rootsongjc
/
kubernetes-handbook
mirror of https://github.com/rootsongjc/kubernetes-handbook.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

增加安装istio的文章

pull/20/head
Jimmy Song 2017-06-01 20:18:05 +08:00
parent a28c4fed92
commit 427d71b779
14 changed files with 997 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
SUMMARY.md
View File

@ -46,6 +46,9 @@
- [4.4 存储管理](practice/storage.md)
- [4.4.1 使用glusterfs做持久化存储](practice/using-glusterfs-for-persistent-storage.md)
- [5. 领域应用](usecases/index.md)
- [5.1 微服务架构](usecases/microservices.md)
- [5.1.1 Istio](usecases/Istio.md)
- [5.1.1.1 安装istio](usecases/istio-installation.md)
- [6. 开发指南](develop/index.md)
- [6.1 开发环境搭建](develop/developing-environment.md)
- [6.2 单元测试和集成测试](develop/testing.md)

BIN
images/istio-grafana.jpg 100644
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 489 KiB

BIN
images/istio-prometheus.jpg 100644
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 446 KiB

BIN
images/istio-zipkin.jpg 100644
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 196 KiB

218
manifests/istio/bookinfo.yaml 100644
View File

@ -0,0 +1,218 @@
# Copyright 2017 Istio Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
##################################################################################################
# Details service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: details
labels:
app: details
spec:
ports:
- port: 9080
name: http
selector:
app: details
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: details-v1
spec:
replicas: 1
template:
metadata:
labels:
app: details
version: v1
spec:
containers:
- name: details
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-details-v1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
##################################################################################################
# Ratings service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: ratings-v1
spec:
replicas: 1
template:
metadata:
labels:
app: ratings
version: v1
spec:
containers:
- name: ratings
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-ratings-v1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
##################################################################################################
# Reviews service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: reviews-v1
spec:
replicas: 1
template:
metadata:
labels:
app: reviews
version: v1
spec:
containers:
- name: reviews
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-reviews-v1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: reviews-v2
spec:
replicas: 1
template:
metadata:
labels:
app: reviews
version: v2
spec:
containers:
- name: reviews
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-reviews-v2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: reviews-v3
spec:
replicas: 1
template:
metadata:
labels:
app: reviews
version: v3
spec:
containers:
- name: reviews
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-reviews-v3
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
##################################################################################################
# Productpage service
##################################################################################################
apiVersion: v1
kind: Service
metadata:
name: productpage
labels:
app: productpage
spec:
ports:
- port: 9080
name: http
selector:
app: productpage
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: productpage-v1
spec:
replicas: 1
template:
metadata:
labels:
app: productpage
version: v1
spec:
containers:
- name: productpage
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/examples-bookinfo-productpage-v1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
###########################################################################
# Ingress resource (gateway)
##########################################################################
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gateway
annotations:
kubernetes.io/ingress.class: "istio"
spec:
rules:
- http:
paths:
- path: /productpage
backend:
serviceName: productpage
servicePort: 9080
- path: /login
backend:
serviceName: productpage
servicePort: 9080
- path: /logout
backend:
serviceName: productpage
servicePort: 9080
---

50
manifests/istio/grafana.yaml 100644
View File

@ -0,0 +1,50 @@
---
apiVersion: v1
kind: Service
metadata:
name: grafana
spec:
ports:
- port: 3000
protocol: TCP
name: grafana
selector:
app: grafana
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: grafana
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
app: grafana
spec:
containers:
- name: grafana
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/grafana:0.1.5
imagePullPolicy: Always
ports:
- containerPort: 3000
env:
- name: GRAFANA_PORT
value: "3000"
- name: GF_AUTH_BASIC_ENABLED
value: "false"
- name: GF_AUTH_ANONYMOUS_ENABLED
value: "true"
- name: GF_AUTH_ANONYMOUS_ORG_ROLE
value: Admin
- name: GF_PATHS_DATA
value: /data/grafana
volumeMounts:
- mountPath: /data/grafana
name: grafana-data
volumes:
- name: grafana-data
emptyDir: {}
---

