helm安装kubernetes的插件istio
1.安装istio
要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值
怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options
模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/
certmanagergalleygatewaysglobalgrafanaistio_cniistiocorednskialimixernodeagentpilotprometheussecurityservicegraphsidecarInjectorWebhooktracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \
--name istio --namespace istio-system \
--set sidecarInjectorWebhook.enabled=true \
--set ingress.service.type=NodePort \
--set gateways.istio-ingressgateway.type=NodePort \
--set gateways.istio-egressgateway.type=NodePort \
--set tracing.enabled=true \
--set servicegraph.enabled=true \
--set prometheus.enabled=true \
--set tracing.jaeger.enabled=true \
--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml
poddisruptionbudget.policy/istio-galley unchanged
poddisruptionbudget.policy/istio-ingressgateway unchanged
poddisruptionbudget.policy/istio-policy unchanged
poddisruptionbudget.policy/istio-telemetry unchanged
poddisruptionbudget.policy/istio-pilot unchanged
configmap/istio-galley-configuration unchanged
configmap/istio-grafana-custom-resources unchanged
configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged
configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged
configmap/istio-grafana unchanged
configmap/prometheus unchanged
configmap/istio-security-custom-resources unchanged
configmap/istio configured
configmap/istio-sidecar-injector configured
serviceaccount/istio-galley-service-account unchanged
serviceaccount/istio-ingressgateway-service-account unchanged
serviceaccount/istio-grafana-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged
job.batch/istio-grafana-post-install-1.1. unchanged
serviceaccount/istio-mixer-service-account unchanged
serviceaccount/istio-pilot-service-account unchanged
serviceaccount/prometheus unchanged
serviceaccount/istio-cleanup-secrets-service-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged
job.batch/istio-cleanup-secrets-1.1. unchanged
serviceaccount/istio-security-post-install-account unchanged
clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged
job.batch/istio-security-post-install-1.1. unchanged
serviceaccount/istio-citadel-service-account unchanged
serviceaccount/istio-sidecar-injector-service-account unchanged
serviceaccount/istio-multi unchanged
clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged
clusterrole.rbac.authorization.k8s.io/istio-reader unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged
clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged
role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged
service/istio-galley unchanged
service/istio-ingressgateway configured
service/grafana unchanged
service/istio-policy unchanged
service/istio-telemetry unchanged
service/istio-pilot unchanged
service/prometheus unchanged
service/istio-citadel unchanged
service/servicegraph created
service/istio-sidecar-injector unchanged
deployment.extensions/istio-galley configured
deployment.extensions/istio-ingressgateway configured
deployment.extensions/grafana unchanged
deployment.extensions/istio-policy configured
deployment.extensions/istio-telemetry configured
deployment.extensions/istio-pilot configured
deployment.extensions/prometheus unchanged
deployment.extensions/istio-citadel configured
deployment.extensions/servicegraph created
deployment.extensions/istio-sidecar-injector configured
deployment.extensions/istio-tracing unchanged
horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged
horizontalpodautoscaler.autoscaling/istio-policy unchanged
horizontalpodautoscaler.autoscaling/istio-telemetry unchanged
horizontalpodautoscaler.autoscaling/istio-pilot unchanged
service/jaeger-query unchanged
service/jaeger-collector unchanged
service/jaeger-agent unchanged
service/zipkin unchanged
service/tracing unchanged
mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured
attributemanifest.config.istio.io/istioproxy unchanged
attributemanifest.config.istio.io/kubernetes unchanged
metric.config.istio.io/requestcount unchanged
metric.config.istio.io/requestduration unchanged
metric.config.istio.io/requestsize unchanged
metric.config.istio.io/responsesize unchanged
metric.config.istio.io/tcpbytesent unchanged
metric.config.istio.io/tcpbytereceived unchanged
metric.config.istio.io/tcpconnectionsopened unchanged
metric.config.istio.io/tcpconnectionsclosed unchanged
handler.config.istio.io/prometheus unchanged
rule.config.istio.io/promhttp unchanged
rule.config.istio.io/promtcp unchanged
rule.config.istio.io/promtcpconnectionopen unchanged
rule.config.istio.io/promtcpconnectionclosed unchanged
handler.config.istio.io/kubernetesenv unchanged
rule.config.istio.io/kubeattrgenrulerule unchanged
rule.config.istio.io/tcpkubeattrgenrulerule unchanged
kubernetes.config.istio.io/attributes unchanged
destinationrule.networking.istio.io/istio-policy unchanged
destinationrule.networking.istio.io/istio-telemetry unchanged
如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。
[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment.extensions/tiller-deploy patched
2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress
[root@master istio-1.1.]# vim ingress-istio.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: prometheus
namespace: istio-system
spec:
rules:
- host: prometheus.istio.io
http:
paths:
- path: /
backend:
serviceName: prometheus
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grafana
namespace: istio-system
spec:
rules:
- host: grafana.istio.io
http:
paths:
- path: /
backend:
serviceName: grafana
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: servicegraph
namespace: istio-system
spec:
rules:
- host: servicegraph.istio.io
http:
paths:
- path: /
backend:
serviceName: servicegraph
servicePort:
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tracing
namespace: istio-system
spec:
rules:
- host: tracing.istio.io
http:
paths:
- path: /
backend:
serviceName: tracing
servicePort:
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml
通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
http://servicegraph.istio.io/dotgraph: 提供点序列化.
http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:
参考:https://www.sohu.com/a/244910852_684389
helm安装kubernetes的插件istio的更多相关文章
- Centos 使用kubeadm安装Kubernetes 1.15.3
本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...
- ARM架构安装Kubernetes集群
背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...
- Kubernetes-使用Helm安装istio
添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...
- kubernetes包管理工具Helm安装
helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...
- kubernetes实战(十):k8s使用Helm安装harbor
1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...
- 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/
本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...
- 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm
Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...
- kubernetes实战篇之helm安装
系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...
- Helm 安装部署Kubernetes的dashboard
Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...
随机推荐
- Java 整型数组只有一个整数是只出现一次的,其余都出现两次
package writtenExamination; /** * @author lindaZ * @date 2015年10月22日 * @todo 找出数组中仅出现一次的数,其余数字出现两次 * ...
- nginx防DDOS、cc、爬虫攻击
一.防止DDOS.CC攻击 http { limit_conn_zone $binary_remote_addr zone=perip:10m; limit_conn_zone $server_nam ...
- 安装php 在阿里云yum源的环境
yum -y install httpd mysql mysql-server php php-mysql postgresql postgresql-server php-postgresql ph ...
- K-mean matlab 实现代码
一.K均值聚类算法 算法步骤如下: 1.初始化 已知数据集合X,及事先指定聚类的总类数N,在X中随机选取N个对象作为初始的聚类中心. 2.设定迭代终止条件 通常设置最大循环次数或者聚类中心的变化误差. ...
- Spring中使用到的设计模式
1.工厂模式:Beanfactory和ApplicationContext 2.单例模式:bean的构建 3.代理模式:AOP 4.模板模式:jdbcTemplate,hibernateTemplat ...
- Redis Desktop Manager可视化工具连接不上redis
1.在centos中启动redis之后,redis进程也是可查的,但是一连接可视化工具就报错: can't connect to redis-server 2.原因分析: ①首先redis是肯定已经开 ...
- 【JZOJ6411】上网
description analysis 如果把所有大小关系连成边,小的往大的连,就可以直接上拓扑 暴力连边时间复杂度\(O(n^2)\),然而连边的过程,考虑用线段树优化 线段树上的所有儿子节点向父 ...
- wordpress添加视频弹窗插件Video PopUp
Video PopUp 给外部div 添加class类名:class="main-play" a链接添加 class="vp-a" 测试链接地址:https: ...
- Dart编程数据类型
编程语言最基本的特征之一是它支持的数据类型集.这些是可以用编程语言表示和操作的值的类型. Dart语言支持以下类型 数字 字符串 布尔 列表list map 数字 Dart中的数字用于表示数字文字.D ...
- BZOJ 3779: 重组病毒(线段树+lct+树剖)
题面 escription 黑客们通过对已有的病毒反编译,将许多不同的病毒重组,并重新编译出了新型的重组病毒.这种病毒的繁殖和变异能力极强.为了阻止这种病毒传播,某安全机构策划了一次实验,来研究这种病 ...