SockshopにIstioを導入

Instruction

(1) Install k3s

https://docs.k3s.io/installation

(2) Disable traefik

(3) Install commands: kubectl, helm

https://kubernetes.io/docs/tasks/tools/

https://helm.sh/docs/intro/install/

(4) Copy kubectl config to ~/.kube/

mkdir ~/.kube
sudo cp /etc/rancher/k3s.yaml ~/.kube/config
chown -R $USER: ~/.kube

(5) Install Istio

HelmでインストールするとIstio Ingressが正しく動かない.

https://istio.io/latest/docs/setup/install/helm/

以下の手順を使えば良い.

https://istio.io/latest/docs/setup/getting-started/

(6) Create namespace and add label

$ kubectl create namespace sock-shop
$ kubectl label namespace sock-shop istio-injection=enabled

## Check
$ kubectl get ns -L istio-injection
NAME              STATUS   AGE   ISTIO-INJECTION
default           Active   52m
kube-system       Active   52m
kube-public       Active   52m
kube-node-lease   Active   52m
istio-system      Active   40m
istio-ingress     Active   36m   enabled
sock-shop         Active   11s   enabled

(7) Deploy sockshop

https://github.com/microservices-demo/microservices-demo

(8) Install sock-shop

$ cd microservices-demo/deploy/kubernetes/ 
$ kubectl apply -f complete-demo.yaml
Warning: resource namespaces/sock-shop is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
namespace/sock-shop configured
Warning: spec.template.spec.nodeSelector[beta.kubernetes.io/os]: deprecated since v1.14; use "kubernetes.io/os" instead
deployment.apps/carts created
service/carts created
deployment.apps/carts-db created
service/carts-db created
deployment.apps/catalogue created
service/catalogue created
deployment.apps/catalogue-db created
service/catalogue-db created
deployment.apps/front-end created
service/front-end created
deployment.apps/orders created
service/orders created
deployment.apps/orders-db created
service/orders-db created
deployment.apps/payment created
service/payment created
deployment.apps/queue-master created
service/queue-master created
deployment.apps/rabbitmq created
service/rabbitmq created
deployment.apps/session-db created
service/session-db created
deployment.apps/shipping created
service/shipping created
deployment.apps/user created
service/user created
deployment.apps/user-db created
service/user-db created

(9) Check deployments

kubectl get pod -n sock-shop -w
NAME                            READY   STATUS    RESTARTS   AGE
payment-ff86cd6f8-cmwj6         0/2     Pending   0          3m2s
queue-master-747c9f9cf9-rsmnl   0/2     Pending   0          3m2s
session-db-6747f74f56-z9pss     0/2     Pending   0          3m1s
shipping-74586cc59d-72cd2       0/2     Pending   0          2m59s
user-5b695f9cbd-sgx6t           0/2     Pending   0          2m56s
user-db-bcc86b99d-mx8rn         0/2     Pending   0          2m55s
carts-db-84db597c89-f8g64       2/2     Running   0          3m5s
carts-78d7c69cb8-rjkgw          2/2     Running   0          3m5s
orders-6697b9d66d-gvv82         2/2     Running   0          3m4s
catalogue-db-669d5dbf48-smlhd   2/2     Running   0          3m4s
orders-db-5b75567447-697cx      2/2     Running   0          3m4s
rabbitmq-6c7dfd98f6-dwz4v       3/3     Running   0          3m2s
front-end-7d89d49d6b-7gbvt      2/2     Running   0          3m4s
catalogue-7dc9464f59-p9k86      2/2     Running   0          3m4s

Wait a moment until ready for all resources :)

(10) Create resource “Gateway” and “VirtualService”

istio-gateway.yml

apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: sock-shop
spec:
  selector:
    istio: ingressgateway
  servers:
  - hosts:
    - '*'
    port:  # 外部からのIstio IngressGatewayへのアクセスについての定義を記述
      name: http
      number: 80
      protocol: HTTP

istio-virtual-service.yml

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: sock-shop
spec:
  gateways:
  - sock-shop    # 上記の対象Gatewayリソース名
  hosts:
  - '*'
  http:
  - route:
    - destination:      # このリソースが受けたトラフィックをどのServiceへ転送するかを指定(これがNodePortは不要だけどServiceが必要と書いた部分)
        host: front-end
        port:
          number: 80

(10) Apply configuration files

kubectl apply -f istio-gateway.yml -f istio-virtual-service.yml

Check deployments

$ kubectl get gateway,virtualservice
NAME                                    AGE
gateway.networking.istio.io/sock-shop   2m32s

NAME                                           GATEWAYS        HOSTS   AGE
virtualservice.networking.istio.io/sock-shop   ["sock-shop"]   ["*"]   2m32s

Reference