$ istioctl version
client version: 1.4.0
control plane version: 1.4.0
data plane version: 1.4.0 (2 proxies)
2.4为default添加istio注入
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/install/kubernetes$ kubectl label namespace default istio-injection=enable
namespace/default labeled
ubuntu@zhengzw-k8s-node-1:~/istio-1.4.0/install/kubernetes$ kubectl get ns -L istio-injection
NAME STATUS AGE ISTIO-INJECTION
cattle-system Active 16h
default Active 16h enable
ingress-nginx Active 16h
istio-system Active 12h disabled
kube-node-lease Active 16h
kube-public Active 16h
kube-system Active 16h
K8s下部署Istio的更多相关文章
- 第五章 用Helm部署Istio
5.1 Istio Chart概述 Helm是目前Istio官方推荐的安装方式.还可以对输入值进行一些调整,完成对Istio的部分配置工作.Istio Chart是一个总分结构,其分级结构和设计结构是 ...
- Dubbo 在 K8s 下的思考
作者 | 曹胜利 Apache Dubbo PMC 导读:Dubbo 作为高性能 Java RPC 框架的刻板印象早已深入人心,在 Cloud Native 的架构选型上,Spring Cloud ...
- Kubernetes之在k8s中部署Java应用
部署好了k8s以后 部署参考https://www.cnblogs.com/minseo/p/12055731.html 怎么在k8s部署应用 项目迁移到k8s平台是怎样的流程 1,制作镜像 2,控制 ...
- kubernetes之三 使用kubectl在k8s上部署应用
在上一篇中,我们学习了使用minikube来搭建k8s集群.k8s集群启动后,就可以在上面部署应用了.本篇,我们就来学习如何使用kubectl在k8s上部署应用. 学习之前,可以先从下面这篇博客上了解 ...
- 在Kubernetes下部署Prometheus
使用ConfigMaps管理应用配置 当使用Deployment管理和部署应用程序时,用户可以方便了对应用进行扩容或者缩容,从而产生多个Pod实例.为了 能够统一管理这些Pod的配置信息,在Kuber ...
- 在k8s上部署日志系统elfk
日志系统elfk 前言 经过上周的技术预研,在本周一通过开会研究,根据公司的现有业务流量和技术栈,决定选择的日志系统方案为:elasticsearch(es)+logstash(lo)+filebea ...
- 使用Rancher在K8S上部署高性能PHP应用程序
介 绍 PHP是网络上最流行的编程语言之一,许多被广泛使用的内容管理系统都使用它开发,如WordPress和Drupal,并为现代服务器端框架(如Laravel和Symfony)提供核心代码. 尽管P ...
- 【原创】一层Nginx反向代理K8S化部署实践
目录: 1)背景介绍 2)方案分析 3)实现细节 4)监控告警 5)日志收集 6)测试 一.背景介绍 如下图所示,传统方式部署一层Nginx,随着业务扩大,维护管理变得复杂,繁琐,耗时耗力和易 ...
- k8s下的jenkins如何设置maven
关于k8s环境的jenkins集群 k8s下搭建了jenkins集群后,执行任务时会新建pod,任务完成后pod被销毁,架构如下图所示: 在k8s搭建jenkins集群的步骤请参照<> 关 ...
随机推荐
- [Vue源码]一起来学Vue模板编译原理(二)-AST生成Render字符串
本文我们一起通过学习Vue模板编译原理(二)-AST生成Render字符串来分析Vue源码.预计接下来会围绕Vue源码来整理一些文章,如下. 一起来学Vue双向绑定原理-数据劫持和发布订阅 一起来学V ...
- uniapp安卓ios百度人脸识别、活体检测、人脸采集APP原生插件
插件亮点 1 支持安卓平板(横竖屏均可),苹果的iPad.2 颜色图片均可更换. 特别提醒 此插件包含 android 端和 iOS 端,考虑到有些同学只做其中一个端的 app,特意分为 2 个插件, ...
- 超详细Node安装教程
今天周末休息,我制定了我的2020年度规划,其中包含编写50篇养成写博文的习惯.算下来平均每周一篇,感觉也不是很难,但我的写作能力不是很好,争取一次比一次好!希望自己能够坚持下去.2020为自己而活, ...
- HDU5179 beautiful number 题解 数位DP
题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=5179 题目大意: 给你一个数 \(A = a_1a_2 \cdots a_n\) ,我们称 \(A\) ...
- javascript-void keyword
javascript-void keyword 写在前面 ECMA-262定义了ECMAScript所支持的关键字(keyword),关键字不能用作ECMAScript程序的标识符(Indetifie ...
- C++中重载、重写(覆盖)和隐藏的区别
转载自:https://blog.csdn.net/zx3517288/article/details/48976097 基本概念: 重载:是指同一可访问区内被声明的几个具有不同参数列(参数的类型,个 ...
- 应急响应&&取证
查看日志 eventvwr.exe 中了勒索病毒 1.查看download目录有没有病毒样本,C:\Users\86132\Downloads 2.查看系统开放端口 3.导出systemin ...
- 开源API网关,你选对了么?
开源API网关,你选对了么? api网关的本质 不用扯那么多,也不用画图,一句话说清楚 api网关:流量总入口,得以集中控制! 就这么简单 api网关协议上最基本要支持HTTP 和 WebSocket ...
- 2019 年百度之星 初赛一 1002 Game
传送门 Problem Description 度度熊在玩一个好玩的游戏.游戏的主人公站在一根数轴上,他可以在数轴上任意移动,对于每次移动,他可以选择往左或往右走一格或两格.现在他要依次完成 n 个任 ...
- Spring多数据源动态切换
title: Spring多数据源动态切换 date: 2019-11-27 categories: Java Spring tags: 数据源 typora-root-url: ...... --- ...