helm安装kubernetes的插件istio
1.安装istio
要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值
怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options
模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/
certmanagergalleygatewaysglobalgrafanaistio_cniistiocorednskialimixernodeagentpilotprometheussecurityservicegraphsidecarInjectorWebhooktracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \
--name istio --namespace istio-system \
--set sidecarInjectorWebhook.enabled=true \
--set ingress.service.type=NodePort \
--set gateways.istio-ingressgateway.type=NodePort \
--set gateways.istio-egressgateway.type=NodePort \
--set tracing.enabled=true \
--set servicegraph.enabled=true \
--set prometheus.enabled=true \
--set tracing.jaeger.enabled=true \
--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml
poddisruptionbudget.policy/istio-galley unchanged
poddisruptionbudget.policy/istio-ingressgateway unchanged
poddisruptionbudget.policy/istio-policy unchanged
poddisruptionbudget.policy/istio-telemetry unchanged
poddisruptionbudget.policy/istio-pilot unchanged
configmap/istio-galley-configuration unchanged
configmap/istio-grafana-custom-resources unchanged
configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged
configmap/istio-grafana unchanged
configmap/prometheus unchanged
configmap/istio-security-custom-resources unchanged
configmap/istio configured
configmap/istio-sidecar-injector configured
serviceaccount/istio-galley-service-account unchanged
serviceaccount/istio-ingressgateway-service-account unchanged
serviceaccount/istio-grafana-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged
job.batch/istio-grafana-post-install-1.1. unchanged
serviceaccount/istio-mixer-service-account unchanged
serviceaccount/istio-pilot-service-account unchanged
serviceaccount/prometheus unchanged
serviceaccount/istio-cleanup-secrets-service-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
job.batch/istio-cleanup-secrets-1.1. unchanged
serviceaccount/istio-security-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged
job.batch/istio-security-post-install-1.1. unchanged
serviceaccount/istio-citadel-service-account unchanged
serviceaccount/istio-sidecar-injector-service-account unchanged
serviceaccount/istio-multi unchanged
clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-reader unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged
role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
service/istio-galley unchanged
service/istio-ingressgateway configured
service/grafana unchanged
service/istio-policy unchanged
service/istio-telemetry unchanged
service/istio-pilot unchanged
service/prometheus unchanged
service/istio-citadel unchanged
service/servicegraph created
service/istio-sidecar-injector unchanged
deployment.extensions/istio-galley configured
deployment.extensions/istio-ingressgateway configured
deployment.extensions/grafana unchanged
deployment.extensions/istio-policy configured
deployment.extensions/istio-telemetry configured
deployment.extensions/istio-pilot configured
deployment.extensions/prometheus unchanged
deployment.extensions/istio-citadel configured
deployment.extensions/servicegraph created
deployment.extensions/istio-sidecar-injector configured
deployment.extensions/istio-tracing unchanged
horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged
horizontalpodautoscaler.autoscaling/istio-policy unchanged
horizontalpodautoscaler.autoscaling/istio-telemetry unchanged
horizontalpodautoscaler.autoscaling/istio-pilot unchanged
service/jaeger-query unchanged
service/jaeger-collector unchanged
service/jaeger-agent unchanged
service/zipkin unchanged
service/tracing unchanged
mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured
attributemanifest.config.istio.io/istioproxy unchanged
attributemanifest.config.istio.io/kubernetes unchanged
metric.config.istio.io/requestcount unchanged
metric.config.istio.io/requestduration unchanged
metric.config.istio.io/requestsize unchanged
metric.config.istio.io/responsesize unchanged
metric.config.istio.io/tcpbytesent unchanged
metric.config.istio.io/tcpbytereceived unchanged
metric.config.istio.io/tcpconnectionsopened unchanged
metric.config.istio.io/tcpconnectionsclosed unchanged
handler.config.istio.io/prometheus unchanged
rule.config.istio.io/promhttp unchanged
rule.config.istio.io/promtcp unchanged
rule.config.istio.io/promtcpconnectionopen unchanged
rule.config.istio.io/promtcpconnectionclosed unchanged
handler.config.istio.io/kubernetesenv unchanged
rule.config.istio.io/kubeattrgenrulerule unchanged
rule.config.istio.io/tcpkubeattrgenrulerule unchanged
kubernetes.config.istio.io/attributes unchanged
destinationrule.networking.istio.io/istio-policy unchanged
destinationrule.networking.istio.io/istio-telemetry unchanged
如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。
[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment.extensions/tiller-deploy patched
2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress
[root@master istio-1.1.]# vim ingress-istio.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: prometheus
namespace: istio-system
spec:
rules:
- host: prometheus.istio.io
http:
paths:
- path: /
backend:
serviceName: prometheus
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grafana
namespace: istio-system
spec:
rules:
- host: grafana.istio.io
http:
paths:
- path: /
backend:
serviceName: grafana
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: servicegraph
namespace: istio-system
spec:
rules:
- host: servicegraph.istio.io
http:
paths:
- path: /
backend:
serviceName: servicegraph
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tracing
namespace: istio-system
spec:
rules:
- host: tracing.istio.io
http:
paths:
- path: /
backend:
serviceName: tracing
servicePort:
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml
通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
http://servicegraph.istio.io/dotgraph: 提供点序列化.
