Advertising | Kubernetes versions of the offline installation package
Congratulations on Istio1.0 's release, a tutorial
Installation
Install k8s strong interstitial ads
Three-step installation, not much to say
installation Helm, recommended production environment with Helm installation, can be adjusted
Release address
As I used the 2.9.1 version
yum install -y socat # 这个不装会报错
[root@istiohost ~]# wget https://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz[root@istiohost ~]# tar zxvf helm-v2.9.1-linux-amd64.tar.gz[root@istiohost ~]# cp linux-amd64/helm /usr/bin
First create a service account to give the administrator permissions to helm:
[root@istiohost ~]# cat helmserviceaccount.yamlapiVersion: v1kind: ServiceAccountmetadata: name: tiller namespace: kube-system---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: tiller-clusterrolebindingsubjects:- kind: ServiceAccount name: tiller namespace: kube-systemroleRef: kind: ClusterRole name: cluster-admin apiGroup: ""
kubectl create -f helmserviceaccount.yaml
Install Helm Server tiller:
helm init --service-account tiller # 如果已安装更新加 --upgrade 参数helm list #没任何返回表示成功
Installing Istio
curl -L https://git.io/getLatestIstio | sh -cd istio-1.0.0/export PATH=$PWD/bin:$PATH
Helm 2.10.0 Previous versions need to install CRD:
kubectl apply -f install/kubernetes/helm/istio/templates/crds.yamlkubectl apply -f install/kubernetes/helm/istio/charts/certmanager/templates/crds.yaml
Install Istio, because you do not have lb, so use Nodeport instead:
helm install install/kubernetes/helm/istio --name istio --namespace istio-system --set gateways.istio-ingressgateway.type=NodePort --set gateways.istio-egressgateway.type=NodePort
Installation succeeded:
[Root@istiohost istio-1.0.0]# Kubectl get pod-n istio-systemname ready STATUS Restarts AGEISTIO-CITADEL-7D8F9748C5-NTQNP 1/1 Running 0 5mistio-egressgateway-676c8546 C5-2w4cq 1/1 Running 0 5mistio-galley-5669f7c9b-mkxjg 1/1 Running 0 5MISTIO-INGRESSGATEWAY-5475685BBB-96MBR 1/1 Running 0 5mistio-pilot-5795d6d695-gr4h4 2/2 Running 0 5MISTIO-POLICY-7F945BF487-GKPXR 2/2 Running 0 5mistio-sid ECAR-INJECTOR-D96CD9459-674PK 1/1 Running 0 5mistio-statsd-prom-bridge-549d687fd9-6cbzs 1/1 Running 0 5MISTIO-TELEMETRY-6C587BDBC4-JNDJN 2/2 Running 0 5mprometheus-6ffc56584f- 98MR9 1/1 Running 0 5m[root@istiohost istio-1.0.0]# kubectl get svc-n istio-systemname TYPE cluster-ip external-ip PORT (S) Ageistio-citadel Clusterip 10.108.253.89 <none> 8060/tcp,9093/tcp 5mistio-egressgateway No Deport 10.96.151.14 <none> 80:30830/tcp,443:30038/tcp 5mistio-galley Clusterip 10.102.83.130 <none> 443/tcp,909 3/tcp 5mistio-ingressgateway Nodeport 10.99.194.13 <none> 80:31380/tcp,443:31390/tcp,31400:31400/tcp,15011:31577/tcp,8060:30037 /tcp,15030:31855/tcp,15031:30775/tcp 5mistio-pilot clusterip 10.101.4.143 <none> 15010 /TCP,15011/TCP,8080/TCP,9093/tcp 5mistio-policy Clusterip 10 .106.221.68 <none> 9091/tcp,15004/tcp,9093/tcp 5mistio-sidecar-injector Clusterip 10.100.5.170 <none> 443/tcp 5mistio-statsd-prom-bridge Clusteri P 10.107.28.242 <none> 9102/tcp,9125/udp 5mistio-telemetry Clusterip 10.105.66.20 <none> 9091/tcp,15004/tc P,9093/tcp,42422/tcp 5mprometheus Cl Usterip 10.103.128.152 <none> 9090/tcpUsing tutorials
Official website Case Bookinfo Application
There are three versions of the reviews service:
Data plane:
To install the application:
kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
Installation Complete:
