1. 环境准备

下载istio

# curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.17.1 TARGET_ARCH=x86_64 sh -
# export PATH="$PATH:/root/istio-1.17.1/bin"

获取OKE集群的访问配置

# oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.ap-tokyo-1.XXXXX --file $HOME/.kube/config --region ap-tokyo-1 --token-version 2.0.0  --kube-endpoint PUBLIC_ENDPOINT

下载Kubectl

# curl -LO https://dl.k8s.io/release/v1.25.4/bin/linux/amd64/kubectl
# chmod +x kubectl
# cp kubectl /usr/bin/

验证集群与环境是否就绪

# kubectl get node
# istioctl x precheck

2. 部署istio

# kubectl create ns istio-system
# istioctl install --set components.cni.enabled=true
# kubectl -n istio-system get pods
# istioctl verify-install

部署其周边组件

# kubectl apply -f samples/addons/prometheus.yaml
# kubectl apply -f samples/addons/grafana.yaml
# kubectl apply -f samples/addons/jaeger.yaml
# kubectl apply -f samples/addons/kiali.yaml

3. 应用部署

使能istio自动注入

# kubectl label namespace default istio-injection=enabled

部署示例应用

# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
# kubectl apply -f samples/bookinfo/platform/kube/bookinfo-ingress.yaml

访问应用

# 获取istio gateway 公网IP地址
[root@osstest2 istio-1.17.1]# kubectl -n istio-system get svc istio-ingressgateway
NAME                   TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                                      AGE
istio-ingressgateway   LoadBalancer   10.96.126.197   140.83.33.77   15021:30306/TCP,80:32192/TCP,443:31359/TCP   11h

# bookinfo的访问URL为：http://140.83.33.77/productpage

4. istio周边组件配置及接入

4.1 访问Kiali服务

# 修改type: LoadBalancer
[root@osstest2 istio-1.17.1]# kubectl -n istio-system edit svc kiali

[root@osstest2 istio-1.17.1]# kubectl -n istio-system get svc kiali
NAME    TYPE           CLUSTER-IP     EXTERNAL-IP       PORT(S)                          AGE
kiali   LoadBalancer   10.96.14.110   155.248.179.191   20001:30608/TCP,9090:32163/TCP   11h

# Kiali服务地址：http://155.248.179.191:20001

4.2 访问grafana服务

# 修改type: LoadBalancer
[root@osstest2 istio-1.17.1]# kubectl -n istio-system edit svc grafana

[root@osstest2 istio-1.17.1]# kubectl -n istio-system get svc grafana
NAME      TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)          AGE
grafana   LoadBalancer   10.96.140.128   131.186.33.86   3000:31311/TCP   12h

# Grafana访问地址：131.186.33.86：3000

4.3 日志系统接入(使用OCI Logging)

创建动态组

instance.compartment.id='ocid1.compartment.oc1..aaaaaaaafqgbjumv6djs3xdbkq27gat2nyhtowzdfltiy42w2rthjuvpl46a'

创建policy

Allow dynamic-group applog to use log-content in compartment k8s

创建名为oke-app-logs的Log Group

创建名为oke-app-log的定制log

创建名为oke-app-log的agent config

查看OCI Logging Search

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Istio.md

Istio.md

1. 环境准备

2. 部署istio

3. 应用部署

4. istio周边组件配置及接入

4.1 访问Kiali服务

4.2 访问grafana服务

4.3 日志系统接入(使用OCI Logging)

Files

Istio.md

Latest commit

History

Istio.md

File metadata and controls

1. 环境准备

2. 部署istio

3. 应用部署

4. istio周边组件配置及接入

4.1 访问Kiali服务

4.2 访问grafana服务

4.3 日志系统接入(使用OCI Logging)