-
-
Save rupakg/b82ea8460bb4976eb723ccb5e85ed981 to your computer and use it in GitHub Desktop.
Istio Cookbook: Kiali Recipe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1] Open https://console.cloud.google.com/ with your gmail account | |
| [2] Create a Project / Choose a Project you have access to. | |
| [3] Activate "Cloud Shell" | |
| [4] Prepare a GKE cluster using | |
| https://istio.io/latest/docs/setup/platform-setup/gke/ | |
| export PROJECT_ID=`gcloud config get-value project` && \ | |
| export M_TYPE=n1-standard-2 && \ | |
| export ZONE=us-west2-a && \ | |
| export CLUSTER_NAME=${PROJECT_ID}-${RANDOM} && \ | |
| gcloud services enable container.googleapis.com && \ | |
| gcloud container clusters create $CLUSTER_NAME \ | |
| --cluster-version latest \ | |
| --machine-type=$M_TYPE \ | |
| --num-nodes 4 \ | |
| --zone $ZONE \ | |
| --project $PROJECT_ID | |
| gcloud container clusters get-credentials $CLUSTER_NAME \ | |
| --zone $ZONE \ | |
| --project $PROJECT_ID | |
| [5] Take Cluster details | |
| NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS | |
| kiali-recipe-mark-01-29341 us-west2-a 1.18.15-gke.1500 35.235.77.110 n1-standard-2 1.18.15-gke.1500 4 RUNNING | |
| [6] Basic cluster test | |
| kubectl get nodes | |
| NAME STATUS ROLES AGE VERSION | |
| gke-kiali-recipe-mark-01-default-pool-247fe88a-3167 Ready <none> 5m4s v1.18.15-gke.1500 | |
| gke-kiali-recipe-mark-01-default-pool-247fe88a-j8tt Ready <none> 5m4s v1.18.15-gke.1500 | |
| gke-kiali-recipe-mark-01-default-pool-247fe88a-w5qz Ready <none> 5m4s v1.18.15-gke.1500 | |
| gke-kiali-recipe-mark-01-default-pool-247fe88a-xf7c Ready <none> 5m5s v1.18.15-gke.1500 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1] Open a X session to a linux box where you have a minikube installed | |
| ssh -X neorecopolis | |
| lponce@neorecopolis:~$ minikube version | |
| minikube version: v1.17.1 | |
| commit: 043bdca07e54ab6e4fc0457e3064048f34133d7e | |
| $ kubectl version | |
| Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.2", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:28:09Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"} | |
| [2] Create a Minikube cluster, adjust your memory/cpu | |
| # Platform Setup | |
| minikube config set vm-driver kvm2 | |
| minikube start --memory=16384 --cpus=4 --kubernetes-version=v1.20.2 | |
| [3] Start minikube tunnel | |
| minikube tunnel | |
| [4] Open a new X session to your linux box, test the cluster accesss | |
| ssh -X neorecopolis | |
| kubectl get nodes | |
| NAME STATUS ROLES AGE VERSION | |
| minikube Ready control-plane,master 4m23s v1.20.2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1] Follow https://istio.io/latest/docs/setup/getting-started/ | |
| [2] Steps | |
| curl -L https://istio.io/downloadIstio | sh - | |
| cd istio-1.9.0 | |
| export PATH=$PWD/bin:$PATH | |
| [3] Important, check the PATH (GCP ships an old Istio 1.8 by default) | |
| istioctl version | |
| no running Istio pods in "istio-system" | |
| 1.9.0 | |
| [4] Install the demo profile | |
| istioctl install --set profile=demo -y | |
| [5] Demo App | |
| kubectl label namespace default istio-injection=enabled | |
| kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml | |
| [6] Test Demo App (Check/Wait until your Pods are up and running) | |
| kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>" | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1] Install Gateway for Demo App | |
| kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml | |
| [2] Get the external IP https://istio.io/latest/docs/setup/getting-started/#determining-the-ingress-ip-and-ports | |
| kubectl get svc istio-ingressgateway -n istio-system | |
| [3] Update a local DNS name for bookinfo with the istio-ingressgateway public IP | |
| Note, the /etc/hosts should be used where you will open your browser | |
| Linux | |
| sudo vi /etc/hosts | |
| 35.236.100.43 bookinfo.lucas-cluster.org | |
| [4] Verify your local DNS http://bookinfo.lucas-cluster.org/productpage | |
| [5] Note, you can use a public DNS and register the ingress IP with your domain, just take the time to refresh the DNS caches |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1] Install https://istio.io/latest/docs/setup/getting-started/#dashboard | |
| kubectl apply -f samples/addons | |
| [2] Update a local DNS name for kiali with the istio-ingressgateway public IP | |
| 35.236.100.43 kiali.lucas-cluster.org | |
| Note that for my cluster INGRESS_DOMAIN="lucas-cluster.org" but you can adjust this with your name | |
| [3] Expose Kiali through the Ingress | |
| We are in a demo environment, we will use the Option 2: Plain HTTP | |
| https://istio.io/latest/docs/tasks/observability/gateways/#option-2-insecure-access-http | |
| Only exposing Kiali is necessary for the workshop. | |
| Adjust the INGRESS_DOMAIN to your local DNS entry, that's important | |
| export INGRESS_DOMAIN="lucas-cluster.org" | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: Gateway | |
| metadata: | |
| name: kiali-gateway | |
| namespace: istio-system | |
| spec: | |
| selector: | |
| istio: ingressgateway | |
| servers: | |
| - port: | |
| number: 80 | |
| name: http-kiali | |
| protocol: HTTP | |
| hosts: | |
| - "kiali.${INGRESS_DOMAIN}" | |
| --- | |
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: VirtualService | |
| metadata: | |
| name: kiali-vs | |
| namespace: istio-system | |
| spec: | |
| hosts: | |
| - "kiali.${INGRESS_DOMAIN}" | |
| gateways: | |
| - kiali-gateway | |
| http: | |
| - route: | |
| - destination: | |
| host: kiali | |
| port: | |
| number: 20001 | |
| --- | |
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: DestinationRule | |
| metadata: | |
| name: kiali | |
| namespace: istio-system | |
| spec: | |
| host: kiali | |
| trafficPolicy: | |
| tls: | |
| mode: DISABLE | |
| --- | |
| EOF | |
| [4] Verify that you can resolve from your browser http://kiali.lucas-cluster.org | |
| Note, this method only works in your local machine as your are updating a local host name, but you could update a public DNS entry instead. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment