What is Istio?

Running Microservices or any load under a Kubernetes cluster that includes more than one server, under a microservice architecture or even a traditional application that needs to access other resources requires functionality to:

  • Load Balance traffic, external o internal
  • Control failures, retries, routing
  • Apply limits and monitor network traffic between services
  • Secure communication

Developing that functionality by ourselves or integrating different solutions to obtain those capabilities requires an advanced knowledge of networking protocols, and distributed architectures. It is hard to do it right and, in my opinion pointless.

In IT Wonder Lab, I always recommend to be pragmatic, it is of course possible to develop that functionality by our selves, but our effort should be better used in solving business and people problems instead of reinventing the wheel.

Istio for Kubernetes provides a service mesh for microservices that solves all those problems. Istio is an open source project created by teams from Google, IBM and Lyft.

Istio under VirtualBox

In a previous tutorial I showed How to Install a Kubernetes Cluster using Vagrant and Ansible, in this tutorial I show how to add Istio as a service mesh for that Kubernetes Cluster.

Installing Istio for Kubernetes under VirtualBox has some peculiarities that need to be addressed to obtain a successful Kubernetes with Istio local development cluster:

  • Resource usage: default CPU and Memory requirements for Istio are too high for most VirtualBox configurations.
  • Lack of external o Cloud Load Balancer: by default it is not possible to access Istio and Helm (a package manager) in a VirtualBox installation as there is no external or Cloud Load Balancer.

Instructions to install Istio in a VirtualBox Kubernetes Cluster

  • Follow How to Install a Kubernetes Cluster using Vagrant and Ansible tutorial.
  • Make sure the Kubernetes Cluster is running and execute the following instructions on the host running the VirtualBox service (your PC)
  • Download Istio, we will be using Istio release 1.1.3.
  • Download Helm (a package manager for Kubernetes), we will be using Helm release 2.13.1.
  • Install Tiller, the Helm services in Kubernetes.

Click on the play button to see the installation of Istio in Kubernetes using VirtualBox and Vagrant.

 

  • Publish Tiller using a NodePort (This is needed to access the Tillerm, the Helm services, from outside VirtualBox)
    • Create tillerNodePort.yaml file with the following content

    • Create the NodePort in Kubernetes

  • Define HELM_HOST so that Helm client knows how to access Tiller.
  • Configure and initialize Istio in Kubernetes with limited resources.
  • Install Istio using a NodePort instead of default Load Balancer and configure it to use limited resources.

Check Istio Installation

List all Kubernetes resources to check that all pods are  running and replicas ready:

Prometheus, Jaeger, Grafana and Kiali in Kubernetes

Istio deploys the following software:

  • Prometheus: scrapes and stores time series data using service discovery. It is used to record status data about every aspect of the Kubernetes Cluster nodes, Istio mesh and deployments.
  • Jaeger: it is a distributed tracing system developed by Uber, it provides context propagation, transaction monitoring, service dependency, performance and latency analysis for distributed applications.
  • Grafana: uses Prometheus as a data source to visualize different dashboards with metrics from the services deployed in the Kubernetes Cluster.
  • Kiali: visualizes the service mesh topology in Kubernetes showing the status of the applications and its individual components and connections. It also provides an  interface to edit Istio configuration objects, like virtual services.

To access the dashboards using a web browser from the client machine a proxy is needed as the services listen in a Cluster IP.

During development a NodePort can be used to insecurely publish each service.

Create the file istio-services.yaml with the following content:

Apply the file to the Kubernetes cluster:

Access the services using a web browser:

 

Categories: KubernetesTutorial

1
Leave a Reply

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
0 Comment authors
Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
trackback

[…] Installing Istio in Kubernetes under VirtualBox (without Minikube) for a tutorial on installing Istio in Kubernetes and publishing the Istio Gateway on VirtualBox as […]