[Root@istiohost istio-1.0.0]# kubectl get servicesname TYPE cluster-ip external-ip PORT (S) Agede Tails Clusterip 10.104.66.31 <none> 9080/tcp 2mkubernetes clusterip 10.96.0.1 <non e> 443/tcp 4hproductpage clusterip 10.109.68.13 <none> 9080/tcp 2mratings Cluster IP 10.99.55.110 <none> 9080/tcp 2mreviews clusterip 10.102.19.129 <none> 9080/t CP 2m[root@istiohost istio-1.0.0]# kubectl get podsname ready STATUS restarts aged ETAILS-V1-FC9649D9C-DPNLP 2/2 Running 0 2mproductpage-v1-58845c779c-7g8th 2/2 Running 0 2MRATINGS-V1-6CC485C997-FB7NH 2/2 Running 0 2mreviews-v1-76987687b7-x5n7z 2/2 Running 0 2MREVIEWS-V2-86749DCD5-XCHZB 2/2 Running 0 2MREVIEWS-V3-7F4746B959-NTHRQ 2/2 Running 0 2m Create a gateway that you can access outside of the cluster
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
Browser Access URL:
47.254.28.88 is my node IP, using Nodeport mode
Three consecutive clicks, you will find the right no star--Black star---Red Star switch, corresponding to three versions of the review, the default policy is polling
Create destination rules, configure routing access rules, and now poll
kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml
Smart Routing
Request Routing Requests Routing
Route based on version
Switch all routes to the V1 version
kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml
After this execution, no matter how to brush the page, we can not see the stars, because the V1 version of the star
You can see that the destination is like this:
http: - route: - destination: host: details subset: v1
Just imagine how easy it would be for us to do version switching.
Based on user routing
kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml
You'll see the Black Stars when you log in with a Jason user, and other ways to see the pages are no stars.
Because this user has gone V2 version, can not be powerful? Of course, it can be routed according to the header or something, so I won't say much.
http: - match: - headers: end-user: exact: jason route: - destination: host: reviews subset: v2 - route: - destination: host: reviews subset: v1
Fault injection Fault Injection
kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yamlkubectl apply -f samples/bookinfo/networking/virtual-service-reviews-test-v2.yaml
Suppose there is a bug in the code, user Jason, reviews:v2 access to ratings card 10s, we hope that end-to-end test can be completed normally
kubectl apply -f samples/bookinfo/networking/virtual-service-ratings-test-delay.yaml
Injection error gives Jason User A 7s delay
hosts: - ratings http: - fault: delay: fixedDelay: 7s percent: 100 match: - headers: end-user: exact: jason route: - destination: host: ratings subset: v1 - route: - destination: host: ratings subset: v1
The access page is obviously going to go wrong, because we want the 7s to return, so we find a bug that is delayed
Error fetching product reviews!Sorry, product reviews are currently unavailable for this book.
So we may be able to detect these anomalies through fault injection.
Link switch Traffic shifting
We first send 50% traffic to REVIEWS:V1 50% traffic sent to V3, and then 100% of the traffic are cut to V3
Cut 100% flow to V1
kubectl apply -f samples/bookinfo/networking/virtual-service-all-v1.yaml
No stars at this time, no matter how many times you brush
V1 v3 each 50% flow
kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-50-v3.yaml
- route: - destination: host: reviews subset: v1 weight: 50 - destination: host: reviews subset: v3 weight: 50
At this time there will be a star, a few stars, but it is not a polling algorithm
Full Cut v3
kubectl apply -f samples/bookinfo/networking/virtual-service-reviews-v3.yaml
At this point, no matter how the brush is hearts.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
