Skip to main content

servicemesh

Prerequisite To follow up on this tutorial, ensure you have the following:

Runme Extension: Install the Runme extension in your VS Code editor and set it as your default Markdown viewer. Clone Repo: We have provided an example repository to help you follow this tutorial. You can clone the repo here.

git clone https://github.com/stateful/blog-examples.git

Require Packages: Install the required packages (kind,kubectl, Helm ) inside your Markdown file. Runme allows you to achieve this! Simply run the command in the prerequisite section in the repo.

brew install kind
brew install docker
brew install helm

This code cell below deletes the cluster if it already existed.

Install Istio CLI

Download the Istio release and install the Istio CLI.

curl -L https://istio.io/downloadIstio | sh -
cd istio-<version>
export PATH=$PWD/bin:$PATH

Install Istio on Kubernetes

istioctl install --set profile=demo
istioctl verify-install

Verify Installation

Ensure all Istio components are running correctly.

kubectl get pods -n istio-system

Label the Namespace for Istio Injection

Label the namespace where your application is deployed for automatic sidecar injection.

kubectl label namespace <your-namespace> istio-injection=enabled

Deploy Sample Application

kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml

Expose the Application

Expose the application using the Istio ingress gateway.

kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

Verify the Application

kubectl get svc istio-ingressgateway -n istio-system
  isrioctl analyze

Additional Configuration

Traffic Management

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1

Security

Enable mutual TLS and define authorization policies.

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
  namespace: istio-system
spec:
  mtls:
    mode: STRICT

Observability

Integrate with Prometheus, Grafana, and Jaeger for metrics, dashboards, and tracing.

kubectl apply -f samples/addons