Lab 2: Installing Istio

In this module, you download and install Istio.

  1. Execute the following command to get the latest ISTIO source:

    cd

#Linux (Lab VM)
wget https://github.com/istio/istio/releases/download/1.6.4/istio-1.6.4-linux-amd64.tar.gz
tar xfvz istio-1.6.4-linux-amd64.tar.gz     
    
#Mac
wget https://github.com/istio/istio/releases/download/1.6.4/istio-1.6.4-osx.tar.gz
tar xfvz istio-1.6.4-osx.tar.gz
	
#Windows
Download https://github.com/istio/istio/releases/download/1.6.4/istio-1.6.4-win.zip

  2. Add the istioctl client to your executables.

    export PATH=./istio-1.6.4/bin:$PATH

  3. Install Istio into the cluster:

    istioctl install --set profile=demo
      
> Detected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
> ✔ Istio core installed                                                                                                                                            
> - Processing resources for Istiod. Waiting for Deployment/istio-system/istiod 
> ...

  4. Label the default namespace for automatic sidecar injection

    kubectl label namespace default istio-injection=enabled                                                                                   
   
> namespace/default labeled

    ``

  5. Check the labels

    kubectl get ns --show-labels                                                                                                              
   
> NAME                   STATUS   AGE   LABELS
> default                Active   66d   istio-injection=enabled
> istio-system           Active   62s   istio-injection=disabled,istio-operator-managed=Reconcile,operator.istio.io/	> component=Base,operator.istio.io/managed=Reconcile,operator.istio.io/version=1.4.0
> kube-node-lease        Active   66d   <none>
> kube-public            Active   66d   <none>
> kube-system            Active   66d   <none>
> kubernetes-dashboard   Active   66d   addonmanager.kubernetes.io/mode=Reconcile,kubernetes.io/minikube-addons=dashboard

    ``

  6. Ensure the corresponding pods are all in Running state before you continue.

    kubectl get pods -n istio-system
   
> NAME                                    READY   STATUS    RESTARTS   AGE
> grafana-5dc4b4676c-dsdb5                1/1     Running   0          21m
> istio-egressgateway-5c7967cf9d-gnrpj    1/1     Running   0          21m
> istio-ingressgateway-676fbf789d-vldbf   1/1     Running   0          21m
> istio-tracing-8584b4d7f9-cj9p6          1/1     Running   0          21m
> istiod-55cd8455dd-4gq2j                 1/1     Running   0          23m
> kiali-6f457f5964-pvjw5                  1/1     Running   0          21m
> prometheus-7f54ff69cd-lf4xz             2/2     Running   0          21m

  7. Patch the NodePort of the Istio Ingress to 30762. Like that we are sure that the HTTP port is fixed and known.

    kubectl patch service -n istio-system istio-ingressgateway -p '{"spec": {"ports": [{"nodePort": 30762,"port":80,"name": "http2"}],"type": "NodePort"}}'
   
 > service/istio-ingressgateway patched

​ Before you continue, make sure all the pods are deployed and are either in the Running or Completed state. If they’re in Pending or CrashLoopBackOff state, wait a few minutes to let the deployment to settle.

Congratulations! You successfully installed Istio into your cluster.

Read more

Lab 1: Get to know ISTIO Lab 3: Deploy BookInfo application