istio系列之一 istio安装
一、下载
1.下载最新的istio安装包
$ curl -L https://istio.io/downloadIstio | sh -
或者指定参数下载特定的版本
$ curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.11.4 sh -
2.将istioctl的路径,添加到环境变量
$ cd istio-1.11.4/ $ export PATH=$PWD/bin:$PATH
安装目录包含:
示例应用程序 samples/
目录中的客户端二进制文件 bin/istioctl
二、安装
启用http访问日志、使用demo配置文件,进行安装
$ istioctl install --set profile=demo --set meshConfig.accessLogFile=/dev/stdout --skip-confirmation -y ✔ Istio core installed ✔ Istiod installed ✔ Ingress gateways installed ✔ Egress gateways installed ✔ Installation complete Thank you for installing Istio 1.11. Please take a few minutes to tell us about your install/upgrade experience! https://forms.gle/kWULBRjUv7hHci7T6
三、部署示例程序验证
1.准备一个go项目
package main
import (
"fmt"
"log"
"net/http"
"os"
)
func IndexHandler(w http.ResponseWriter, r *http.Request) {
logger.Println("uri: ", r.RequestURI)
fmt.Fprintln(w, "v1: hello world") //把v1替换为v2,分别编译v1、v2两个版本
}
var logger *log.Logger
func main() {
// 1.init log
initLog()
// 2.start server
http.HandleFunc("/", IndexHandler)
http.HandleFunc("/hello", IndexHandler)
fmt.Println("listen: 8080")
err := http.ListenAndServe(":8080", nil)
if err != nil {
fmt.Println("listen err: ", err)
return
}
}
func initLog() {
file, err := os.OpenFile("./log/info.log", os.O_CREATE|os.O_WRONLY|os.O_APPEND, os.ModePerm)
if err != nil {
panic("init log err!"+err.Error())
}
logger = log.New(file, "", log.LstdFlags|log.Llongfile)
}
2.在项目根目录下,新建dockerfile文件
FROM golang:1.16.11 AS builder WORKDIR /app ADD . . ENV GOPROXY=https://goproxy.cn GO111MODULE=on RUN go mod download && CGO_ENABLED=0 GOOS=linux go build -o order FROM alpine:3.14 WORKDIR /data/www COPY --from=builder /app/order . RUN chmod +x /data/www/order && mkdir log EXPOSE 8080 CMD ["./order"]
3.构建镜像(分别构建v1、v2两个版本后面好判断流量控制是否生效)
构建v1版本镜像
$ docker build -t order:v1 . Sending build context to Docker daemon 10.75kB Step 1/11 : FROM golang:1.16.11 AS builder ---> f37585c54c06 ...... Step 11/11 : CMD ["./order"] ---> Running in 578fcb8c14a8 Removing intermediate container 578fcb8c14a8 ---> 091e90a62b0e Successfully built 091e90a62b0e Successfully tagged order:v1
构建v2版本镜像(把项目代码中IndexHandler()方法中输出的v1修改为v2)
$ docker build -t order:v2 . Sending build context to Docker daemon 10.75kB Step 1/11 : FROM golang:1.16.11 AS builder ---> f37585c54c06 ...... Step 11/11 : CMD ["./order"] ---> Running in c5bd9b5da72a Removing intermediate container c5bd9b5da72a ---> 1155fa35b83c Successfully built 1155fa35b83c Successfully tagged order:v2
4.使用docker run、curl验证镜像是否可用
5.创建istio-demo命名空间,并设置label,让sidecar自动注入
$ kubectl create ns istio-demo namespace/istio-demo created $ kubectl label namespace istio-demo istio-injection=enabled namespace/istio-demo labeled
6.在项目目录下新增order-deployment.yml文件
--- apiVersion: apps/v1 kind: Deployment metadata: name: order-deployment-v1 spec: selector: matchLabels: app: order-deployment version: v1 replicas: 1 template: metadata: labels: app: order-deployment version: v1 spec: containers: - name: order-deployment image: order:v1 ports: - containerPort: 8080 --- apiVersion: apps/v1 kind: Deployment metadata: name: order-deployment-v2 spec: selector: matchLabels: app: order-deployment version: v2 replicas: 1 template: metadata: labels: app: order-deployment version: v2 spec: containers: - name: order-deployment image: order:v2 ports: - containerPort: 8080
运行deployment
$ kubectl apply -f order-deployment.yml -n istio-demo deployment.apps/order-deployment-v1 created deployment.apps/order-deployment-v2 created $ kubectl get pods -n istio-demo NAME READY STATUS RESTARTS AGE order-deployment-v1-78564948c-bh9lr 2/2 Running 0 2m1s order-deployment-v2-7b7d856c65-ztcvr 2/2 Running 0 2m1s
7.在项目目录下新增order-service.yml文件
--- apiVersion: v1 kind: Service metadata: name: order-service spec: selector: app: order-deployment ports: - name: default protocol: TCP port: 8080 targetPort: 8080
运行service
$ kubectl apply -f order-service.yml -n istio-demo service/order-service created $ kubectl get svc -n istio-demo NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE order-service ClusterIP 10.104.26.124 <none> 8080/TCP 12s
8.在项目目录下新增order-gateway.yml文件(向外部流量开放应用程序)
--- apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: order-gateway spec: selector: istio: ingressgateway # use istio default controller servers: - port: number: 80 name: http protocol: HTTP hosts: - "*" --- apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: order-vs spec: hosts: - "*" gateways: - order-gateway http: - match: - uri: prefix: /test route: - destination: host: order-service port: number: 8080
运行gateway
$ kubectl apply -f order-gateway.yml -n istio-demo gateway.networking.istio.io/order-gateway created virtualservice.networking.istio.io/order-vs create
9.确定入站的IP和PORT (${IP}替换为具体的ip地址)
$ kubectl get svc istio-ingressgateway -n istio-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE istio-ingressgateway LoadBalancer ${IP} <pending> 15021:32711/TCP,80:31116/TCP,443:31146/TCP,31400:30936/TCP,15443:32696/TCP 85m
我的是支持外部lb,端口是80。虚拟机搭建的k8s集群参考官方文档 (https://preliminary.istio.io/latest/zh/docs/setup/getting-started/)
$ curl ${IP}/test
v2: hello world
$ curl ${IP}/test
v1: hello world
$ curl ${IP}/test
v1: hello world
$ curl ${IP}/test
v2: hello world
$ curl ${IP}/test
v2: hello world
$ curl ${IP}/test
v1: hello world
默认采用了k8s service的负载均衡机制
10.编辑order-gateway.yml文件,修改VirtualService,新增DestinationRule,流量全部切到v1版本
--- apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: order-gateway spec: selector: istio: ingressgateway # use istio default controller servers: - port: number: 80 name: http protocol: HTTP hosts: - "*" --- apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: order-vs spec: hosts: - "*" gateways: - order-gateway http: - match: - uri: prefix: /test route: - destination: host: order-service port: number: 8080 subset: v2 weight: 0 #修改权重可控制流量 - destination: host: order-service port: number: 8080 subset: v1 weight: 100 --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: order-dr spec: host: order-service subsets: - name: v1 labels: version: v1 - name: v2 labels: version: v2
重新运行gateway,验证
$ kubectl apply -f order-gateway2.yml -n istio-demo gateway.networking.istio.io/order-gateway unchanged virtualservice.networking.istio.io/order-vs configured destinationrule.networking.istio.io/order-dr created $ curl ${IP}/test v1: hello world $ curl ${IP}/test v1: hello world $ curl ${IP}/test v1: hello world
流量已经全部切换到v1版本
浙公网安备 33010602011771号