1. 命令行工具
curl -L https://git.io/getIstio | sh -
2. 环境变量配置
export PATH=$PWD/bin:$PATH
3. RBAC 检验
kubectl api-versions | grep rbac
以下为官方介绍:
If the command displays an error, or does not display anything, it means the cluster does not support RBAC, and you can proceed to step 5 below.If the command displays ‘beta’ version, or both ‘alpha’ and ‘beta’, please apply istio-rbac-beta.yaml configuration:kubectl apply -f install/kubernetes/istio-rbac-beta.yamlCopyIf you get an errorError from server (Forbidden): error when creating "install/kubernetes/istio-rbac-beta.yaml": clusterroles.rbac.authorization.k8s.io "istio-manager" is forbidden: attempt to grant extra privileges: [{[*] [istio.io] [istioconfigs] [] []} {[*] [istio.io] [istioconfigs.istio.io] [] []} {[*] [extensions] [thirdpartyresources] [] []} {[*] [extensions] [thirdpartyresources.extensions] [] []} {[*] [extensions] [ingresses] [] []} {[*] [] [configmaps] [] []} {[*] [] [endpoints] [] []} {[*] [] [pods] [] []} {[*] [] [services] [] []}] user=&{user@example.org [...]CopyYou need to add the following: (replace the name with your own)kubectl create clusterrolebinding myname-cluster-admin-binding --clusterrole=cluster-admin --user=myname@example.orgCopyIf the command displays only ‘alpha’ version, please apply istio-rbac-alpha.yaml configuration:kubectl apply -f install/kubernetes/istio-rbac-alpha.yaml
4. 安装核心组件(注意service type 的定义)
kubectl apply -f install/kubernetes/istio.yaml
kubectl apply -f install/kubernetes/istio-auth.yaml
5. 监控组件安装
kubectl apply -f install/kubernetes/addons/prometheus.yamlkubectl apply -f install/kubernetes/addons/grafana.yamlkubectl apply -f install/kubernetes/addons/servicegraph.yaml
6. bookinfo 例子安装
kubectl apply -f <(istioctl kube-inject -f samples/apps/bookinfo/bookinfo.yaml)
7. 几个问题
安装需要使用serviceaccount 注意配置,istioctl 需要使用kubectl config 注意配置主要是 kubectl config set-cluster kubectl config set-context kubectl use-context 命令因为部分容器需要按照特权模式运行,需要配置apiserver controller-manager --allow-privileged=true同时服务默认部分使用的是云平台的loadblance 测试环境可能没有,所以需要改为NodePort
8. 总结
总之安装还是比较简单的,但是还需要深入研究,每个组件的设计,以及功能。
9. 参考文档