Istio-0.8.0在Minikube环境中快速启动Bookinfo示例
之前发表了从零开始应用Istio--入门示例,使用的istio版本比较低,在0.8.0版本下发现很多命令不一样了,所以总结一下,重新跑一下Bookinfo.
一. 安装Minikube环境
使用Minikube的本地实验环境, 系统为centos7.0, 国内环境安装可以参考https://yq.aliyun.com/articles/221687
安装VirtualBox
安装kubectl
可参考官网提供的安装说明,Install kubectl binary via curl
通过命令安装:
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
如果安装失败,或者无法访问可以直接下载
https://storage.googleapis.com/kubernetes-release/release/v1.11.1/bin/linux/amd64/kubectl
然后执行
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl安装Minikube
参考Minikube - Kubernetes本地实验环境 使用阿里提供的Minikube版本, 我这里使用Kubernetes 1.10 release的版本
curl -Lo minikube http://kubernetes.oss-cn-hangzhou.aliyuncs.com/minikube/releases/v0.28.0/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
启动
minikube start \
--registry-mirror=https://registry.docker-cn.com \
--extra-config=controller-manager.cluster-signing-cert-file="/var/lib/localkube/certs/ca.crt" \
--extra-config=controller-manager.cluster-signing-key-file="/var/lib/localkube/certs/ca.key" \
--extra-config=apiserver.admission-control="NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota" \
--kubernetes-version=v1.10.0二. 安装istio
可以参考官网Quick Start
获取Istio release , 我本地使用的为0.8.0版本
$ curl -L https://git.io/getLatestIstio | sh -
或者在GitHub下载所需版本
进入istio目录
cd istio-0.8.0
添加istioctl 到PATH
export PATH=$PWD/bin:$PATH
安装, 这里为了方便安装了不带TLS的版本
$ kubectl apply -f install/kubernetes/istio-demo.yaml
查看是否安装正常,看istio-pilot, istio-ingressgateway, istio-policy, istio-telemetry, prometheus, 以及可选的istio-sidecar-injector服务是否部署
kubectl get svc -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
istio-citadel ClusterIP 10.110.18.88 <none> 8060/TCP,9093/TCP 16h
istio-egressgateway ClusterIP 10.105.97.56 <none> 80/TCP,443/TCP 16h
istio-ingressgateway LoadBalancer 10.109.76.80 <pending> 80:31380/TCP,443:31390/TCP,31400:31400/TCP 16h
istio-pilot ClusterIP 10.108.201.57 <none> 15003/TCP,15005/TCP,15007/TCP,15010/TCP,15011/TCP,8080/TCP,9093/TCP 16h
istio-policy ClusterIP 10.100.249.185 <none> 9091/TCP,15004/TCP,9093/TCP 16h
istio-sidecar-injector ClusterIP 10.110.68.171 <none> 443/TCP 16h
istio-statsd-prom-bridge ClusterIP 10.100.113.133 <none> 9102/TCP,9125/UDP 16h
istio-telemetry ClusterIP 10.109.5.24 <none> 9091/TCP,15004/TCP,9093/TCP,42422/TCP 16h
prometheus ClusterIP 10.99.110.28 <none> 9090/TCP 查看pods
kubectl get pods -n istio-system
NAME READY STATUS RESTARTS AGE
istio-citadel-dcb7955f6-vdcjk 1/1 Running 0 11h
istio-egressgateway-56b7758b44-l5fm5 1/1 Running 0 11h
istio-ingressgateway-56cfddbd5b-xbdcx 1/1 Running 0 11h
istio-pilot-cbd6bfd97-wgw9b 2/2 Running 0 11h
istio-policy-699fbb45cf-bc44r 2/2 Running 0 11h
istio-statsd-prom-bridge-949999c4c-nws5j 1/1 Running 0 11h
istio-telemetry-55b675d8c-kfvvj 2/2 Running 0 11h
prometheus-86cb6dd77c-5j48h 1/1 Running 0 11h这样istio就安装完成了
注:
如果没有安装Istio-sidecar-injector, 那么在部署应用时需要手动的注入Envoy,
命令如下:
kubectl create -f <(istioctl kube-inject -f <your-app-spec>.yaml)
(*)卸载
如果实验完成后不在需要Istio环境可以使用如下命令卸载Istio
$ kubectl delete -f install/kubernetes/istio-demo.yaml
三. 部署Bookinfo应用
使用如下命令安装应用容器,这会花费一点时间
kubectl apply -f samples/bookinfo/kube/bookinfo.yaml
为应用定义ingress网关
istioctl create -f samples/bookinfo/routing/bookinfo-gateway.yaml
查看所有的服务都处在运行(Running)状态
kubectl get services
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
details 10.0.0.31 <none> 9080/TCP 6m
kubernetes 10.0.0.1 <none> 443/TCP 7d
productpage 10.0.0.120 <none> 9080/TCP 6m
ratings 10.0.0.15 <none> 9080/TCP 6m
reviews 10.0.0.170 <none> 9080/TCP 6m查看pods
kubectl get pods
NAME READY STATUS RESTARTS AGE
details-v1-1520924117-48z17 2/2 Running 0 6m
productpage-v1-560495357-jk1lz 2/2 Running 0 6m
ratings-v1-734492171-rnr5l 2/2 Running 0 6m
reviews-v1-874083890-f0qf0 2/2 Running 0 6m
reviews-v2-1343845940-b34q5 2/2 Running 0 6m
reviews-v3-1813607990-8ch52 2/2 Running 0 6m使用ngress的IP 和 port访问应用
这里主要介绍Minikube方式,如果是其他环境请参考Determining the ingress IP and ports
执行kubectl get svc istio-ingressgateway -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
istio-ingressgateway LoadBalancer 10.109.76.80 <pending> 80:31380/TCP,443:31390/TCP,31400:31400/TCP 16h此处EXTERNAL-IP 的值为<pending> 在这种情况下可以通过服务的node port访问gateway
获取访问端口
export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http")].nodePort}')
Minikube环境下获取访问IP
export INGRESS_HOST=$(minikube ip)
Set GATEWAY_URL:
export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT
访问
curl -o /dev/null -s -w "%{http_code}\n" http://${GATEWAY_URL}/productpage
结果 200如果Minikube 的IP本地可以访问,可以用浏览器打开http://$GATEWAY_URL/productpage访问Bookinfo的web页面.
Cleanup Bookinfo
删除路由,终止应用pods
samples/bookinfo/kube/cleanup.sh
确认是否关闭
istioctl get gateway #-- there should be no more gateway
istioctl get virtualservices #-- there should be no more virtual services
kubectl get pods #-- the Bookinfo pods should be deleted
