Setup

Prerequisite CLI tools

You will need in this tutorial:

The following CLI tools are required for running the exercises in this tutorial. Please have them installed and configured before you get started with any of the tutorial chapters.

Tool macOS Fedora windows

Git

Download

Download

Download

Docker

Docker for Mac

dnf install docker

Docker for Windows

VirtualBox

Download

Download

Download

Minikube v1.9.2

Download

Download

Download

kubectl v1.17.4

Download

Download

Download

stern

brew install stern

Download

Download

Apache Maven 3.6.3

Download

Download

Download

istioctl

Download

Download

Download

The following CLI tools are optional for running the exercises in this tutorial. Although they are used in the tutorial, you could use others without any problem.

Tool macOS Fedora windows

yq v2.4.1

Download

Download

Download

jq v1.6.0

Download

Download

Download

httpie

brew install httpie

dnf install httpie

https://httpie.org/doc#windows-etc

watch

brew install watch

dnf install procps-ng

kubectx and kubens

brew install kubectx

https://github.com/ahmetb/kubectx

hey

Download

Download

Download

Download Tutorial Sources

Before we start setting up the environment, let’s clone the tutorial sources and set the TUTORIAL_HOME environment variable to point to the root directory of the tutorial:

Before we start setting up the environment, let’s clone the tutorial sources and set the TUTORIAL_HOME environment variable to point to the root directory of the tutorial:

export TUTORIAL_HOME="$(pwd)/istio-tutorial"
cd $TUTORIAL_HOME

Install Minikube

And then set environment variables:

  • MacOS and Linux

  • Windows

export MINIKUBE_HOME=$TUTORIAL_HOME;
export PATH=$MINIKUBE_HOME/bin:$PATH
export KUBECONFIG=$MINIKUBE_HOME/.kube/config
export KUBE_EDITOR="code -w"
set MINIKUBE_HOME=%TUTORIAL_HOME%
set PATH=%MINIKUBE_HOME%/bin:%PATH%
set KUBECONFIG=%MINIKUBE_HOME%/.kube/config
set KUBE_EDITOR="code -w"

Start Kubernetes

There are series of commands as steps that allows you get started with minikube. The following section shows how to start minikube with minimal and required configurations:

The profile istio-devnation is created to run the tutorial:

  • Minikube

  • OpenShift

Having minikube installed and in your PATH, then run:

minikube start --memory=8192 --cpus=3 --kubernetes-version=v1.17.4 --vm-driver=virtualbox -p istio-devnation

And the output must be something similar like:

❌  profile "istio-devnation" not found
βœ…  Created a new profile : istio-devnation
βœ…  minikube profile was successfully set to istio-devnation
πŸ˜„  [default] minikube v1.9.2 on Darwin 10.15.2
✨  Selecting 'virtualbox' driver from user configuration (alternates: [hyperkit])
πŸ”₯  Creating virtualbox VM (CPUs=2, Memory=8192MB, Disk=50000MB) ...
🐳  Preparing Kubernetes v1.17.4 on Docker '19.03.5' ...
    β–ͺ apiserver.enable-admission-plugins=LimitRanger,NamespaceExists,NamespaceLifecycle,ResourceQuota,ServiceAccount,DefaultStorageClass,MutatingAdmissionWebhook
🚜  Pulling images ...
πŸš€  Launching Kubernetes ...
βŒ›  Waiting for cluster to come online ...
πŸ„  Done! kubectl is now configured to use "istio-devnation"

Finally configure to use minikube internal docker as docker host:

eval $(minikube docker-env -p istio-devnation)

To run OpenShift4, you need to have one provisioned using try.openshift.com or can use any existing OpenShift4 cluster. Once you have your cluster, you can download the latest OpenShift client(oc) from here and add to your path.

oc version

You can check the OpenShift version using:

oc version

The output should show oc version >=4.2:

Client Version: openshift-clients-4.3.0-201910250623-88-g6a937dfe
Kubernetes Version: v1.17.4

