My latest and most complete articles are in pumpkin slow talk www.pkslow.com, article update is only in the official website, welcome to tea ~~
1 Service grid Istio
Istio is an open source Service Mesh implementation that is commonly used for connection, monitoring, and protection in Kubernetes cluster containers. Its core features are:
- Traffic management
- Traffic between services can be realized through simple configuration.
- Simplified service-level attributes such as fuses, timeouts, and retries;
- Support for A/B testing, Canary release, etc.
- security
- Security control at communication level;
- Developers just need to focus on application development.
- observability
- The Metrics.
- Logging;
- Tracing.
- Platform support
- Kubernetes;
- Various cloud platforms.
Istio’s architecture is divided into data platform and control plane. The data plane works through Sidecar agent as follows:
2 Kubernetes install IStio
2.1 Creating a Server
In order to avoid the problem of slow or undownloadable image, we use aliyun Hong Kong server as an example. To save money, I used a preemptive example with 8 cpus and 16GB of ram, which is about 0.28/ hour and can be deleted on demand.
-
CPU: 8 cores
-
Memory: 16 gb
-
System: Ubuntu 20.04 64-bit
-
Price: 0.28/ hour
-
Assign public IP addresses: Yes
-
Bandwidth charging mode: By traffic
-
Peak bandwidth: Maximum
The test login is as follows:
SSH [email protected] $free -h Total Used Free shared buff/ Cache available Mem: 15Gi 153Mi 15Gi 2.0Mi 325Mi 15GiCopy the codeNormal connection, ready to use.
2.2 installation Kubernetes
I am not going to create a Kubernetes cluster here, so I only use one machine. If you are interested, please check out the article between “Detailed documentation of installing Kubernetes cluster on Ubuntu with Kubeadm”.
Start kubernetes from minikube. Install kubernetes step by step.
# Necessary updates
$ apt-get update -y
$ apt-get upgrade -y
Download the kubectl command line tool
$ curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
# execute permission
$ chmod a+x kubectl
$ mv ./kubectl /usr/local/bin/kubectl
# installation Docker
$ apt-get install -y docker.io
Check Docker installation$docker --version docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.1# download minikube
$ curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
# execute permission
$ chmod +x minikube
$ mv minikube /usr/local/bin
Install connTrack dependencies
$ apt-get install -y conntrack
Kubernetes will need to wait a little while to download the image
$ minikube start --driver=none
# Check that the startup is successful
kubectl version
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.0", GitCommit:"c2b5237ccd9c0f1d600d3072634ca66cefdf272f", GitTreeState:"clean", BuildDate:"2021-08-04T18:03:20Z", GoVersion:"go1.16.6", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.2", GitCommit:"092fbfbf53427de67cac1e9fa54aaa09a28371d7", GitTreeState:"clean", BuildDate:"2021-06-16T12:53:14Z", GoVersion:"go1.16.5", Compiler:"gc", Platform:"linux/amd64"}
Copy the codeWe see the corresponding Pod also up:
2.3 installation istio
After installing Istio, we can start installing Istio as follows:
Download the installation package:
$ curl -L https://istio.io/downloadIstio | sh -
# add to Path
$ export PATH="$PATH: / root/istio - 1.10.3 / bin"
Check whether the installation is normal$istioctl x precheck stocking No issues found when checking the cluster. Istio is safe to install or upgrade!# install
$ istioctl install
Copy the codeAfter the installation is successful, the following screen is displayed:
Istio-system = istio-system = istio-system
3 USES istio
Let’s see how it works by installing an official example. The corresponding command space must be labeled so that ISTIO will recognize it and inject the agent:
$ kubectl label namespace default istio-injection=enabled
Copy the codeNext we install the corresponding sample code:
Kubectl apply - f istio - 1.10.3 / samples/bookinfo/platform/kube/bookinfo yamlCopy the codeAs you can see, all applications are up and each Pod has two containers:
To better monitor our application, let’s add some components or plug-ins:
$kubectl apply -f istio-1.10.3/samples/addonsCopy the codeThis gives us Grafana, Jaeger, Kiali, Prometheus, etc. :
Let’s take The example of Kiali, exposing the service, and see what it brings us:
# add NodePort
$ kubectl expose deployment kiali --type=NodePort --name=kiali-nodeport -n istio-system
Find the corresponding port
kubectl get service -n istio-system | grep kiali
For external access, note that the IP address is the server's public IP address$curl 47.242.151.110:31015 <a href="/kiali/">Found</a>.
Copy the codeOpen: http://47.242.151.110:31015/kiali, do not use Chrome to open, for the HTTPS pages, Chrome will open failure. I can open it normally in Safari:
Let’s simulate some requests:
Kubectl get SVC NAME TYPE cluster-ip external-ip PORT(S) AGE Details ClusterIP 10.101.63.99 < None > 9080/TCP 77m Kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 132m productPage ClusterIP 10.110.126.60 < None > 9080/TCP 77M ratings Review ClusterIP 10.104.252.123 < None > 9080/TCP 77m Reviews ClusterIP 10.104.41.104 <none> 9080/TCP 77m# loop requests
for i in $(seq 1 100); do curl -s -o /dev/null "http://10.101.63.99:9080"; done
for i in $(seq 1 100); do curl -s -o /dev/null "http://10.110.126.60:9080"; done
for i in $(seq 1 100); do curl -s -o /dev/null "http://10.104.252.123:9080"; done
for i in $(seq 1 100); do curl -s -o /dev/null "http://10.104.41.104:9080"; done
Copy the codeIf you look at the Graph, you can see some lines for requests that are red and failed and green and healthy:
Of course, there are many more functions, which are not explained here.
4 summarizes
This is a primer, but we’ll cover it in more detail in the future.