112
manifests/istio/istio-rbac-beta.yaml 100644
View File

@ -0,0 +1,112 @@
# Permissions and roles for istio
# To debug: start the cluster with -vmodule=rbac,3 to enable verbose logging on RBAC DENY
# Also helps to enable logging on apiserver 'wrap' to see the URLs.
# Each RBAC deny needs to be mapped into a rule for the role.
# If using minikube, start with '--extra-config=apiserver.Authorization.Mode=RBAC'
#
# NOTE: If deploying istio to a namespace other than 'default' then change the
# ClusterRoleBinding namspace target appropriately.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-manager
rules:
- apiGroups: ["istio.io"]
resources: ["istioconfigs", "istioconfigs.istio.io"]
verbs: ["*"]
- apiGroups: ["extensions"]
resources: ["thirdpartyresources", "thirdpartyresources.extensions", "ingresses", "ingresses/status"]
verbs: ["*"]
- apiGroups: [""]
resources: ["configmaps", "endpoints", "pods", "services"]
verbs: ["*"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-ca
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create", "get", "watch", "list", "update"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["watch", "list"]
---
# Permissions for the sidecar proxy.
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-sidecar
rules:
- apiGroups: ["istio.io"]
resources: ["istioconfigs"]
verbs: ["get", "watch", "list"]
- apiGroups: ["extensions"]
resources: ["thirdpartyresources", "ingresses"]
verbs: ["get", "watch", "list", "update"]
- apiGroups: [""]
resources: ["configmaps", "pods", "endpoints", "services"]
verbs: ["get", "watch", "list"]
---
# Grant permissions to the Manager/discovery.
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-manager-admin-role-binding
subjects:
- kind: ServiceAccount
name: istio-manager-service-account
namespace: default
roleRef:
kind: ClusterRole
name: istio-manager
apiGroup: rbac.authorization.k8s.io
---
# Grant permissions to the Manager/discovery.
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-ca-role-binding
subjects:
- kind: ServiceAccount
name: istio-ca-service-account
namespace: default
roleRef:
kind: ClusterRole
name: istio-ca
apiGroup: rbac.authorization.k8s.io
---
# Grant permissions to the Ingress controller.
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-ingress-admin-role-binding
subjects:
- kind: ServiceAccount
name: istio-ingress-service-account
namespace: default
roleRef:
kind: ClusterRole
name: istio-manager
apiGroup: rbac.authorization.k8s.io
---
# Grant permissions to the sidecar.
# TEMPORARY: the istioctl should generate a separate service account for the proxy, and permission
# granted only to that account !
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: istio-sidecar-role-binding
subjects:
- kind: ServiceAccount
name: default
namespace: default
roleRef:
kind: ClusterRole
name: istio-sidecar
apiGroup: rbac.authorization.k8s.io
---

212
manifests/istio/istio.yaml 100644
View File

@ -0,0 +1,212 @@
# GENERATED FILE. Use with Kubernetes 1.5+
# TO UPDATE, modify files in install/kubernetes/templates and run updateVersion.sh
# Mixer
apiVersion: v1
kind: Service
metadata:
name: istio-mixer
labels:
istio: mixer
spec:
ports:
- name: tcp
port: 9091
- name: configapi
port: 9094
- name: prometheus
port: 42422
selector:
istio: mixer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: istio-mixer
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
istio: mixer
spec:
containers:
- name: mixer
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/mixer:0.1.5
imagePullPolicy: Always
ports:
- containerPort: 9091
- containerPort: 9094
- containerPort: 42422
args:
- --configStoreURL=fs:///etc/opt/mixer/configroot
- --logtostderr
- -v
- "3"
---
# Manager service for discovery
apiVersion: v1
kind: ConfigMap
metadata:
name: istio
data:
mesh: |-
# Uncomment the following line to enable mutual TLS between proxies
# authPolicy: MUTUAL_TLS
mixerAddress: istio-mixer:9091
discoveryAddress: istio-manager:8080
ingressService: istio-ingress
zipkinAddress: zipkin:9411
---
apiVersion: v1
kind: Service
metadata:
name: istio-manager
labels:
istio: manager
spec:
ports:
- port: 8080
name: http-discovery
- port: 8081
name: http-apiserver
selector:
istio: manager
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-manager-service-account
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: istio-manager
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
istio: manager
spec:
serviceAccountName: istio-manager-service-account
containers:
- name: discovery
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/manager:0.1.5
imagePullPolicy: Always
args: ["discovery", "-v", "2"]
ports:
- containerPort: 8080
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: apiserver
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/manager:0.1.5
imagePullPolicy: Always
args: ["apiserver", "-v", "2"]
ports:
- containerPort: 8081
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
---
################################
# Istio ingress controller
################################
apiVersion: v1
kind: Service
metadata:
name: istio-ingress
labels:
istio: ingress
spec:
ports:
- port: 80
# nodePort: 32000
name: http
- port: 443
name: https
selector:
istio: ingress
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-ingress-service-account
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: istio-ingress
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
istio: ingress
spec:
serviceAccountName: istio-ingress-service-account
containers:
- name: istio-ingress
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/proxy_debug:0.1.5
args: ["proxy", "ingress", "-v", "2"]
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 443
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
---
################################
# Istio egress envoy
################################
apiVersion: v1
kind: Service
metadata:
name: istio-egress
spec:
ports:
- port: 80
selector:
istio: egress
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: istio-egress
spec:
replicas: 1
template:
metadata:
labels:
istio: egress
spec:
containers:
- name: proxy
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/proxy_debug:0.1.5
imagePullPolicy: Always
args: ["proxy", "egress", "-v", "2"]
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
---

70
manifests/istio/prometheus.yaml 100644
View File

@ -0,0 +1,70 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: prometheus
data:
prometheus.yml: |-
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'mixer'
# Override the global default and scrape targets from this job every 5 seconds.
scrape_interval: 5s
# metrics_path defaults to '/metrics'
# scheme defaults to 'http'.
static_configs:
- targets: ['istio-mixer:42422']
---
apiVersion: v1
kind: Service
metadata:
annotations:
prometheus.io/scrape: 'true'
labels:
name: prometheus
name: prometheus
spec:
selector:
app: prometheus
ports:
- name: prometheus
protocol: TCP
port: 9090
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: prometheus
spec:
replicas: 1
selector:
matchLabels:
app: prometheus
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
name: prometheus
labels:
app: prometheus
spec:
containers:
- name: prometheus
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/prometheus:v1.1.1
args:
- '-storage.local.retention=6h'
- '-storage.local.memory-chunks=500000'
- '-config.file=/etc/prometheus/prometheus.yml'
ports:
- name: web
containerPort: 9090
volumeMounts:
- name: config-volume
mountPath: /etc/prometheus
volumes:
- name: config-volume
configMap:
name: prometheus
---

33
manifests/istio/servicegraph.yaml 100644
View File

@ -0,0 +1,33 @@
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: servicegraph
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
app: servicegraph
spec:
containers:
- name: servicegraph
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/servicegraph:latest
ports:
- containerPort: 8088
args:
- --prometheusAddr=http://prometheus:9090
---
apiVersion: v1
kind: Service
metadata:
name: servicegraph
spec:
ports:
- name: http
port: 8088
selector:
app: servicegraph
---

39
manifests/istio/zipkin.yaml 100644
View File

@ -0,0 +1,39 @@
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: zipkin
spec:
replicas: 1
template:
metadata:
annotations:
alpha.istio.io/sidecar: ignore
labels:
app: zipkin
spec:
containers:
- name: zipkin
image: sz-pg-oam-docker-hub-001.tendcloud.com/library/zipkin:latest
ports:
- containerPort: 9411
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
---
apiVersion: v1
kind: Service
metadata:
name: zipkin
spec:
#type: NodePort
ports:
- name: http
port: 9411
#nodePort: 30411
selector:
app: zipkin
---

245
usecases/istio-installation.md 100644
View File

@ -0,0 +1,245 @@
# 安装istio
本文根据官网的文档整理而成,步骤包括安装`istio 0.1.5`并创建一个bookinfo的微服务来测试istio的功能。
文中使用的yaml文件可以在[kubernetes-handbook](https://github.com/rootsongjc/kubernetes-handbook)的`manifests/istio`目录中找到,所有的镜像都换成了我的私有镜像仓库地址,请根据官网的镜像自行修改。
## 安装环境
CentOS 7.3.1611
Docker 1.12.6
Kubernetes 1.6.0
## 安装
**1.下载安装包**
下载地址https://github.com/istio/istio/releases
下载Linux版本的当前最新版安装包
```Shell
wget https://github.com/istio/istio/releases/download/0.1.5/istio-0.1.5-linux.tar.gz
```
**2.解压**
解压后,得到的目录结构如下:
```
.
├── bin
│   └── istioctl
├── install
│   └── kubernetes
│   ├── addons
│   │   ├── grafana.yaml
│   │   ├── prometheus.yaml
│   │   ├── servicegraph.yaml
│   │   └── zipkin.yaml
│   ├── istio-auth.yaml
│   ├── istio-rbac-alpha.yaml
│   ├── istio-rbac-beta.yaml
│   ├── istio.yaml
│   ├── README.md
│   └── templates
│   ├── istio-auth
│   │   ├── istio-auth-with-cluster-ca.yaml
│   │   ├── istio-cluster-ca.yaml
│   │   ├── istio-egress-auth.yaml
│   │   ├── istio-ingress-auth.yaml
│   │   └── istio-namespace-ca.yaml
│   ├── istio-egress.yaml
│   ├── istio-ingress.yaml
│   ├── istio-manager.yaml
│   └── istio-mixer.yaml
├── istio.VERSION
├── LICENSE
└── samples
├── apps
│   ├── bookinfo
│   │   ├── bookinfo.yaml
│   │   ├── cleanup.sh
│   │   ├── destination-ratings-test-delay.yaml
│   │   ├── loadbalancing-policy-reviews.yaml
│   │   ├── mixer-rule-additional-telemetry.yaml
│   │   ├── mixer-rule-empty-rule.yaml
│   │   ├── mixer-rule-ratings-denial.yaml
│   │   ├── mixer-rule-ratings-ratelimit.yaml
│   │   ├── README.md
│   │   ├── route-rule-all-v1.yaml
│   │   ├── route-rule-delay.yaml
│   │   ├── route-rule-reviews-50-v3.yaml
│   │   ├── route-rule-reviews-test-v2.yaml
│   │   ├── route-rule-reviews-v2-v3.yaml
│   │   └── route-rule-reviews-v3.yaml
│   ├── httpbin
│   │   ├── httpbin.yaml
│   │   └── README.md
│   └── sleep
│   ├── README.md
│   └── sleep.yaml
└── README.md
11 directories, 41 files
```
从文件里表中可以看到安装包中包括了kubernetes的yaml文件示例应用和安装模板。
**3.安装istioctl**
将`./bin/istioctl`拷贝到你的`$PATH`目录下。
**4.检查RBAC**
因为我们安装的kuberentes版本是1.6.0默认支持RBAC这一步可以跳过。如果你使用的其他版本的kubernetes请参考[官方文档](https://istio.io/docs/tasks/installing-istio.html)操作。
执行以下命令,正确的输出是这样的:
```bash
$ kubectl api-versions | grep rbac
rbac.authorization.k8s.io/v1alpha1
rbac.authorization.k8s.io/v1beta1
```
**5.创建角色绑定**
```bash
$ kubectl create -f install/kubernetes/istio-rbac-beta.yaml
clusterrole "istio-manager" created
clusterrole "istio-ca" created
clusterrole "istio-sidecar" created
clusterrolebinding "istio-manager-admin-role-binding" created
clusterrolebinding "istio-ca-role-binding" created
clusterrolebinding "istio-ingress-admin-role-binding" created
clusterrolebinding "istio-sidecar-role-binding" created
```
注意官网的安装包中的该文件中存在RoleBinding错误应该是集群级别的`clusterrolebinding`而release里的代码只是普通的`rolebinding`查看该Issue [Istio manager cannot list of create k8s TPR when RBAC enabled #327](https://github.com/istio/istio/issues/327)。
**6.安装istio核心组件**
用到的镜像有:
```
docker.io/istio/mixer:0.1.5
docker.io/istio/manager:0.1.5
docker.io/istio/proxy_debug:0.1.5
```
我们暂时不开启[Istio Auth](https://istio.io/docs/concepts/network-and-auth/auth.html)。
> 本文中用到的所有yaml文件中的`type: LoadBalancer`去掉使用默认的ClusterIP然后配置Traefik ingress就可以在集群外部访问。请参考[安装Traefik ingress](practice/traefik-ingress-installation.md)。
```bash
kubectl apply -f install/kubernetes/istio.yaml
```
**7.安装监控插件**
用到的镜像有:
```
docker.io/istio/grafana:0.1.5
quay.io/coreos/prometheus:v1.1.1
gcr.io/istio-testing/servicegraph:latest
docker.io/openzipkin/zipkin:latest
```
为了方便下载,其中两个镜像我备份到了时速云:
```
index.tenxcloud.com/jimmy/prometheus:v1.1.1
index.tenxcloud.com/jimmy/servicegraph:latest
```
安装插件
```bash
kubectl apply -f install/kubernetes/addons/prometheus.yaml
kubectl apply -f install/kubernetes/addons/grafana.yaml
kubectl apply -f install/kubernetes/addons/servicegraph.yaml
kubectl apply -f install/kubernetes/addons/zipkin.yaml
```
在traefik ingress中增加增加以上几个服务的配置。
```Yaml
- host: grafana.istio.io
http:
paths:
- path: /
backend:
serviceName: grafana
servicePort: 3000
- host: servicegraph.istio.io
http:
paths:
- path: /
backend:
serviceName: servicegraph
servicePort: 8088
- host: prometheus.istio.io
http:
paths:
- path: /
backend:
serviceName: prometheus
servicePort: 9090
- host: zipkin.istio.io
http:
paths:
- path: /
backend:
serviceName: zipkin
servicePort: 9411
```
Grafana页面
![Istio Grafana界面](../images/istio-grafana.jpg)
Prometheus页面
![Prometheus页面](../images/istio-prometheus.jpg)
Zipkin页面
![Zipkin页面](../images/istio-zipkin.jpg)
## 测试
我们使用Istio提供的测试应用[bookinfo](https://istio.io/docs/samples/bookinfo.html)微服务来进行测试。
该微服务用到的镜像有:
```
istio/examples-bookinfo-details-v1
istio/examples-bookinfo-ratings-v1
istio/examples-bookinfo-reviews-v1
istio/examples-bookinfo-reviews-v2
istio/examples-bookinfo-reviews-v3
istio/examples-bookinfo-productpage-v1
```
**部署应用**
```
kubectl create -f <(istioctl kube-inject -f samples/apps/bookinfo/bookinfo.yaml)
```
`Istio kube-inject`命令会在`bookinfo.yaml`文件中增加Envoy sidecar信息。参考https://istio.io/docs/reference/commands/istioctl.html#istioctl-kube-inject
## 问题
在bookinfo部署后没有在Grafana、Prometheus、ServiceGraph和Zipkin中看到结果。
## 参考
[Installing Istio](https://istio.io/docs/tasks/installing-istio.html)
[BookInfo sample](https://istio.io/docs/samples/bookinfo.html)

11
usecases/istio.md 100644
View File

@ -0,0 +1,11 @@
# Istio
## 前言
[Istio](https://istio.io)是由Google、IBM和Lyft开源的微服务管理、保护和监控框架。Istio为希腊语意思是“启航”。
## 参考
[Istio开源平台发布Google、IBM和Lyft分别承担什么角色](http://www.leiphone.com/news/201705/RwRlyAs7Mi8pqhSb.html)
[Istio用于微服务的服务啮合层](http://www.infoq.com/cn/news/2017/05/istio?utm_source=news_about_opensource&utm_medium=link&utm_campaign=opensource)

4
usecases/microservices.md 100644
View File

@ -0,0 +1,4 @@
# 微服务架构
- [Istio](istio.md)