helm安装kubernetes的插件istio
1.安装istio
要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值
怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options
模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/
certmanagergalleygatewaysglobalgrafanaistio_cniistiocorednskialimixernodeagentpilotprometheussecurityservicegraphsidecarInjectorWebhooktracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \
--name istio --namespace istio-system \
--set sidecarInjectorWebhook.enabled=true \
--set ingress.service.type=NodePort \
--set gateways.istio-ingressgateway.type=NodePort \
--set gateways.istio-egressgateway.type=NodePort \
--set tracing.enabled=true \
--set servicegraph.enabled=true \
--set prometheus.enabled=true \
--set tracing.jaeger.enabled=true \
--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml
poddisruptionbudget.policy/istio-galley unchanged
poddisruptionbudget.policy/istio-ingressgateway unchanged
poddisruptionbudget.policy/istio-policy unchanged
poddisruptionbudget.policy/istio-telemetry unchanged
poddisruptionbudget.policy/istio-pilot unchanged
configmap/istio-galley-configuration unchanged
configmap/istio-grafana-custom-resources unchanged
configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged
configmap/istio-grafana unchanged
configmap/prometheus unchanged
configmap/istio-security-custom-resources unchanged
configmap/istio configured
configmap/istio-sidecar-injector configured
serviceaccount/istio-galley-service-account unchanged
serviceaccount/istio-ingressgateway-service-account unchanged
serviceaccount/istio-grafana-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged
job.batch/istio-grafana-post-install-1.1. unchanged
serviceaccount/istio-mixer-service-account unchanged
serviceaccount/istio-pilot-service-account unchanged
serviceaccount/prometheus unchanged
serviceaccount/istio-cleanup-secrets-service-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
job.batch/istio-cleanup-secrets-1.1. unchanged
serviceaccount/istio-security-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged
job.batch/istio-security-post-install-1.1. unchanged
serviceaccount/istio-citadel-service-account unchanged
serviceaccount/istio-sidecar-injector-service-account unchanged
serviceaccount/istio-multi unchanged
clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-reader unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged
role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
service/istio-galley unchanged
service/istio-ingressgateway configured
service/grafana unchanged
service/istio-policy unchanged
service/istio-telemetry unchanged
service/istio-pilot unchanged
service/prometheus unchanged
service/istio-citadel unchanged
service/servicegraph created
service/istio-sidecar-injector unchanged
deployment.extensions/istio-galley configured
deployment.extensions/istio-ingressgateway configured
deployment.extensions/grafana unchanged
deployment.extensions/istio-policy configured
deployment.extensions/istio-telemetry configured
deployment.extensions/istio-pilot configured
deployment.extensions/prometheus unchanged
deployment.extensions/istio-citadel configured
deployment.extensions/servicegraph created
deployment.extensions/istio-sidecar-injector configured
deployment.extensions/istio-tracing unchanged
horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged
horizontalpodautoscaler.autoscaling/istio-policy unchanged
horizontalpodautoscaler.autoscaling/istio-telemetry unchanged
horizontalpodautoscaler.autoscaling/istio-pilot unchanged
service/jaeger-query unchanged
service/jaeger-collector unchanged
service/jaeger-agent unchanged
service/zipkin unchanged
service/tracing unchanged
mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured
attributemanifest.config.istio.io/istioproxy unchanged
attributemanifest.config.istio.io/kubernetes unchanged
metric.config.istio.io/requestcount unchanged
metric.config.istio.io/requestduration unchanged
metric.config.istio.io/requestsize unchanged
metric.config.istio.io/responsesize unchanged
metric.config.istio.io/tcpbytesent unchanged