Then login into the cluster and run:

oc new-project istio-devnation

Istio Installation

  • Minikube

  • OpenShift

#!/bin/bash

# Mac OS:
curl -L https://github.com/istio/istio/releases/download/1.4.6/istio-1.4.6-osx.tar.gz | tar xz

# Fedora/RHEL:
curl -L https://github.com/istio/istio/releases/download/1.4.6/istio-1.4.6-linux.tar.gz | tar xz

# Windows
curl -L https://github.com/istio/istio/releases/download/1.4.6/istio-1.4.6-win.zip

# Both:
cd istio-1.4.6
export ISTIO_HOME=`pwd`
export PATH=$ISTIO_HOME/bin:$PATH
cd $TUTORIAL_HOME
istioctl manifest apply --set profile=demo --set values.global.proxy.privileged=true
- Applying manifest for component Base...
βœ” Finished applying manifest for component Base.
- Applying manifest for component Tracing...
- Applying manifest for component Kiali...
- Applying manifest for component IngressGateway...
- Applying manifest for component Pilot...
- Applying manifest for component Galley...
- Applying manifest for component EgressGateway...
- Applying manifest for component Citadel...
- Applying manifest for component Prometheus...
- Applying manifest for component Policy...
- Applying manifest for component Injector...
- Applying manifest for component Telemetry...
- Applying manifest for component Grafana...
βœ” Finished applying manifest for component Prometheus.
βœ” Finished applying manifest for component Citadel.
βœ” Finished applying manifest for component Kiali.
βœ” Finished applying manifest for component Tracing.
βœ” Finished applying manifest for component Galley.
βœ” Finished applying manifest for component Injector.
βœ” Finished applying manifest for component Policy.
βœ” Finished applying manifest for component Grafana.
βœ” Finished applying manifest for component IngressGateway.
βœ” Finished applying manifest for component EgressGateway.
βœ” Finished applying manifest for component Pilot.
βœ” Finished applying manifest for component Telemetry.


βœ” Installation complete
kubectl config set-context $(kubectl config current-context) --namespace=istio-system
istio-demo.yaml enables policy enforcement by default which is required in some sections of the tutorial. Please refer to https://istio.io/docs/tasks/policy-enforcement/enabling-policy/ if you are not using this file.

Wait for Istio’s components to be ready

kubectl get pods -w
NAME                                        READY     STATUS      RESTARTS   AGE
grafana-6b65874977-v92gw                  1/1     Running   0          99s
istio-citadel-7bcc69d486-lqhwh            1/1     Running   0          101s
istio-egressgateway-6b6f694c97-bcpj8      0/1     Running   0          102s
istio-galley-6cf8f58d7b-gg8pv             1/1     Running   0          100s
istio-ingressgateway-8c9c9c9f5-glvhm      0/1     Running   0          103s
istio-pilot-c6dbc54b9-trwjt               0/1     Running   0          101s
istio-policy-66c4cf95c5-wf5hn             1/1     Running   2          100s
istio-sidecar-injector-79ccdf54c4-6dpnr   1/1     Running   0          100s
istio-telemetry-7bf96cb54f-jksfw          1/1     Running   3          101s
istio-tracing-c66d67cd9-mqhjx             1/1     Running   0          102s
kiali-8559969566-phh2b                    1/1     Running   0          101s
prometheus-66c5887c86-lfx7p               1/1     Running   0          101s

Istio is supported in OpenShift by Red Hat OpenShift Service Mesh operator.

It is important that after you finish with the installation, all the required pods are delpyed in istio-system namespace:

kubectl get pods -w
NAME                                     READY   STATUS             RESTARTS   AGE
grafana-7bf5764d9d-2b2f6                 2/2     Running            0          28h
istio-citadel-576b9c5bbd-z84z4           1/1     Running            0          28h
istio-egressgateway-5476bc4656-r4zdv     1/1     Running            0          28h
istio-galley-7d57b47bb7-lqdxv            1/1     Running            0          28h
istio-ingressgateway-dbb8f7f46-ct6n5     1/1     Running            0          28h
istio-pilot-546bf69578-ccg5x             2/2     Running            0          28h
istio-policy-77fd498655-7pvjw            2/2     Running            0          28h
istio-sidecar-injector-df45bd899-ctxdt   1/1     Running            0          28h
istio-telemetry-66f697d6d5-cj28l         2/2     Running            0          28h
jaeger-896945cbc-7lqrr                   2/2     Running            0          11h
kiali-78d9c5b87c-snjzh                   0/1     Running            0          22h
prometheus-6dff867c97-gr2n5              2/2     Running            0          28h