下载 Istio
转到 Istio 发布https://github.com/istio/istio/releases/tag/1.12.0 页面,下载针对你操作系统的安装文件, 或用自动化工具下载并提取最新版本(Linux 或 macOS):
$ curl -L https://istio.io/downloadIstio | sh -
上面的命令下载最新版本(用数值表示)的 Istio。 你可以给命令行传递变量,用来下载指定的、不同处理器体系的版本。 例如,下载 x86_64 架构的、1.6.8 版本的 Istio ,运行:
$ curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.6.8 TARGET_ARCH=x86_64 sh -
转到 Istio 包目录。例如,如果包是 istio-1.12.0:
$ cd istio-1.12.0
安装目录包含:
samples/ 目录下的示例应用程序
bin/ 目录下的 istioctl 客户端二进制文件 .
将 istioctl 客户端加入搜索路径(Linux or macOS):
$ export PATH=$PWD/bin:$PATH
安装 Istio
对于本次安装,我们采用 demo 配置组合https://istio.io/latest/zh/docs/setup/additional-setup/config-profiles/。 选择它是因为它包含了一组专为测试准备的功能集合,另外还有用于生产或性能测试的配置组合。
如果你的平台有供应商提供的配置组合,比如:Openshift,则在下面命令中替换掉 demo 配置项。更多细节请参阅你的 平台说明https://istio.io/latest/zh/docs/setup/platform-setup/
前提:
手动pull镜像——》打tag——〉推送至自己仓库
335 2021-12-08 16:50:44 docker pull docker.io/istio/pilot:1.12.0
380 2021-12-08 17:00:07 docker pull docker.io/istio/proxyv2:1.12.0
388 2021-12-08 17:03:33 docker pull docker.io/istio/proxyv2:1.12.0
447 2021-12-08 17:39:14 docker pull docker.io/istio/pilot:1.12.0
490 2021-12-08 19:21:52 docker pull docker.io/istio/examples-bookinfo-ratings-v1:1.16.2
docker pull docker.io/istio/examples-bookinfo-reviews-v1:1.16.2
[root@VM-0-44-centos istio-1.12.0]# istioctl install --set .values.global.hub="10.8.0.44:60080/ti-platform/istio" --set profile=demo -y
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/v1.12/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
! values.global.jwtPolicy is deprecated; use Values.global.jwtPolicy=third-party-jwt. See http://istio.io/latest/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for more information instead
✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete Making this installation the default for injection and validation.
Thank you for installing Istio 1.12. Please take a few minutes to tell us about your install/upgrade experience! https://forms.gle/FegQbc9UvePd4Z9z7
给命名空间添加标签,指示 Istio 在部署应用的时候,自动注入 Envoy 边车代理:
$ kubectl label namespace default istio-injection=enabled
namespace/default labeled
部署示例应用
部署 Bookinfo 示例应用:
yaml地址链接:https://raw.githubusercontent.com/istio/istio/release-1.12/samples/bookinfo/platform/kube/bookinfo.yaml
[root@VM-0-44-centos istio-1.12.0]# kubectl apply -f bookinfo.yaml
I1208 19:51:39.065426 248323 request.go:655] Throttling request took 1.181729118s, request: GET:https://127.0.0.1:6443/apis/extensions.istio.io/v1alpha1?timeout=32s
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
应用很快会启动起来。当每个 Pod 准备就绪时,Istio 边车代理将伴随它们一起部署。
[root@VM-0-44-centos istio-1.12.0]# kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
details ClusterIP 10.108.92.31 <none> 9080/TCP 68s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 28h
productpage ClusterIP 10.97.148.241 <none> 9080/TCP 68s
ratings ClusterIP 10.106.39.66 <none> 9080/TCP 68s
reviews ClusterIP 10.98.207.124 <none> 9080/TCP 68s
重新运行前面的命令,在执行下面步骤之前,要等待并确保所有的 Pod 达到此状态: 就绪状态(READY)的值为 2/2 、状态(STATUS)的值为 Running 。 基于你平台的不同,这个操作过程可能会花费几分钟的时间。
验证方方面面均工作无误。运行下面命令,通过检查返回的页面标题,来验证应用是否已在集群中运行,并已提供网页服务:
kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -s productpage:9080/productpage | grep -o "<title>.*</title>"
1492
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
