If you have anything running in Kubernetes from the previous exercises first remove those. The easiest way is to start with a clean slate and delete all deployed services from the cluster:
kubectl delete all --allDO NOT USE ISTIO 1.0.3 or get the latest release!
Be sure to use Istio 1.0.2
- Download Istio CLI and release.
Download the 1.0.2 release from here:
https://github.com/istio/istio/releases/tag/1.0.2
Unzip it and link it to the istio directory:
ln -sf istio-$ISTIO_VERSION istio- Add Istio binary path to $PATH.
export PATH=~/istio/bin:$PATHAlso, save it in .bashrc in case you restart your shell. On linux:
echo 'export PATH=~/istio/bin:$PATH' >> ~/.bashrcOr on a mac:
echo 'export PATH=~/istio/bin:$PATH' >> ~/.bash_profileIstio related commands need to have istioctl in the path. Verify it is available by running:
istioctl -hFor this workshop we are not using Istio Auth because we want to test using outside services accessing the cluster. Istio Auth enables mutual TLS authentication between pods but it prevents the ability to access the services outside the cluster and will require additional configurations.
To install plain Istio from inside the istio download directory run:
kubectl apply -f install/kubernetes/helm/istio/templates/crds.yaml
kubectl apply -f install/kubernetes/istio-demo.yaml \
--as=admin --as-group=system:mastersIstio is deployed in a separate Kubernetes namespace istio-system. You can watch the state of Istio and other services and pods using the watch flag (-w) when listing Kubernetes resources. For example, in two separate terminal windows run:
watch -n30 kubectl get pods -n istio-system
watch -n30 kubectl get services -n istio-systemCongratulations! You have installed Istio into the Kubernetes cluster. A lot has been installed:
- Istio Controllers and related RBAC rules
- Istio Custom Resource Defintiions
- Prometheus and Grafana for Monitoring
- Jeager for Distributed Tracing
- Istio Sidecar Injector (we'll take a look next next section)