Recommended OS: Debian 12
-
Deploy a Kubernetes cluster with a networking plugin
(Make sure you have a working container service)Suggestion: K3s Quick Start Guide
curl -sfL https://get.k3s.io | sh - -
Install
istioctl
Istioctl Installation Docscurl -sL https://istio.io/downloadIstioctl | sh - export PATH=$HOME/.istioctl/bin:$PATH
-
Install Istio with ingress and egress gateways
istioctl install \ --set profile=default \ --set components.egressGateways[0].name=istio-egressgateway \ --set components.egressGateways[0].enabled=true
-
Delete Traefik LoadBalancer (to use Istio ingress instead)
kubectl delete svc traefik -n <traefik-namespace>
-
Add Redis DB to cluster with Helm
helm repo add bitnami https://charts.bitnami.com/bitnami helm repo update helm install redis bitnami/redis \ --set auth.enabled=false \ --set architecture=standalone
-
Generate TLS certificate & key and create Kubernetes secret
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout tls.key -out tls.crt \ -subj "/CN=<your.k8s.domain>/O=<yourorg>" kubectl create -n istio-system secret tls kamino-cert \ --key=tls.key --cert=tls.crt -
Set all values in
proclone-secrets.yamlto your correct secret strings -
Replace all indicated values throughout config files
(e.g. hostnames, IP ranges, domains) -
Apply all configuration files
kubectl apply -f <your-config-directory>/
Requires Argo CD and Argo CD Image Updater
-
Follow steps 1-6 above
-
Set all values in
proclone-argocd-template.yaml(e.g. hostnames, IP ranges, domains) -
Set all values in
proclone-secrets.yamlto your correct secret strings -
Create the application using the
argocdcli toolargocd app create --file proclone-argocd-template.yaml
-
Apply
proclone-secrets.yamlkubectl apply -f proclone-secrets.yaml