Installing Istio Mesh on Docker Desktop

Ajeet Singh Raina - Jan 15 '22 - - Dev Community

Istio is installed in two parts. The first part involves the CLI tooling that will be used to deploy and manage Istio backed services. The second part configures the Kubernetes cluster to support Istio.

[Captains-Bay]🚩 >  kubectl cluster-info
Kubernetes master is running at https://localhost:6443
KubeDNS is running at https://localhost:6443/api/v1/namespaces/kube-system/services/kube-dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode

Install CLI tooling

The following command will install the Istio 1.0.0 release.

curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.0.0 sh -
Enter fullscreen mode Exit fullscreen mode

After it has successfully run, add the bin folder to your path.

export PATH="$PATH:/root/istio-1.0.0/bin"
Enter fullscreen mode Exit fullscreen mode
cd /root/istio-1.0.0
Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  curl -L https://git.io/getLatestIstio | sh -
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:02 --:--:--     0
100  1447  100  1447    0     0    551      0  0:00:02  0:00:02 --:--:--   551
Downloading istio-1.0.0 from https://github.com/istio/istio/releases/download/1.0.0/istio-1.0.0-osx.tar.gz ...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   612    0   612    0     0    377      0 --:--:--  0:00:01 --:--:--   378
100 14.0M  100 14.0M    0     0   358k      0  0:00:40  0:00:40 --:--:-- 1129k
Downloaded into istio-1.0.0:
LICENSE     bin     istio.VERSION   tools
README.md   install     samples
Add /Users/ajeetraina/istio-1.0.0/bin to your path; e.g copy paste in your shell and/or ~/.profile:
export PATH="$PATH:/Users/ajeetraina/istio-1.0.0/bin"
[Captains-Bay]🚩 >

Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  kubectl apply -f install/kubernetes/istio-demo.yaml
namespace "istio-system" created
configmap "istio-galley-configuration" created
configmap "istio-grafana-custom-resources" created
configmap "istio-statsd-prom-bridge" created
...
kubernetesenv "handler" created
rule "kubeattrgenrulerule" created
rule "tcpkubeattrgenrulerule" created
kubernetes "attributes" created
destinationrule "istio-policy" created
destinationrule "istio-telemetry" created
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  ls
LICENSE     bin     istio.VERSION   tools
README.md   install     samples
s.yaml -n istio-systemectl apply -f install/kubernetes/helm/istio/templates/crd
customresourcedefinition "virtualservices.networking.istio.io" configured
customresourcedefinition "destinationrules.networking.istio.io" configured
customresourcedefinition "serviceentries.networking.istio.io" configured
customresourcedefinition "gateways.networking.istio.io" configured
customresourcedefinition "envoyfilters.networking.istio.io" configured
customresourcedefinition "policies.authentication.istio.io" created
customresourcedefinition "meshpolicies.authentication.istio.io" created
customresourcedefinition "httpapispecbindings.config.istio.io" configured
customresourcedefinition "httpapispecs.config.istio.io" configured
customresourcedefinition "quotaspecbindings.config.istio.io" configured
customresourcedefinition "quotaspecs.config.istio.io" configured
customresourcedefinition "rules.config.istio.io" configured
customresourcedefinition "attributemanifests.config.istio.io" configured
customresourcedefinition "bypasses.config.istio.io" configured
customresourcedefinition "circonuses.config.istio.io" configured
customresourcedefinition "deniers.config.istio.io" configured
customresourcedefinition "fluentds.config.istio.io" configured
customresourcedefinition "kubernetesenvs.config.istio.io" configured
customresourcedefinition "listcheckers.config.istio.io" configured
customresourcedefinition "memquotas.config.istio.io" configured
customresourcedefinition "noops.config.istio.io" configured
customresourcedefinition "opas.config.istio.io" configured
customresourcedefinition "prometheuses.config.istio.io" configured
customresourcedefinition "rbacs.config.istio.io" configured
customresourcedefinition "redisquotas.config.istio.io" configured
customresourcedefinition "servicecontrols.config.istio.io" configured
customresourcedefinition "signalfxs.config.istio.io" configured
customresourcedefinition "solarwindses.config.istio.io" configured
customresourcedefinition "stackdrivers.config.istio.io" configured
customresourcedefinition "statsds.config.istio.io" configured
customresourcedefinition "stdios.config.istio.io" configured
customresourcedefinition "apikeys.config.istio.io" configured
customresourcedefinition "authorizations.config.istio.io" configured
customresourcedefinition "checknothings.config.istio.io" configured
customresourcedefinition "kuberneteses.config.istio.io" configured
customresourcedefinition "listentries.config.istio.io" configured
customresourcedefinition "logentries.config.istio.io" configured
customresourcedefinition "edges.config.istio.io" configured
customresourcedefinition "metrics.config.istio.io" configured
customresourcedefinition "quotas.config.istio.io" configured
customresourcedefinition "reportnothings.config.istio.io" configured
customresourcedefinition "servicecontrolreports.config.istio.io" configured
customresourcedefinition "tracespans.config.istio.io" configured
customresourcedefinition "rbacconfigs.rbac.istio.io" configured
customresourcedefinition "serviceroles.rbac.istio.io" configured
customresourcedefinition "servicerolebindings.rbac.istio.io" configured
customresourcedefinition "adapters.config.istio.io" configured
customresourcedefinition "instances.config.istio.io" configured
customresourcedefinition "templates.config.istio.io" configured
customresourcedefinition "handlers.config.istio.io" configured
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  clear
[Captains-Bay]🚩 >  ls
LICENSE     bin     istio.VERSION   tools
README.md   install     samples
s.yaml -n istio-systemectl apply -f install/kubernetes/helm/istio/templates/crd
customresourcedefinition "virtualservices.networking.istio.io" configured
customresourcedefinition "destinationrules.networking.istio.io" configured
customresourcedefinition "serviceentries.networking.istio.io" configured
customresourcedefinition "gateways.networking.istio.io" configured
customresourcedefinition "envoyfilters.networking.istio.io" configured
customresourcedefinition "policies.authentication.istio.io" created
customresourcedefinition "meshpolicies.authentication.istio.io" created
customresourcedefinition "httpapispecbindings.config.istio.io" configured
customresourcedefinition "httpapispecs.config.istio.io" configured
customresourcedefinition "quotaspecbindings.config.istio.io" configured
customresourcedefinition "quotaspecs.config.istio.io" configured
customresourcedefinition "rules.config.istio.io" configured
customresourcedefinition "attributemanifests.config.istio.io" configured
customresourcedefinition "bypasses.config.istio.io" configured
customresourcedefinition "circonuses.config.istio.io" configured
customresourcedefinition "deniers.config.istio.io" configured
customresourcedefinition "fluentds.config.istio.io" configured
customresourcedefinition "kubernetesenvs.config.istio.io" configured
customresourcedefinition "listcheckers.config.istio.io" configured
customresourcedefinition "memquotas.config.istio.io" configured
customresourcedefinition "noops.config.istio.io" configured
customresourcedefinition "opas.config.istio.io" configured
customresourcedefinition "prometheuses.config.istio.io" configured
customresourcedefinition "rbacs.config.istio.io" configured
customresourcedefinition "redisquotas.config.istio.io" configured
customresourcedefinition "servicecontrols.config.istio.io" configured
customresourcedefinition "signalfxs.config.istio.io" configured
customresourcedefinition "solarwindses.config.istio.io" configured
customresourcedefinition "stackdrivers.config.istio.io" configured
customresourcedefinition "statsds.config.istio.io" configured
customresourcedefinition "stdios.config.istio.io" configured
customresourcedefinition "apikeys.config.istio.io" configured
customresourcedefinition "authorizations.config.istio.io" configured
customresourcedefinition "checknothings.config.istio.io" configured
customresourcedefinition "kuberneteses.config.istio.io" configured
customresourcedefinition "listentries.config.istio.io" configured
customresourcedefinition "logentries.config.istio.io" configured
customresourcedefinition "edges.config.istio.io" configured
customresourcedefinition "metrics.config.istio.io" configured
customresourcedefinition "quotas.config.istio.io" configured
customresourcedefinition "reportnothings.config.istio.io" configured
customresourcedefinition "servicecontrolreports.config.istio.io" configured
customresourcedefinition "tracespans.config.istio.io" configured
customresourcedefinition "rbacconfigs.rbac.istio.io" configured
customresourcedefinition "serviceroles.rbac.istio.io" configured
customresourcedefinition "servicerolebindings.rbac.istio.io" configured
customresourcedefinition "adapters.config.istio.io" configured
customresourcedefinition "instances.config.istio.io" configured
customresourcedefinition "templates.config.istio.io" configured
customresourcedefinition "handlers.config.istio.io" configured
Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  kubectl apply -f install/kubernetes/istio-demo-auth.yaml
namespace "istio-system" configured
configmap "istio-galley-configuration" unchanged
configmap "istio-grafana-custom-resources" unchanged
configmap "istio-statsd-prom-bridge" unchanged
configmap "prometheus" unchanged
configmap "istio-security-custom-resources" configured
configmap "istio" configured
configmap "istio-sidecar-injector" unchanged
serviceaccount "istio-galley-service-account" unchanged
serviceaccount "istio-egressgateway-service-account" unchanged
serviceaccount "istio-ingressgateway-service-account" unchanged
serviceaccount "istio-grafana-post-install-account" unchanged
clusterrole "istio-grafana-post-install-istio-system" configured
clusterrolebinding "istio-grafana-post-install-role-binding-istio-system" configured
job "istio-grafana-post-install" unchanged
 "destinationrules.networking.istio.io" configured

...
rule "promtcp" configured
kubernetesenv "handler" configured
rule "kubeattrgenrulerule" configured
rule "tcpkubeattrgenrulerule" configured
kubernetes "attributes" configured
destinationrule "istio-policy" configured
destinationrule "istio-telemetry" configured
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode

Check Status

All the services are deployed as Pods.

[Captains-Bay]🚩 >  kubectl get pods -n istio-system
NAME                                        READY     STATUS    RESTARTS   AGE
grafana-66469c4d95-h8srb                    1/1       Running   0          8m
istio-citadel-5799b76c66-rs9z9              1/1       Running   0          8m
istio-egressgateway-657f449d77-grlb9        1/1       Running   0          1m
istio-galley-5bf4d6b8f7-xg5n7               1/1       Running   0          8m
istio-ingressgateway-b55bc6bbb-pt58w        1/1       Running   0          1m
istio-pilot-c8ff8c54-n86f9                  0/2       Pending   0          1m
istio-policy-566866947b-dg6x2               2/2       Running   0          1m
istio-sidecar-injector-5b5fcf4df6-pdd79     1/1       Running   0          8m
istio-statsd-prom-bridge-7f44bb5ddb-psfqs   1/1       Running   0          8m
istio-telemetry-5966685789-zcvpq            2/2       Running   0          1m
istio-tracing-ff94688bb-hcm7g               1/1       Running   0          8m
prometheus-84bd4b9796-xfqxx                 1/1       Running   0          8m
servicegraph-7875b75b4f-qhv67               1/1       Running   0          8m
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode
[Captains-Bay]🚩 >  kubectl get svc --namespace istio-system
NAME                       TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                                                                                                     AGE
grafana                    ClusterIP      10.101.62.143    <none>        3000/TCP                                                                                                    10m
istio-citadel              ClusterIP      10.101.219.141   <none>        8060/TCP,9093/TCP                                                                                           10m
istio-egressgateway        ClusterIP      10.96.125.10     <none>        80/TCP,443/TCP                                                                                              10m
istio-galley               ClusterIP      10.100.66.185    <none>        443/TCP,9093/TCP                                                                                            10m
istio-ingressgateway       LoadBalancer   10.97.165.8      localhost     80:31380/TCP,443:31390/TCP,31400:31400/TCP,15011:32180/TCP,8060:30450/TCP,15030:30141/TCP,15031:30799/TCP   10m
istio-pilot                ClusterIP      10.103.46.117    <none>        15010/TCP,15011/TCP,8080/TCP,9093/TCP                                                                       10m
istio-policy               ClusterIP      10.96.209.119    <none>        9091/TCP,15004/TCP,9093/TCP                                                                                 10m
istio-sidecar-injector     ClusterIP      10.110.45.147    <none>        443/TCP                                                                                                     10m
istio-statsd-prom-bridge   ClusterIP      10.96.63.79      <none>        9102/TCP,9125/UDP                                                                                           10m
istio-telemetry            ClusterIP      10.108.169.175   <none>        9091/TCP,15004/TCP,9093/TCP,42422/TCP                                                                       10m
jaeger-agent               ClusterIP      None             <none>        5775/UDP,6831/UDP,6832/UDP                                                                                  10m
jaeger-collector           ClusterIP      10.97.14.10      <none>        14267/TCP,14268/TCP                                                                                         10m
jaeger-query               ClusterIP      10.104.91.111    <none>        16686/TCP                                                                                                   10m
prometheus                 ClusterIP      10.101.170.27    <none>        9090/TCP                                                                                                    10m
servicegraph               ClusterIP      10.97.248.121    <none>        8088/TCP                                                                                                    10m
tracing                    ClusterIP      10.110.201.178   <none>        80/TCP                                                                                                      10m
zipkin                     ClusterIP      10.100.105.4     <none>        9411/TCP                                                                                                    10m
[Captains-Bay]🚩 >
Enter fullscreen mode Exit fullscreen mode
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .