安装Istio
一、概述
在安装 Istio 之前,需要一个运行着 Kubernetes 的兼容版本的 cluster。
Istio 1.8 已经在 Kubernetes 版本 1.16, 1.17, 1.18, 1.19 中测试过。
- 通过选择合适的 platform-specific setup instructions 来创建一个集群。
有些平台提供了 managed control plane,您可以使用它来代替手动安装 Istio。如果您选择的平台支持这种方式,并且您选择使用它,那么,在创建完集群后,您将完成 Istio 的安装。因此,可以跳过以下说明。
二、下载 Istio
环境说明
操作系统:centos 7.6
主机名:k8s-master
ip地址:192.168.31.236
配置:2核2g
操作系统:centos 7.6
主机名:k8s-node01
ip地址:192.168.31.16
配置:2核4g
下载 Istio,下载内容将包含:安装文件、示例和 istioctl 命令行工具。
1. 访问 Istio release 页面下载与您操作系统对应的安装文件。在 macOS 或 Linux 系统中,也可以通过以下命令下载最新版本的 Istio:
注意:官方文档给的命令:
curl -L https://istio.io/downloadIstio | sh -
是无法执行的,提示:curl: (7) Failed connect to raw.githubusercontent.com:443; 拒绝连接
下载最新版本:1.81.1
wget https://github.com/istio/istio/releases/download/1.8.1/istio-1.8.1-linux-amd64.tar.gz tar zxvf istio-1.8.1-linux-amd64.tar.gz -C /usr/local/
设置环境变量
echo 'export ISTIO_HOME=/usr/local/istio-1.8.1' >> /etc/profile echo 'export PATH=$PATH:$ISTIO_HOME/bin' >> /etc/profile
加载变量
source /etc/profile
查看版本
istioctl version
使用 istioctl 的安装方式
在学习、实验环境我们可以选择 demo 这个 profile 进行安装,如下示例:
istioctl install --set profile=demo -y
查看istio相应的 namespace 和 pod 是否已经正常创建:
[root@k8s-master ~]# kubectl get ns |grep istio istio-system Active 82m
查看pods
[root@k8s-master ~]# kubectl get pods -n istio-system NAME READY STATUS RESTARTS AGE istio-egressgateway-6f9f4ddc9c-2sjgk 1/1 Running 0 2m33s istio-ingressgateway-78b47bc88b-85fd8 1/1 Running 0 2m33s istiod-67dbfcd4dd-qq5kg 1/1 Running 0 3m7s
检查 istio 的 CRD 和 API 资源:
[root@k8s-master ~]# kubectl get crd |grep istio authorizationpolicies.security.istio.io 2021-01-04T10:10:26Z destinationrules.networking.istio.io 2021-01-04T10:10:26Z envoyfilters.networking.istio.io 2021-01-04T10:10:26Z gateways.networking.istio.io 2021-01-04T10:10:26Z istiooperators.install.istio.io 2021-01-04T10:10:26Z peerauthentications.security.istio.io 2021-01-04T10:10:26Z requestauthentications.security.istio.io 2021-01-04T10:10:26Z serviceentries.networking.istio.io 2021-01-04T10:10:26Z sidecars.networking.istio.io 2021-01-04T10:10:26Z virtualservices.networking.istio.io 2021-01-04T10:10:26Z workloadentries.networking.istio.io 2021-01-04T10:10:27Z workloadgroups.networking.istio.io 2021-01-04T10:10:27Z [root@k8s-master ~]# [root@k8s-master ~]# kubectl api-resources |grep istio istiooperators iop,io install.istio.io true IstioOperator destinationrules dr networking.istio.io true DestinationRule envoyfilters networking.istio.io true EnvoyFilter gateways gw networking.istio.io true Gateway serviceentries se networking.istio.io true ServiceEntry sidecars networking.istio.io true Sidecar virtualservices vs networking.istio.io true VirtualService workloadentries we networking.istio.io true WorkloadEntry workloadgroups wg networking.istio.io true WorkloadGroup authorizationpolicies security.istio.io true AuthorizationPolicy peerauthentications pa security.istio.io true PeerAuthentication requestauthentications ra security.istio.io true RequestAuthentication [root@k8s-master ~]#
安装 dashboard 组件。命令如下:
kubectl apply -f /usr/local/istio-1.8.1/samples/addons -n istio-system
输出:
serviceaccount/grafana created configmap/grafana created service/grafana created deployment.apps/grafana created configmap/istio-grafana-dashboards created configmap/istio-services-grafana-dashboards created deployment.apps/jaeger created service/tracing created service/zipkin created service/jaeger-collector created customresourcedefinition.apiextensions.k8s.io/monitoringdashboards.monitoring.kiali.io created serviceaccount/kiali created configmap/kiali created clusterrole.rbac.authorization.k8s.io/kiali-viewer created clusterrole.rbac.authorization.k8s.io/kiali created clusterrolebinding.rbac.authorization.k8s.io/kiali created service/kiali created deployment.apps/kiali created serviceaccount/prometheus created configmap/prometheus created clusterrole.rbac.authorization.k8s.io/prometheus created clusterrolebinding.rbac.authorization.k8s.io/prometheus created service/prometheus created deployment.apps/prometheus created unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1" unable to recognize "/usr/local/istio-1.8.1/samples/addons/kiali.yaml": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"
将istio-ingressgateway改为NodePort方式,方便访问
kubectl patch service istio-ingressgateway -n istio-system -p '{"spec":{"type":"NodePort"}}'
本文参考链接:
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix