安装Istio
一、概述
在安装 Istio 之前,需要一个运行着 Kubernetes 的兼容版本的 cluster。
Istio 1.8 已经在 Kubernetes 版本 1.16, 1.17, 1.18, 1.19 中测试过。
- 通过选择合适的 platform-specific setup instructions 来创建一个集群。
有些平台提供了 managed control plane,您可以使用它来代替手动安装 Istio。如果您选择的平台支持这种方式,并且您选择使用它,那么,在创建完集群后,您将完成 Istio 的安装。因此,可以跳过以下说明。
二、下载 Istio
环境说明
操作系统:centos 7.6 主机名:k8s-master ip地址:192.168.31.236 配置:2核2g
操作系统:centos 7.6 主机名:k8s-node01 ip地址:192.168.31.16 配置:2核4g
下载 Istio,下载内容将包含:安装文件、示例和 istioctl 命令行工具。
1. 访问 Istio release 页面下载与您操作系统对应的安装文件。在 macOS 或 Linux 系统中,也可以通过以下命令下载最新版本的 Istio: 注意:官方文档给的命令:
curl -L https://istio.io/downloadIstio | sh -是无法执行的,提示:curl: (7) Failed connect to raw.githubusercontent.com:443; 拒绝连接
下载最新版本:1.81.1
wget https://github.com/istio/istio/releases/download/1.8.1/istio-1.8.1-linux-amd64.tar.gztar zxvf istio-1.8.1-linux-amd64.tar.gz -C /usr/local/设置环境变量
echo 'export ISTIO_HOME=/usr/local/istio-1.8.1' >> /etc/profileecho 'export PATH=$PATH:$ISTIO_HOME/bin' >> /etc/profile加载变量
source /etc/profile查看版本
istioctl version使用 istioctl 的安装方式
在学习、实验环境我们可以选择 demo 这个 profile 进行安装,如下示例:
istioctl install --set profile=demo -y查看istio相应的 namespace 和 pod 是否已经正常创建:
[root@k8s-master ~]# kubectl get ns |grep istioistio-system Active 82m查看pods
[root@k8s-master ~]# kubectl get pods -n istio-system
NAME READY STATUS RESTARTS AGE
istio-egressgateway-6f9f4ddc9c-2sjgk 1/1 Running 0 2m33s
istio-ingressgateway-78b47bc88b-85fd8 1/1 Running 0 2m33s
istiod-67dbfcd4dd-qq5kg 1/1 Running 0 3m7s检查 istio 的 CRD 和 API 资源:
[root@k8s-master ~]# kubectl get crd |grep istio
authorizationpolicies.security.istio.io 2021-01-04T10:10:26Z
destinationrules.networking.istio.io 2021-01-04T10:10:26Z
envoyfilters.networking.istio.io 2021-01-04T10:10:26Z
gateways.networking.istio.io 2021-01-04T10:10:26Z
istiooperators.install.istio.io 2021-01-04T10:10:26Z
peerauthentications.security.istio.io 2021-01-04T10:10:26Z
requestauthentications.security.istio.io 2021-01-04T10:10:26Z
serviceentries.networking.istio.io 2021-01-04T10:10:26Z
sidecars.networking.istio.io 2021-01-04T10:10:26Z
virtualservices.networking.istio.io 2021-01-04T10:10:26Z
workloadentries.networking.istio.io 2021-01-04T10:10:27Z
workloadgroups.networking.istio.io 2021-01-04T10:10:27Z
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl api-resources |grep istio
istiooperators iop,io install.istio.io true IstioOperator
destinationrules dr networking.istio.io true DestinationRule
envoyfilters networking.istio.io true EnvoyFilter
gateways gw networking.istio.io true Gateway
serviceentries se networking.istio.io true ServiceEntry
sidecars networking.istio.io true Sidecar
virtualservices vs networking.istio.io true VirtualService
workloadentries we networking.istio.io true WorkloadEntry
workloadgroups wg networking.istio.io true WorkloadGroup
authorizationpolicies security.istio.io true AuthorizationPolicy
peerauthentications pa security.istio.io true PeerAuthentication
requestauthentications ra security.istio.io true RequestAuthentication
[root@k8s-master ~]#安装 dashboard 组件。命令如下:
kubectl apply -f /usr/local/istio-1.8.1/samples/addons -n istio-system输出:
serviceaccount/grafana created
configmap/grafana created
service/grafana created
deployment.apps/grafana created
configmap/istio-grafana-dashboards created
configmap/istio-services-grafana-dashboards created
deployment.apps/jaeger created
service/tracing created
service/zipkin created
service/jaeger-collector created
customresourcedefinition.apiextensions.k8s.io/monitoringdashboards.monitoring.kiali.io created
serviceaccount/kiali created
configmap/kiali created
clusterrole.rbac.authorization.k8s.io/kiali-viewer created
clusterrole.rbac.authorization.k8s.io/kiali created
clusterrolebinding.rbac.authorization.k8s.io/kiali created
service/kiali created
deployment.apps/kiali created
serviceaccount/prometheus created
configmap/prometheus created
clusterrole.rbac.authorization.k8s.io/prometheus created
clusterrolebinding.rbac.authorization.k8s.io/prometheus created
service/prometheus created
deployment.apps/prometheus created
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"将istio-ingressgateway改为NodePort方式,方便访问
kubectl patch service istio-ingressgateway -n istio-system -p '{"spec":{"type":"NodePort"}}'本文参考链接:
本文参与 腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2021-01-13 ,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读