http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:
参考:https://www.sohu.com/a/244910852_684389
helm安装kubernetes的插件istio的更多相关文章
- Centos 使用kubeadm安装Kubernetes 1.15.3
本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...
- ARM架构安装Kubernetes集群
背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...
- Kubernetes-使用Helm安装istio
添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...
- kubernetes包管理工具Helm安装
helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...
- kubernetes实战(十):k8s使用Helm安装harbor
1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...
- 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/
本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...
- 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm
Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...
- kubernetes实战篇之helm安装
系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...
- Helm 安装部署Kubernetes的dashboard
Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...
随机推荐
- ES6解构
解构:“解开--重构” 1.数组的解构: //数组的解构: // let arr=[1,2,3,6] // let[a,b,c,d]=arr; // console.log(a,b,c,d)// 1, ...
- 微信小程序のwxml绑定
一.微信小程序文件的构成 微信小程序包括js文件.json文件.wxml文件.wxss文件.wxs文件.js文件是展现界面的,注册这个程序的的页面,一般一个大写的Page({ })嵌入: json文件 ...
- 2019_7_30python
当6引号给予变量的时候,变为字符串 6引号注释多行 语言元素 python中大小写敏感 不要和关键字 print( a + b ) print( a - b ) print( a * b ) prin ...
- 爬虫那些事儿--Http返回码
由于爬虫的抓取也是使用http协议交互.因此需要了解Http的各种返回码所代表的意义,才能判断爬虫的执行结果. 返回码如下: 100 Continue 初始的请求已经接受,客户应当继续发送请求的其余部 ...
- jquery获取select选中项 自定义属性的值
<select id="serialNo" > <option value=''1' data-id="001">第一次</opt ...
- C/C++ 智能指针
// 转载自 :https://www.cnblogs.com/wuyepeng/p/9741241.html { 为什么要使用智能指针:我们知道c++的内存管理是让很多人头疼的事,当我们写一个new ...
- bzoj1057: [ZJOI2007]棋盘制作 [dp][单调栈]
Description 国际象棋是世界上最古老的博弈游戏之一,和中国的围棋.象棋以及日本的将棋同享盛名.据说国际象棋起源 于易经的思想,棋盘是一个8*8大小的黑白相间的方阵,对应八八六十四卦,黑白对应 ...
- python从入门到大神---1、初始化实例、类属性、方法
python从入门到大神---1.初始化实例.类属性.方法 一.总结 一句话总结: 方法不加括号是代码段:感觉python方法和js,php很类似,不加括号是代码段,加括号变成方法,比如f,f() 1 ...
- Python正则表达式如何进行字符串替换实例
Python正则表达式如何进行字符串替换实例 Python正则表达式在使用中会经常应用到字符串替换的代码.有很多人都不知道如何解决这个问题,下面的代码就告诉你其实这个问题无比的简单,希望你有所收获. ...
- jsp-提交表单乱码解决
jsp提交表单有两种方式,一种是get,一种是post,对于两种方式都可能出现乱码,以下给出两种乱码方式的解决方案. 1.post提交解决乱码 //设置解码方式,post提交解决乱码 比较简单 req ...