Difference between revisions of "Istio on AWS"
| Line 43: | Line 43: | ||
== Exposing Application to outside traffic == | == Exposing Application to outside traffic == | ||
At this point, the application is already running but we cannot access it from the outside. To make it accessible, you need to create an Istio Ingress Gateway, which maps a path to a route at the edge of your mesh. To execute this, there are two step that we need to execute. | At this point, the application is already running but we cannot access it from the outside. To make it accessible, you need to create an Istio Ingress Gateway, which maps a path to a route at the edge of your mesh. To execute this, there are two step that we need to execute. | ||
1. Associate this application with the Istio gateway: | |||
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml | kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml | ||
Expected Output: | |||
gateway.networking.istio.io/bookinfo-gateway created | |||
virtualservice.networking.istio.io/bookinfo created | |||
2. Ensure that there are no issues with the configuration: | |||
istioctl analyze | istioctl analyze | ||
Expected Output: | |||
✔ No validation issues found when analyzing namespace: default. | |||
Revision as of 17:37, 4 September 2021
Preface
Pre-Requisite
What is istio
Installing Istio
In order to install istio.io, first we are goingt to download the source into local machine by using below command, at the time this document is written, current version of istio.io is 1.11.2
curl -L https://istio.io/downloadIstio | sh -
move to istio folder installation
cd istio-1.11.2
Add the istioctl client to your path (Linux or macOS):
export PATH=$PWD/bin:$PATH
Then, one can start to install istio on the cluster
istioctl install --set profile=demo -y
Please noted, that we are going to install the demo application. Next step is to create the default namespace for sidecar injection.
kubectl label namespace default istio-injection=enabled
Next, deploy the Bookinfo sample application.
kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
Inspecting the installation result.
kubectl get pod
Output :
NAME READY STATUS RESTARTS AGE
details-v1-79f774bdb9-2vfgq 0/2 PodInitializing 0 9s
productpage-v1-6b746f74dc-lp2dh 0/2 PodInitializing 0 3s
ratings-v1-b6994bb9-6hftr 0/2 PodInitializing 0 7s
reviews-v1-545db77b95-rt69k 0/2 PodInitializing 0 6s
reviews-v2-7bf8c9648f-tvgn6 0/2 PodInitializing 0 5s
reviews-v3-84779c7bbc-trknm 0/2 PodInitializing 0 4s
kubectl get services
Output :
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
details ClusterIP 10.100.109.10 <none> 9080/TCP 21s
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 68m
productpage ClusterIP 10.100.151.213 <none> 9080/TCP 15s
ratings ClusterIP 10.100.1.63 <none> 9080/TCP 20s
reviews ClusterIP 10.100.119.183 <none> 9080/TCP 18s
Please ensure all the pod status becomes READY <2/2> before proceed to next step. Verify everything is working correctly up to this point. Run this command to see if the app is running inside the cluster and serving HTML pages by checking for the page title in the response:
kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"
Output:
<title>Simple Bookstore App</title>
Exposing Application to outside traffic
At this point, the application is already running but we cannot access it from the outside. To make it accessible, you need to create an Istio Ingress Gateway, which maps a path to a route at the edge of your mesh. To execute this, there are two step that we need to execute. 1. Associate this application with the Istio gateway:
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
Expected Output:
gateway.networking.istio.io/bookinfo-gateway created virtualservice.networking.istio.io/bookinfo created
2. Ensure that there are no issues with the configuration:
istioctl analyze
Expected Output:
✔ No validation issues found when analyzing namespace: default.