Istioを使ってみる (kubernetes)
kubernetes
Published: 2021-01-17

Istio を使ってみます。

Download

$ curl -L https://istio.io/downloadIstio | sh -

Install

$ cd istio-1.8.1
$ ./bin/istioctl version
no running Istio pods in "istio-system"
1.8.1
$ ./bin/istioctl install --set profile=demo -y
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/v1.8/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete

$ k label namespace default istio-injection=enabled
namespace/default labeled

$ k get namespace -L istio-injection
NAME              STATUS   AGE     ISTIO-INJECTION
default           Active   50d     enabled
ingress-nginx     Active   5d18h
istio-system      Active   4m11s   disabled
kube-node-lease   Active   50d
kube-public       Active   50d
kube-system       Active   50d
sample3.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment-first
spec:
  replicas: 2
  selector:
    matchLabels:
      app: sample3
  template:
    metadata:
      labels:
        app: sample3
    spec:
      containers:
        - name: nginx-container
          image: nginx:1.17
$ k apply -f sample3.yaml
deployment.apps/my-deployment-first created
$ k get pods
NAME                                   READY   STATUS    RESTARTS   AGE
my-deployment-first-5b8875c9cb-kstnh   2/2     Running   0          69s
my-deployment-first-5b8875c9cb-vg7hk   2/2     Running   0          69s

1回ここで一区切りして、次はチュートリアルのサンプルアプリケーションをデプロイします。

Deploy

$ k apply -f samples/bookinfo/platform/kube/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
$ k apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
unable to recognize "samples/bookinfo/networking/bookinfo-gateway.yaml": no matches for kind "Gateway" in version "networking.istio.io/v1alpha3"
unable to recognize "samples/bookinfo/networking/bookinfo-gateway.yaml": no matches for kind "VirtualService" in version "networking.istio.io/v1alpha3"

Pod の状態確認

$ k get pod
NAME                              READY   STATUS    RESTARTS   AGE
details-v1-79c697d759-5lvpj       2/2     Running   0          5m36s
productpage-v1-65576bb7bf-vtwxt   2/2     Running   0          5m35s
ratings-v1-7d99676f7f-gf7cz       2/2     Running   0          5m35s
reviews-v1-987d495c-s9mrq         2/2     Running   0          5m36s
reviews-v2-6c5bf657cf-j5cbg       2/2     Running   0          5m36s
reviews-v3-5f7b9f4f77-pdvdf       2/2     Running   0          5m36s
$ ./bin/istioctl analyze

✔ No validation issues found when analyzing namespace: default.

ブラウザからアクセスする

$ kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].port}'
80

Docker for Desktop を使っている場合

下記にアクセスすると、ページが見れると思います。

http://localhost/productpage

参考