metric.config.istio.io/tcpbytereceived unchanged
metric.config.istio.io/tcpconnectionsopened unchanged
metric.config.istio.io/tcpconnectionsclosed unchanged
handler.config.istio.io/prometheus unchanged
rule.config.istio.io/promhttp unchanged
rule.config.istio.io/promtcp unchanged
rule.config.istio.io/promtcpconnectionopen unchanged
rule.config.istio.io/promtcpconnectionclosed unchanged
handler.config.istio.io/kubernetesenv unchanged
rule.config.istio.io/kubeattrgenrulerule unchanged
rule.config.istio.io/tcpkubeattrgenrulerule unchanged
kubernetes.config.istio.io/attributes unchanged
destinationrule.networking.istio.io/istio-policy unchanged
destinationrule.networking.istio.io/istio-telemetry unchanged
如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。
[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment.extensions/tiller-deploy patched
2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress
[root@master istio-1.1.]# vim ingress-istio.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: prometheus
namespace: istio-system
spec:
rules:
- host: prometheus.istio.io
http:
paths:
- path: /
backend:
serviceName: prometheus
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grafana
namespace: istio-system
spec:
rules:
- host: grafana.istio.io
http:
paths:
- path: /
backend:
serviceName: grafana
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: servicegraph
namespace: istio-system
spec:
rules:
- host: servicegraph.istio.io
http:
paths:
- path: /
backend:
serviceName: servicegraph
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tracing
namespace: istio-system
spec:
rules:
- host: tracing.istio.io
http:
paths:
- path: /
backend:
serviceName: tracing
servicePort:
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml
通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
http://servicegraph.istio.io/dotgraph: 提供点序列化.
http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:
参考:https://www.sohu.com/a/244910852_684389
helm安装kubernetes的插件istio的更多相关文章
- Centos 使用kubeadm安装Kubernetes 1.15.3
本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...
- ARM架构安装Kubernetes集群
背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...
- Kubernetes-使用Helm安装istio
添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...
- kubernetes包管理工具Helm安装
helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...
- kubernetes实战(十):k8s使用Helm安装harbor
1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...
- 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/
本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...
- 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm
Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...
- kubernetes实战篇之helm安装
系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...
- Helm 安装部署Kubernetes的dashboard
Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...
随机推荐
- 笔记:Python的浅复制和深复制
方法copy返回一个新字典,其包含的键-值对与原来的字典相同(这个方法执行的是浅复制,因为值本身是原件,而不是副本). >>> x = {"username": ...
- 快速读取 C++
int read() { ; ; char ch=getchar(); ') { if (ch=='-') f=-; ch=getchar(); } ') { x=x*+ch-'; ch=getcha ...
- 数组去重Set也可实现
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...
- 19. 接口(创建interface 继承implements)
1.语法: interface 接口名{ 属性 抽象方法 } 2.实例: 3.注意: 1)类实现接口可以通过implements实现,实现接口的时候必须把接口中的所有方法实现,一个类可以实现多个接口. ...
- leetcood学习笔记-101-对称二叉树
题目描述: 方法一:递归: class Solution: def isSymmetric(self, root: TreeNode) -> bool: if not root: return ...
- MapReduce分区数据倾斜
什么是数据倾斜? 数据不可避免的出现离群值,并导致数据倾斜,数据倾斜会显著的拖慢MR的执行速度 常见数据倾斜有以下几类 1.数据频率倾斜 某一个区域的数据量要远远大于其他区域 2.数据大小倾斜 ...
- Go 逻辑运算符
Go 逻辑运算符 package main import "fmt" func main() { var a bool = true var b bool = false if ( ...
- 记一次为解决Python读取PDF文件的Shell操作
目录 一.背景 二.问题 三.解决 四.一顿分析及 Shell 操作 五.后续 一.背景 本想将 PDF 文件转换为 Word 文档,然后网上搜索了一下发现有挺多转换的软件.有的是免费的.收费,咱也不 ...
- Delphi2007中正确调用SetWindowLong隐藏程序任务栏图标
http://terony.blog.sohu.com/71347192.html Delphi2007中正确调用SetWindowLong隐藏程序任务栏图标 标签: Delphi2007 SetW ...
- 使用Docker在服务器上部署Ubuntu,本地传文件到docker
使用Docker在服务器上部署Ubuntu,本地传文件到docker 作者:王佳乐 目录 安装Docker 安装Docker 全部安装流程: 登录服务器 ssh username@ip 检查是否已经安 ...