前提必须部署k8s,这里我的k8s版本是1.52.1,istio版本使用的1.5.5
一、准备istio离线包
1、下载istio
下载:https://github.com/istio/istio/releases/download/1.5.5/istio-1.5.5-linux.tar.gz
2、下载镜像
docker pull istio/proxyv2:1.5.5
docker pull grafana/grafana:6.5.2
docker pull jaegertracing/all-in-one:1.16
docker pull quay.io/kiali/kiali:v1.15
docker pull istio/pilot:1.5.5
docker pull prom/prometheus:v2.15.1
可以将下载得镜像使用docker save -o xxx.tar xxxx
保存成tar包保存至本地
将保存得tar包拷贝至镜像私服服务器,使用docker load -i xxx.tar
解压镜像
将解压的镜像打标签并推入自己的镜像私服
docker tag istio/proxyv2:1.5.5 192.168.100.91:80/istio/proxyv2:1.5.5
docker push 192.168.100.91:80/istio/proxyv2:1.5.5
docker tag grafana/grafana:6.5.2 192.168.100.91:80/grafana/grafana:6.5.2
docker push 192.168.100.91:80/grafana/grafana:6.5.2
docker tag jaegertracing/all-in-one:1.16 192.168.100.91:80/jaegertracing/all-in-one:1.16
docker push 192.168.100.91:80/jaegertracing/all-in-one:1.16
docker tag quay.io/kiali/kiali:v1.15 192.168.100.91:80/kiali/kiali:v1.15
docker push 192.168.100.91:80/kiali/kiali:v1.15
docker tag istio/pilot:1.5.5 192.168.100.91:80/istio/pilot:1.5.5
docker push 192.168.100.91:80/istio/pilot:1.5.5
docker tag prom/prometheus:v2.15.1 192.168.100.91:80/prom/prometheus:v2.15.1
docker push 192.168.100.91:80/prom/prometheus:v2.15.1
3、修改k8s各个节点,添加加速节点,将镜像私服配置进去
{
"exec-opts": ["native.cgroupdriver= cgroupfs"],
"insecure-registries":["192.168.100.91:80", "192.168.100.96:80", "quay.io", "k8s.gcr.io", "gcr.io", "docker.io"],
"registry-mirrors":["http://192.168.100.91:80"]
}
重启docker
systemctl daemon-reload
systemctl restart docker
各个k8s节点将docker.io添加到私服的hosts
vi /etc/host
添加
192.168.100.91 k8s-registry quay.io k8s.gcr.io gcr.io docker.io
二、安装istio
将istio-1.5.5-linux.tar.gz
拷贝至k8s的master节点
解压istio
tar -zvxf istio-1.5.5-linux.tar.gz
将istio添加至环境变量
echo "export PATH=$PATH:/root/istio/istio-1.5.5/bin" >>/etc/profile && source /etc/profile
安装:
istioctl manifest apply --set profile=demo
等一会安装成功后查看istio-system命名空间
为某个命令空间开启自动注入
kubectl label namespace 【命名空间】istio-injection=enabled
三、测试部署一个微服务
1、测试应用的介绍
https://blog.51cto.com/14268033/2479172
2、准备测试镜像
在有网得机器下载:
docker pull istio/examples-bookinfo-details-v1:1.15.1
docker pull istio/examples-bookinfo-ratings-v1:1.15.1
docker pull istio/examples-bookinfo-reviews-v1:1.15.1
docker pull istio/examples-bookinfo-reviews-v2:1.15.1
docker pull istio/examples-bookinfo-reviews-v3:1.15.1
docker pull istio/examples-bookinfo-productpage-v1:1.15.1
可以将下载得镜像使用docker save -o xxx.tar xxxx
保存成tar包保存至本地
将保存得tar包拷贝至镜像私服服务器,使用docker load -i xxx.tar
解压镜像
打标签并推送至镜像私服
docker tag istio/examples-bookinfo-details-v1 192.168.100.91:80/examples-bookinfo-details-v1:1.15.1
docker push 192.168.100.91:80/examples-bookinfo-details-v1:1.15.1
docker tag istio/examples-bookinfo-ratings-v1 192.168.100.91:80/istio/examples-bookinfo-ratings-v1:1.15.1
docker push 192.168.100.91:80/istio/examples-bookinfo-ratings-v1:1.15.1
docker tag istio/examples-bookinfo-reviews-v1 192.168.100.91:80/istio/examples-bookinfo-reviews-v1:1.15.1
docker push 192.168.100.91:80/istio/examples-bookinfo-reviews-v1:1.15.1
docker tag istio/examples-bookinfo-reviews-v2 192.168.100.91:80/examples-bookinfo-reviews-v2:1.15.1
docker push 192.168.100.91:80/examples-bookinfo-reviews-v2:1.15.1
docker tag istio/examples-bookinfo-reviews-v3 192.168.100.91:80/examples-bookinfo-reviews-v3:1.15.1
docker push 192.168.100.91:80/examples-bookinfo-reviews-v3:1.15.1
docker tag istio/examples-bookinfo-productpage-v1 192.168.100.91:80/examples-bookinfo-productpage-v1:1.15.1
docker push 192.168.100.91:80/examples-bookinfo-productpage-v1:1.15.1
3、部署微服务
修改bookinfo.yaml中的镜像为私服中的地址
将bookinfo.yaml拷贝至服务器master节点
# Copyright 2017 Istio Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
##################################################################################################
