本文档详细介绍了如何安装Istio的demo版本,并逐步部署Bookinfo这个官方示例应用。Bookinfo由四个独立的微服务组成,模拟了一个在线书店,展示了Istio的多种特性。安装过程包括选择安装类型、部署应用,以及通过自动注入Sidecar、创建Gateway来对外暴露服务。最后,验证了服务的可达性和可用性。
一、下载Istio软件包
➜ ~ curl -L https://istio.io/downloadIstio | sh -
➜ ~ ls -l istio-1.10.1
total 48
-rw-r--r-- 1 jyy staff 11348 6 5 04:44 LICENSE
-rw-r--r-- 1 jyy staff 5866 6 5 04:44 README.md
drwxr-x--- 3 jyy staff 96 6 5 04:44 bin
-rw-r----- 1 jyy staff 854 6 5 04:44 manifest.yaml
drwxr-xr-x 5 jyy staff 160 6 5 04:44 manifests
drwxr-xr-x 21 jyy staff 672 6 5 04:44 samples
drwxr-xr-x 5 jyy staff 160 6 5 04:44 tools
二、安装Istio demo版本
➜ ~ export PATH="$PATH:/Users/jyy/istio-1.10.1/bin"
➜ ~ istioctl version
no running Istio pods in "istio-system"
1.10.1
Istio有四个安装类型版本和自定义安装配置组件,分别是default、demo、minimal、remote,不同的安装类型版本,所安装的集群组件不同,此处我们安装demo版本的即可。
~ istioctl manifest apply --set profile=demo
Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/v1.10/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
! values.global.jwtPolicy is deprecated; use Values.global.jwtPolicy=third-party-jwt. See http://istio.io/latest/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for more information instead
This will install the Istio 1.10.1 demo profile with ["Istio core" "Istiod" "Ingress gateways" "Egress gateways"] components into the cluster. Proceed? (y/N) y
✔ Istio core installed
✔ Istiod installed
✔ Ingress gateways installed
✔ Egress gateways installed
✔ Installation complete Thank you for installing Istio 1.10. Please take a few minutes to tell us about your install/upgrade experience! https://forms.gle/KjkrDnMPByq7akrYA
三、部署Bookinfo项目
Bookinfo是Istio社区官方推荐的示例应用之一。它可以用来演示多种Istio的特性,并且它是一个异构的微服务应用。该应用由四个单独的微服务构成。 这个应用模仿了在线书店,可以展示书店中书籍的信息。例如页面上会显示一本书的描述,书籍的细节( ISBN、页数等),以及关于这本书的一些评论。
Bookinfo 应用分为四个单独的微服务, 这些服务对 Istio 并无依赖,但是构成了一个有代表性的服务网格的例子:它由多个不同语言编写的服务构成,并且其中有一个应用会包含多个版本。
- productpage 会调用 details 和 reviews 两个微服务,用来生成页面。
- details 中包含了书籍的信息。
- reviews 中包含了书籍相关的评论。它还会调用 ratings 微服务。
- ratings 中包含了由书籍评价组成的评级信息。
reviews 微服务有 3 个版本,可用来展示各服务之间的不同的调用链路:
- v1 版本不会调用 ratings 服务。
- v2 版本会调用 ratings 服务,并使用 1 到 5 个黑色星形图标来显示评分信息。
- v3 版本会调用 ratings 服务,并使用 1 到 5 个红色星形图标来显示评分信息。
1)开启自动注入Sidecar功能,为default namespace打上istio-injectio=enable的标签
➜ ~ kubectl label namespace default istio-injection=enabled
namespace/default labeled
2)部署Bookinfo应用
➜ ~ cd istio-1.10.1
➜ istio-1.10.1 kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
3)查看集群Service、Deployment及Pod状态
➜ ~ kubectl get services -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
details ClusterIP 10.99.16.140 <none> 9080/TCP 117s app=details
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 48d <none>
productpage ClusterIP 10.102.78.81 <none> 9080/TCP 117s app=productpage
ratings ClusterIP 10.101.12.136 <none> 9080/TCP 117s app=ratings
reviews ClusterIP 10.103.45.245 <none> 9080/TCP 117s app=reviews
➜ ~ kubectl get deploy -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
