一.bookinfo架构简介
二.部署bookinfo
1.配置环境
istio可以通过多种方式注入
通过名称空间设置lable的方式自动注入
kubectl label namespace bookinfo istio-injection=enable
打上标签后可以通过label确认是否成功
kubectl get ns/bookinfo --show-labels
NAME STATUS AGE LABELS
bookinfo Active 9m9s istio-injection=enable,kubesphere.io/namespace=bookinfo
手动注入
kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml)
2.部署bookinfo
kubectl apply -f /usr/local/istio/samples/bookinfo/platform/kube/bookinfo.yaml -n bookinfo
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
You have mail in /var/spool/mail/root
查看pod可以发现每个pod都是两个容器了
details-v1-78d78fbddf-t9jxr 2/2 Running 0 2m10s
productpage-v1-596598f447-245bm 2/2 Running 0 2m10s
ratings-v1-6c9dbf6b45-tdjlh 2/2 Running 0 2m10s
reviews-v1-7bb8ffd9b6-zs8b5 2/2 Running 0 2m10s
reviews-v2-d7d75fff8-vtw8b 2/2 Running 0 2m10s
reviews-v3-68964bc4c8-fkljg 2/2 Running 0 2m10s
describe可以查看到容器也是注入成功的
...
istio-proxy:
Container ID: docker://8cd4c3bb24ef01f470b531f37c505fc5cd8984678229392577020e83ca047473
Image: docker.io/istio/proxyv2:1.4.0
Image ID: docker-pullable://istio/proxyv2@sha256:9ba9de87d660767a2147f786040a8fe29ebb3b335742d3c95257ab82a33b8415
Port: 15090/TCP
Host Port: 0/TCP
Args:
...
至此bookinfo已经部署完成😀
三.接入Istio
1.部署bookinfo Gateway
kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml
yaml文件如下
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: bookinfo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- istio.default.bookinfo.com
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- istio.default.bookinfo.com
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
#查看gateway
kubectl get gateways.networking.istio.io
NAME AGE
bookinfo-gateway 19m
#查看rv
kubectl get virtualservices.networking.istio.io
NAME GATEWAYS HOSTS AGE
bookinfo [bookinfo-gateway] [*] 20m
部署完成通过Istis-ingressgateway访问
get svc -n istio-system | grep gateway
istio-egressgateway ClusterIP 10.68.20.211 <none> 80/TCP,443/TCP,15443/TCP 22h
istio-ingressgateway LoadBalancer 10.68.159.17 <pending> 15020:38813/TCP,80:37266/TCP,443:27530/TCP,15029:28752/TCP,15030:21822/TCP,15031:34373/TCP,15032:27310/TCP,15443:36864/TCP 22h
浏览器访问节点地址+NodePort端口
可以正常访问 并且刷新reviews是会轮训变化的 证明流量是轮训转发到reviews服务的不同版本中的
2.部署默认应用路由
kubectl apply -f samples/bookinfo/networking/destination-rule-all.yaml
yaml文件如下
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: productpage
spec:
host: productpage
subsets:
- name: v1
labels:
version: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v3
labels:
version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: ratings
spec:
host: ratings
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v2-mysql
labels:
version: v2-mysql
- name: v2-mysql-vm
labels:
version: v2-mysql-vm
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: details
spec:
host: details
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
---
可以用过下面命令查看
kubectl get dr
NAME HOST AGE
details details 10m
productpage productpage 10m
ratings ratings 10m
reviews reviews 10m
三.Kiali简介
1.配置kiali在gateway的转发
需要先创建secret
KIALI_USERNAME=$(read -p 'Kiali Username: ' uval && echo -n $uval | base64)
KIALI_PASSPHRASE=$(read -sp 'Kiali Passphrase: ' pval && echo -n $pval | base64)
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
name: kiali
namespace: istio-system
labels:
app: kiali
type: Opaque
data:
username: $KIALI_USERNAME
passphrase: $KIALI_PASSPHRASE
EOF
将kiali配置到gateway上
cat <<EOF | kubectl apply -f -
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: kiali-gateway
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 15029
name: http-kiali
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: kiali-vs
namespace: istio-system
spec:
hosts:
- "*"
gateways:
- kiali-gateway
http:
- match:
- port: 15029
route:
- destination:
host: kiali
port:
number: 20001
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: kiali
namespace: istio-system
spec:
host: kiali
trafficPolicy:
tls:
mode: DISABLE
---
EOF
访问节点ip+gateway15029NodePort端口
graph中就可以看到bookinfo的调用链路
