Installing Istio on Kubernetes Engine – Linux Guru

Spread the love
image source mobilemarketingmagazine.

Istio is an open source framework for connecting, monitoring, and securing microservices, including services running on Kubernetes Engine. This tutorial shows you how to install and configure Istio on GKE and deploy an Istio-enabled multi-service application.

Before you begin : 
1. Kubectl.
2. gcloud auth.
3. kubernetes cluster.

Create Kubernetes Cluster.
Let’s create first kubernetes cluster, Run the following command to create Kubernetes cluster in GCP.
$ gcloud container clusters create istio –machine-type=n1-standard-2 –num-nodes=3

Download and install Istio.
Go to the istio official page to download the installation file.

Extract the istio downloded file. 

  1. YAML file for kubernetes stores in install/ Directory.
  2. istioctl binary locate from bin/ directory.istioctl is used when manually injecting Envoy as a sidecar proxy and for creating routing rules and policies.

Move the istioctl file to the /usr/local/bin directory.
$ mv bin/istioctl /usr/local/bin/
$ chmod /usr/local/bin/istioctl
$ istioctl help

Grant cluster admin permissions to the current user.
$ kubectl create clusterrolebinding $USER-cluster-admin-binding –clusterrole=cluster-admin –user=yourprojectemail

Install Istio core components.
$ kubectl apply -f install/kubernetes/istio-demo-auth.yaml

This does the following:

  • creates the istio-system namespace along with the required RBAC permissions
  • deploys the core Istio components:
  • Istio-Pilot, which is responsible for service discovery and for configuring the Envoy sidecar proxies in an Istio service mesh.
  • The Mixer components Istio-Policy and Istio-Telemetry, which enforce usage policies and gather telemetry data across the service mesh.
  • Istio-Ingressgateway, which provides an ingress point for traffic from outside the cluster.
  • Istio-Citadel, which automates key and certificate management for Istio.
  • deploys plugins for metrics, logs, and tracing.
See also  Explain services types of kuberntes

Verify Istio installation.

Ensure the corresponding Kubernetes pods are deployed and all containers are up and running: istio-pilot-*, istio-policy-*, istio-telemetry-*, istio-ingressgateway-*, and istio-citadel-*.

Deploy the BookInfo sample application.
once istio installed, we will try to deploy sample application. For this tutorial we will use bookinfo. This is a simple bookstore application with four services that provide web productpage, book details, reviews and can find the source code from here samples/bookinfo .

Clone in to your pc.

go to the directory and run the below command.Deploy the application using kubectl apply and istioctl kube-inject. The kube-inject command updates the BookInfo deployment so that a sidecar is deployed in each application pod along with the service.
$ kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)

Confirm the application has been deployed.
$ kubectl get services

Finally, define the ingress gateway routing for the application:
$ kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

Validate the application deployment, Getting the ingress IP and port.
$ kubectl get svc istio-ingressgateway -n istio-system

Check your application from browser using ingress ip.

Some of the reference are taken from google documentation. You can also refer it from here.


Leave a Comment