It's Me, Tommy
General https://istio.io/docs/setup/install/istioctl/ Install istioctl client Option 1 brew install istioctl Option 2 Download the latest Istio version from GitHub. curl -L https://istio.io/downloadIstio | sh – cd istio-1.6.1 sudo cp ./bin/istioctl /usr/local/bin/istioctl sudo chmod +x /usr/local/bin/istioctl Optional Enable command-line completion within zshrc. { mkdir -p ~/completions && istioctl collateral –zsh -o ~/completions source ~/completions/_istioctl echo “source […]
Cluster Create a Regional cluster with 3 zones (1 node per zone). List the nodes and labels. We need this to understand which node belongs to which zone. kubectl get nodes –label-columns failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone NAME STATUS ROLES AGE VERSION REGION ZONE gke-itsmetommy-default-pool-5ba92622-dbgg Ready <none> 11m v1.16.8-gke.15 us-west1 us-west1-c gke-itsmetommy-default-pool-65c4a9e0-g4l0 Ready <none> 11m v1.16.8-gke.15 us-west1 us-west1-b gke-itsmetommy-default-pool-fee8f05c-3ghq […]
Install Cert-Manager If you haven’t already, install Cert-Manager. https://itsmetommy.com/2019/06/23/kubernetes-cert-manager-on-gke-using-lets-encrypt/ Install Istio with SDS using Helm Add repo and update https://github.com/istio/istio/releases/ # latest release Add repo. helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.2.6/charts/ Update. helm repo update Install CRD helm install istio.io/istio-init –name istio-init –namespace istio-system Install Istio https://istio.io/docs/tasks/traffic-management/ingress/secure-ingress-sds/ helm install istio.io/istio –name istio \ –namespace istio-system \ –set […]
Install Cert-Manager If you haven’t already, install Cert-Manager. https://itsmetommy.com/2019/06/23/kubernetes-cert-manager-on-gke-using-lets-encrypt/ Enable Istio in GKE Verify { kubectl get service -n istio-system kubectl get pods -n istio-system } Enable Istio on namespace kubectl label ns itsmetommy istio-injection=enabled Create Certificate cat <<EOF > itsmetommy-certificate.yaml apiVersion: certmanager.k8s.io/v1alpha1 kind: Certificate metadata: name: itsmetommy-yourdomain-com-tls namespace: istio-system spec: secretName: itsmetommy-yourdomain-com-tls commonName: ‘*.itsmetommy.yourdomain.com’ […]
I showed you how to create a GKE cluster with Terraform in a previous post. When I went to enable Istio, it wasn’t as simple as I thought. I ended up having to add an additional google-beta provider, along with having to add this google-beta provider within the google_container_cluster resource. Update gkecluster/provider.tf https://www.terraform.io/docs/providers/google/provider_versions.html You can […]