It's Me, Tommy
General https://istio.io/docs/setup/install/istioctl/ Install istioctl client Option 1 brew install istioctl Option 2 Download the latest Istio version from GitHub. curl -L https://istio.io/downloadIstio | sh – cd istio-1.10.2 sudo cp ./bin/istioctl /usr/local/bin/istioctl sudo chmod +x /usr/local/bin/istioctl Optional Enable command-line completion within zshrc. { mkdir -p ~/completions && istioctl collateral –zsh -o ~/completions source ~/completions/_istioctl echo “source […]
Cluster Create a Regional cluster with 3 zones (1 node per zone). List the nodes and labels. We need this to understand which node belongs to which zone. kubectl get nodes –label-columns failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone NAME STATUS ROLES AGE VERSION REGION ZONE gke-itsmetommy-default-pool-5ba92622-dbgg Ready <none> 11m v1.16.8-gke.15 us-west1 us-west1-c gke-itsmetommy-default-pool-65c4a9e0-g4l0 Ready <none> 11m v1.16.8-gke.15 us-west1 us-west1-b gke-itsmetommy-default-pool-fee8f05c-3ghq […]
Create Halyard Instance w/ Persistent Disk Click CREATE INSTANCE. Important: Make sure to create your instance in the same network/zone as your Kubernetes cluster. Input Name, Region, Zone and Machine type. Select Ubuntu 18.04 LTS Minimal boot disk. Click Management, security, disks, networking, sole tenancy. Select the Disks tab. Under Additional disks, click the + […]
Install Cert-Manager If you haven’t already, install Cert-Manager. https://itsmetommy.com/2019/06/23/kubernetes-cert-manager-on-gke-using-lets-encrypt/ Install Istio with SDS using Helm Add repo and update https://github.com/istio/istio/releases/ # latest release Add repo. helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.2.6/charts/ Update. helm repo update Install CRD helm install istio.io/istio-init –name istio-init –namespace istio-system Install Istio https://istio.io/docs/tasks/traffic-management/ingress/secure-ingress-sds/ helm install istio.io/istio –name istio \ –namespace istio-system \ –set […]
Install Cert-Manager If you haven’t already, install Cert-Manager. https://itsmetommy.com/2019/06/23/kubernetes-cert-manager-on-gke-using-lets-encrypt/ Enable Istio in GKE Verify { kubectl get service -n istio-system kubectl get pods -n istio-system } Enable Istio on namespace kubectl label ns itsmetommy istio-injection=enabled Create Certificate cat <<EOF > itsmetommy-certificate.yaml apiVersion: certmanager.k8s.io/v1alpha1 kind: Certificate metadata: name: itsmetommy-yourdomain-com-tls namespace: istio-system spec: secretName: itsmetommy-yourdomain-com-tls commonName: ‘*.itsmetommy.yourdomain.com’ […]