# This file defines the services, service accounts, and deployments for the Bookinfo sample.
#
# To apply all 4 Bookinfo services, their corresponding service accounts, and deployments:
#
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
#
# Alternatively, you can deploy any resource separately:
#
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l service=reviews # reviews Service
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l account=reviews # reviews ServiceAccount
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l app=reviews,version=v3 # reviews-v3 Deployment
##################################################################################################
##################################################################################################
# Details service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: details
labels:
app: details
service: details
spec:
ports:
- port: 9080
name: http
selector:
app: details
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-details
labels:
account: details
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: details-v1
labels:
app: details
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: details
version: v1
template:
metadata:
labels:
app: details
version: v1
spec:
serviceAccountName: bookinfo-details
containers:
- name: details
image: 192.168.100.91:80/examples-bookinfo-details-v1:1.15.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
##################################################################################################
# Ratings service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
service: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-ratings
labels:
account: ratings
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ratings-v1
labels:
app: ratings
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: ratings
version: v1
template:
metadata:
labels:
app: ratings
version: v1
spec:
serviceAccountName: bookinfo-ratings
containers:
- name: ratings
image: 192.168.100.91:80/istio/examples-bookinfo-ratings-v1:1.15.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
##################################################################################################
# Reviews service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
service: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-reviews
labels:
account: reviews
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v1
labels:
app: reviews
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v1
template:
metadata:
labels:
app: reviews
version: v1
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: 192.168.100.91:80/istio/examples-bookinfo-reviews-v1:1.15.1
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 9080
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v2
labels:
app: reviews
version: v2
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v2
template:
metadata:
labels:
app: reviews
version: v2
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: 192.168.100.91:80/examples-bookinfo-reviews-v2:1.15.1
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 9080
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v3
labels:
app: reviews
version: v3
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v3
template:
metadata:
labels:
app: reviews
version: v3
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: 192.168.100.91:80/examples-bookinfo-reviews-v3:1.15.1
imagePullPolicy: IfNotPresent
env:
- name: LOG_DIR
value: "/tmp/logs"
ports:
- containerPort: 9080
volumeMounts:
- name: tmp
mountPath: /tmp
- name: wlp-output
mountPath: /opt/ibm/wlp/output
volumes:
- name: wlp-output
emptyDir: {}
- name: tmp
emptyDir: {}
---
##################################################################################################
# Productpage services
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: productpage
labels:
app: productpage
service: productpage
spec:
ports:
- port: 9080
name: http
selector:
app: productpage
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-productpage
labels:
account: productpage
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: productpage-v1
labels:
app: productpage
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: productpage
version: v1
template:
metadata:
labels:
app: productpage
version: v1
spec:
serviceAccountName: bookinfo-productpage
containers:
- name: productpage
image: 192.168.100.91:80/examples-bookinfo-productpage-v1:1.15.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir: {}
---
kubectl apply -f bookinfo.yaml
等一会,运行一些命令会发现都创建成功了(无视test-2)
4、创建入口网关:
拷贝bookinfo-gateway.yaml
至服务器master节点
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: bookinfo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- "*"
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
kubectl apply -f bookinfo-gateway.yaml
查看:
生成一个外部访问端口
kubectl expose deployment productpage-v1 --type=NodePort
生成的外部端口为30008
访问http://192.168.100.95:30008/productpage
多刷几个页面,会发现应用了不同的版本
四、卸载
istioctl manifest generate --set profile=demo | kubectl delete -f -