“Technology Direct” series, focusing on the domestic and foreign cloud native field of technology and cutting-edge trends, for developers and enterprises to provide the latest theoretical and practical dry goods. We recently took a look at Istio, the industry’s hot microservices management tool, and will continue to update our series of dry articles.
At 0:00 GMT on August 1, 2018, Istio announced the release of official version 1.0, which Istio says is ready for production. It’s been more than a year since the original 0.1 release. Istio is an open source project developed by Google, IBM, and Lyft to provide a unified approach to microservices connectivity, security, management, and monitoring.
The Istio project provides a traffic management mechanism for microservices architectures and creates a foundation for other value-added functions including security, monitoring, routing, connection management and policy. The software is built using the proven Lyft Envoy agent to achieve visibility and control without doing anything to the application code. The Istio program is a powerful tool to help Ctos/CIOs enforce holistic security, policy, and compliance requirements from within the enterprise.
Istio has been in development for over a year now. Today Istio has only released version 1.0, a major milestone that means all core functionality is now available in production environments. Compared to the 0.8 release two months ago, version 1.0 has only a few new features, and the bulk of the work is still focused on bug fixes and performance improvements, with many existing features marked Beta — indicating availability for production environments.
The components of this project are relatively complex. Some of the original options were adjusted by ConfigMap and Istioctl respectively. Now, through the redesigned Helm Chart, the installation options are managed centrally using values.
Ensure that the Kubernetes cluster (v1.9 and later only) is deployed and configured with a local Kubectl client before installing Istio.
1. Download Istio
$tar ZXF wget https://github.com/istio/istio/releases/download/1.0.0/istio-1.0.0-linux.tar.gz$ Istio 1.0.0 - Linux. Tar. Gz $cp istio - 1.0.0 / bin/istioctl/usr/local/bin /
Copy the code2. Deploy the Istio service using the Helm
Clone Istio repository:
$ git clone https://github.com/istio/istio.git$ cd istio
Copy the codeIstio’s Chart is included in the Helm directory in the installation package. There are two official methods:
-
Generate istio.yaml with Helm and install it yourself.
-
Install directly with Tiller.
Obviously, there is no essential difference between the two approaches, and we will deploy the first approach here.
$ helm template install/kubernetes/helm/istio --name istio --namespace istio-system --set sidecarInjectorWebhook.enabled=true --set ingress.service.type=NodePort --set gateways.istio-ingressgateway.type=NodePort --set gateways.istio-egressgateway.type=NodePort --set tracing.enabled=true --set servicegraph.enabled=true --set prometheus.enabled=true --set tracing.jaeger.enabled=true --set grafana.enabled=true > istio.yaml$ kubectl create namespace istio-system$ kubectl create -f istio.yaml
Copy the codeHere is to use the install/kubernetes/helm/istio render the Chart of the generated contents are saved to. / istio yaml files. Will sidecarInjectorWebhook. Enabled is set to True to make automatic injection properties take effect.
After the deployment is complete, you can check whether the services in the ISOtio-system namespace run properly:
1. The former IStio-CA is now renamed istio-Citadel.
2. Istio-cleanup-secrets is a job used to cleanup CA deployments (including sa, deploy, and SVC) left over from istio.
3. Egressgateway, Ingress and Ingressgateway, it can be seen that the edge part has great changes, which will be published separately in the future.
3. Prometheus, Grafana, Servicegraph and Jaeger
Once all pods are started, these services can be accessed through NodePort, Ingress, or Kubectl proxy. For example, services can be accessed through Ingress.
First create Ingress for Prometheus, Grafana, Servicegraph, and Jaeger services:
$ kubectl create -f ingress.yaml
Copy the codeThen add four hosts to your local computer:
$Ingree_host prometheus.istio.io
$Ingree_host grafana.istio.io
$Ingree_host servicegraph.istio.io
$Ingree_host tracing.istio.io
Copy the codeReplace $Ingree_host with the IP of the Ingress Controller running node.
Access the Grafana service at http://grafana.istio.io:
Through http://servicegraph.istio.io access ServiceGraph service, service calls between diagram.
http://servicegraph.istio.io/force/forcegraph.html : As explored above, this is an interactive D3.js visualization.
http://servicegraph.istio.io/dotviz : is a static Graphviz visualization.
http://servicegraph.istio.io/dotgraph : provides a DOT serialization.
http://servicegraph.istio.io/d3graph : provides a JSON serialization for D3 visualization.
http://servicegraph.istio.io/graph : provides a generic JSON serialization.
Visit the Jaeger tracking page at http://tracing.istio.io/ :
Through http://prometheus.istio.io/ visit Prometheus page:
If you already have Prometheus-Operator deployed, you do not need to deploy Grafana, Directly to the addons/grafana/dashboards directory Dashboard template copying out on Prometheus – the operator grafana, You can then monitor ISTIO by adding the Prometheus data source in the ISTIO-System namespace.
4. Mesh Expansion
Istio also supports managing applications that are not managed by Kubernetes. In this case, Istio needs to be deployed on the VM or physical host where the application resides. For details, see Mesh Expansion.
Once deployed, you can register your application with Istio, for example:
# istioctl register servicename machine-ip portname:port$istioctl -n onprem register mysql 1.2.3.4 3306$istioctl -n Onprem Register svC1 1.2.3.4 HTTP :7000
Copy the codeAuthor’s brief introduction
Yang Chuansheng
DaoCloud Cloud Native engineer, Kubernetes, Service Mesh technology enthusiasts, focus on Cloud Native technology research, open source ideas spread.
Refer to the link
Istio 0.8 Helm Chart Analysis:
https://blog.fleeto.us/post/istio-0.8.0-helm/
Next: Canary deployment with Istio