details-v1 1/1 1 1 2m34s details docker.io/istio/examples-bookinfo-details-v1:1.16.2 app=details,version=v1
productpage-v1 1/1 1 1 2m34s productpage docker.io/istio/examples-bookinfo-productpage-v1:1.16.2 app=productpage,version=v1
ratings-v1 1/1 1 1 2m34s ratings docker.io/istio/examples-bookinfo-ratings-v1:1.16.2 app=ratings,version=v1
reviews-v1 1/1 1 1 2m34s reviews docker.io/istio/examples-bookinfo-reviews-v1:1.16.2 app=reviews,version=v1
reviews-v2 1/1 1 1 2m34s reviews docker.io/istio/examples-bookinfo-reviews-v2:1.16.2 app=reviews,version=v2
reviews-v3 1/1 1 1 2m34s reviews docker.io/istio/examples-bookinfo-reviews-v3:1.16.2 app=reviews,version=v3
➜ ~ kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
details-v1-79f774bdb9-l7p7v 2/2 Running 0 3m5s 10.1.8.84 docker-desktop <none> <none>
productpage-v1-6b746f74dc-92v9z 2/2 Running 0 3m5s 10.1.8.88 docker-desktop <none> <none>
ratings-v1-b6994bb9-ksshh 2/2 Running 0 3m5s 10.1.8.85 docker-desktop <none> <none>
reviews-v1-545db77b95-lxt8r 2/2 Running 0 3m4s 10.1.8.89 docker-desktop <none> <none>
reviews-v2-7bf8c9648f-r8tdv 2/2 Running 0 3m5s 10.1.8.86 docker-desktop <none> <none>
reviews-v3-84779c7bbc-bwrhj 2/2 Running 0 3m5s 10.1.8.87 docker-desktop <none> <none>
4)查看productpage是否可访问
➜ ~ kubectl exec -it $(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}') -c ratings -- curl productpage:9080/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>
四、创建Gateway来暴露服务
1)创建Gateway
➜ ~ kubectl apply -f istio-1.10.1/samples/bookinfo/networking/bookinfo-gateway.yaml
gateway.networking.istio.io/bookinfo-gateway created
virtualservice.networking.istio.io/bookinfo created
➜ ~
➜ ~ kubectl get gw -o wide
NAME AGE
bookinfo-gateway 12s
➜ ~
➜ ~ kubectl get gw bookinfo-gateway -o yaml
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"networking.istio.io/v1alpha3","kind":"Gateway","metadata":{"annotations":{},"name":"bookinfo-gateway","namespace":"default"},"spec":{"selector":{"istio":"ingressgateway"},"servers":[{"hosts":["*"],"port":{"name":"http","number":80,"protocol":"HTTP"}}]}}
creationTimestamp: "2021-06-19T08:46:16Z"
generation: 1
managedFields:
- apiVersion: networking.istio.io/v1alpha3
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:kubectl.kubernetes.io/last-applied-configuration: {}
f:spec:
.: {}
f:selector:
.: {}
f:istio: {}
f:servers: {}
manager: kubectl-client-side-apply
operation: Update
time: "2021-06-19T08:46:16Z"
name: bookinfo-gateway
namespace: default
resourceVersion: "613125"
selfLink: /apis/networking.istio.io/v1beta1/namespaces/default/gateways/bookinfo-gateway
uid: aa0a73e3-d1e1-4c16-8208-ba7c23ec87a8
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
2)访问测试
➜ ~ export GATEWAY_URL=localhost:80
➜ ~ curl -s http://$\{GATEWAY_URL\}/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>
3)浏览器访问测试
4)清理Bookinfo
➜ ~ bash istio-1.10.1/samples/bookinfo/platform/kube/cleanup.sh
扫一扫
382
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
