Open in app

Sign in

Write

Sign in

ISTIO service mesh installtation

Bala Bhaskara Rao Guntupalli
2 min readOct 21, 2020

as on the date 21-oct-2020, present stable version is istio 1.7

Isito broadly divided into two types. 1. before istio 1.5 and 2. FROM istio 1.5 version onwards

table of contents

  • 1. istio 1.2.2 installation with helm3
  • 2. istio 1.7 installation with helm3
  • notes: k*S cluster require more memory and more CPU

Istio 1.2.2 installation

  • authenticate K8S cluster

STEP1: DOWNLOAD ISTIO 1.2.2 CODE

run the below commads one by one
curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.2.2 sh -
cd istio-1.2.2
kubectl create namespace istio-systemstep3: run helm chart one by below commandhelm template istio-init install/kubernetes/helm/istio-init  --namespace istio-system | kubectl apply -f -step4: verify CRDS by bewlow command
kubectl get crds | grep 'istio.io\|certmanager.k8s.io' | wc -l
* note: the above command displays the message of "23"* before going to run the below command, we have to change two files
cd install/kubernetes/helm/istio/charts/gateways/templates
vi role.yaml* in the line number 4, remove and add the content like below 
{{- if and ($spec.sds) (eq $spec.sds.enabled true) }}
* save and exit* 2 . vi rolebinding.yaml * in the line number 4, remove and add the content like below 
{{- if and ($spec.sds) (eq $spec.sds.enabled true) }}
* save and exit

for more refer this link

helm template istio install/kubernetes/helm/istio --namespace istio-system --set gateways.istio-egressgateway.enabled=false --set gateways.istio-ingressgateway.sds.enabled=true | kubectl apply -f -
  • then istio installation was completed
ISTIO 1.5 onwards* authenticate K8s cluster
* K8s clsuter must have greater 1.6 version
curl -L https://istio.io/downloadIstio | sh -
cd istio-*
cd bin
sudo cp istioctl /usr/local/bin   --> in the case of ubuntu or linux osistioctl install --set profile=demo  :--> this command only installtion istio* kubectl label namespace default istio-injection=enabled   
notes:  if deploys envoy proxy sidecar container if the namespace has label of "istio-injection=enabled" otherwise not
Istio Service Mesh
Isito Installation
Service Mesh

--

--

Bala Bhaskara Rao Guntupalli

Written by Bala Bhaskara Rao Guntupalli

23 Followers

senior cloud & DevOps engineer

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams