Istio playbook

Cloud platforms provide a wealth of benefits for the organizations that use them. However, there’s no denying that adopting the cloud can put strains on DevOps teams. Developers must use microservices to architect for portability, meanwhile operators are managing extremely large hybrid and multi-cloud deployments. Istio lets you connect, secure, control, and observe services.

First, download Istio release version, unzip the package and enter the directory.

Second, verify installation environment

bin/istioctl verify-install

Next, deploy Istio and select the demo profile which enable many features like tracing/kiali/grafana

bin/istioctl manifest apply --set profile=demo

Then, check Istio pods’ status, make sure all the related pods are running

Istio Commands

  • authn: Interact with Istio authentication policies
  • authz: (authz is experimental. Use istioctl experimental authz)
  • convert-ingress: Convert Ingress configuration into Istio VirtualService configuration
  • dashboard: Access to Istio web UIs like kiali, grafana, prometheus, jaeger
  • deregister: De-registers a service instance
  • experimental: Experimental commands that may be modified or deprecated
  • help: Help about any command
  • kube-inject: Inject Envoy sidecar into Kubernetes pod resources
  • manifest: Commands related to Istio manifests
  • profile: Commands related to Istio configuration profiles
  • proxy-config: Retrieve information about proxy configuration from Envoy [kube only]
  • proxy-status: Retrieves the synchronization status of each Envoy in the mesh [kube only]
  • register: Registers a service instance (e.g. VM) joining the mesh
  • validate: Validate Istio policy and rules
  • verify-install: Verifies Istio Installation Status or performs pre-check for the cluster before Istio installation
  • version: Prints out build version information