1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22

wget https://github.com/istio/istio/releases/download/1.4.2/istio-1.4.2-linux.tar.gztar zxvf istio-1.4.2-linux.tar.gz
cd istio-1.4.2mv bin/istioctl /usr/bin
istioctl profile list
istioctl manifest apply --set profile=demo
istioctl manifest generate --set profile=demo  #获取yaml
istioctl manifest generate --set profile=demo | kubectl delete -f -  #卸载

查看运行成功
# kubectl get pod -n istio-system
NAME                    READY  STATUS   RESTARTS  AGE
grafana-6b65874977-crbm9          1/1   Running  0     4m13s
istio-citadel-86dcf4c6b-6qg8f       1/1   Running  0     4m17s
istio-egressgateway-68f754ccdd-vgnnt    1/1   Running  0     4m20s
istio-galley-5fc6d6c45b-ckqhs       1/1   Running  0     4m13s
istio-ingressgateway-6d759478d8-w29kh   1/1   Running  0     4m17s
istio-pilot-5c4995d687-phbtd        1/1   Running  0     4m21s
istio-policy-57b99968f-mbxjg        1/1   Running  5     4m24s
istio-sidecar-injector-746f7c7bbb-f4jmv  1/1   Running  0     4m13s
istio-telemetry-854d8556d5-s5948      1/1   Running  4     4m18s
istio-tracing-c66d67cd9-2btc9       1/1   Running  0     4m18s
kiali-8559969566-npcrl           1/1   Running  0     4m22s
prometheus-66c5887c86-wbftc        1/1   Running  0     4m17s

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

# 手动注入
kubectl apply -f <(istioctl kube-inject -f httpbin-nodeport.yaml)
或者
istioctl kube-inject -f httpbin-nodeport.yaml|kubectl apply -f -

# 自动注入
kubectl label namespace default istio-injection=enabled
kubectl apply -f httpbin-gateway.yaml
# kubectl get pod
NAME            READY  STATUS   RESTARTS  AGE
httpbin-5c8ff7878b-jtp8d  2/2   Running  0     4m44s
# kubectl get svc
NAME     TYPE     CLUSTER-IP  EXTERNAL-IP  PORT(S)      AGE
httpbin    NodePort   10.0.0.8   <none>     8000:31378/TCP  23m

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

[root@k8s-master httpbin]# kubectl apply -f httpbin-gateway.yaml 
gateway.networking.istio.io/httpbin-gateway created
virtualservice.networking.istio.io/httpbin created
[root@k8s-master httpbin]# kubectl get gateway
NAME        AGE
httpbin-gateway  46s
[root@k8s-master httpbin]# kubectl get virtualservice
NAME    GATEWAYS       HOSTS  AGE
httpbin  [httpbin-gateway]  [*]   73s
[root@k8s-master httpbin]# kubectl get svc -n istio-system |grep ingress
istio-ingressgateway   LoadBalancer  10.0.0.159  <pending>   15020:30192/TCP,80:31025/TCP,443:30335/TCP,15029:31780/TCP,15030:30496/TCP,15031:30126/TCP,15032:32066/TCP,15443:32306/TCP  142m

1
2
3
4
5
6

kubectl create ns bookinfo
kubectl label namespace bookinfo istio-injection=enabled
cd istio-1.4.2/samples/bookinfo
kubectl apply -f platform/kube/bookinfo.yaml -n bookinfo
kubectl get pod -n bookinfo
kubectl apply -f networking/bookinfo-gateway.yaml -n bookinfo

1
2
3

virtualservice -> subset -> destinationrule定义的subset名称 -> 根据标签匹配pod
kubectl apply -f networking/virtual-service-all-v1.yaml -n bookinfo
kubectl apply -f networking/destination-rule-all.yaml -n bookinfo

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111

# cat monitor-gateway.yaml---
# 监控指标

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
 name: grafana-gateway
spec:
 selector:
  istio: ingressgateway
 servers:
 - port:
   number: 80
   name: http
   protocol: HTTP
  hosts:
  - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
 name: grafana
spec:
 hosts:
 - "grafana.cnntp.cn"
 gateways:
 - grafana-gateway
 http:
 - route:
  - destination:
    host: grafana 
    port:
     number: 3000

---
# 网格可视化 Kiali 
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
 name: kiali-gateway
spec:
 selector:
  istio: ingressgateway
 servers:
 - port:
   number: 80
   name: http
   protocol: HTTP
  hosts:
  - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
 name: kiali
spec:
 hosts:
 - "kiali.cnntp.cn"
 gateways:
 - kiali-gateway
 http:
 - route:
  - destination:
    host: kiali 
    port:
     number: 20001 

---
# 调用链
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
 name: tracing-gateway
spec:
 selector:
  istio: ingressgateway
 servers:
 - port:
   number: 80
   name: http
   protocol: HTTP
  hosts:
  - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
 name: tracing 
spec:
 hosts:
 - "tracing.cnntp.cn"
 gateways:
 - tracing-gateway
 http:
 - route:
  - destination:
    host: tracing
    port:
     number: 80

# kubectl apply -f monitor-gateway.yaml -n istio-system
# kubectl get gateway -n istio-system
NAME                AGE
grafana-gateway           18m
ingressgateway           7h33m
istio-multicluster-egressgateway  7h33m
kiali-gateway            18m
tracing-gateway           18m