Prepare Minikube With Istio


Prepare Minikube With Istio

In this tutorial, we are going to discuss more about how to prepare minikube with Istio and the Istio installation as well as the sample application we installed as a part of the minikube installation.

In the previous tutorial I installed Istio in my cluster node and added that as a part of the path. So that the Istioctl will work from any location. So whenever I provide the command, istioctl its going to provide the notes on the usage.

[email protected]:~# istioctl 
Istio configuration command line utility for service operators to
debug and diagnose their Istio mesh.
Usage:
  istioctl [command]
Available Commands:
  admin          Manage control plane (istiod) configuration
  analyze        Analyze Istio configuration and print validation messages
  bug-report     Cluster information and log capture support tool.
  dashboard      Access to Istio web UIs
  experimental   Experimental commands that may be modified or deprecated
  help           Help about any command
  install        Applies an Istio manifest, installing or reconfiguring Istio on a cluster.
  kube-inject    Inject Envoy sidecar into Kubernetes pod resources
  manifest       Commands related to Istio manifests
  operator       Commands related to Istio operator controller.
  profile        Commands related to Istio configuration profiles
  proxy-config   Retrieve information about proxy configuration from Envoy [kube only]
  proxy-status   Retrieves the synchronization status of each Envoy in the mesh [kube only]
  upgrade        Upgrade Istio control plane in-place
  validate       Validate Istio policy and rules files
  verify-install Verifies Istio Installation Status
  version        Prints out build version information

.......................
.......................

That means the istioctl its able to recognize. I can check the status of minikube.

[email protected]:~# minikube status
minikube
type: Control Plane
host: Stopped
kubelet: Stopped
apiserver: Stopped
kubeconfig: Stopped

It is in the stopped state. I can go ahead and start them.

[email protected]:~# minikube start 
😄  minikube v1.20.0 on Ubuntu 20.04 (vbox/amd64)
    ▪ KUBECONFIG=/var/snap/microk8s/current/credentials/kubelet.config
✨  Using the none driver based on existing profile
👍  Starting control plane node minikube in cluster minikube
🔄  Restarting existing none bare metal machine for "minikube" …
ℹ️  OS release is Ubuntu 20.04.2 LTS
🐳  Preparing Kubernetes v1.20.2 on Docker 20.10.2 …
    ▪ kubelet.resolv-conf=/run/systemd/resolve/resolv.conf
🤹  Configuring local host environment …
❗  The 'none' driver is designed for experts who need to integrate with an existing VM
💡  Most users should use the newer 'docker' driver instead, which does not require root!
📘  For more information, see: https://minikube.sigs.k8s.io/docs/reference/drivers/none/
❗  kubectl and minikube configuration will be stored in /root
❗  To use kubectl or minikube commands as your own user, you may need to relocate them. For example, to overwrite your own settings, run:
 ▪ sudo mv /root/.kube /root/.minikube $HOME ▪ sudo chown -R $USER $HOME/.kube $HOME/.minikube
💡  This can also be done automatically by setting the env var CHANGE_MINIKUBE_NONE_USER=true
🔎  Verifying Kubernetes components…
    ▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟  Enabled addons: default-storageclass, storage-provisioner
🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

If any POD if it is deployed, for example the sample applications it will be existing and it’s going to restart them.

The very important point to be noted, Let me remind once again always make sure the istio-injection=enabled label is added to the namespace where you are going to work with Istio. In our case, we enabled the Istio injection as a part of the default namespace.

I can make sure and verify whether the label is added using the describe command

[email protected]:~# kubectl describe namespace default
Name:         default
Labels:       injection=enabled
              istio-injection=enabled
Annotations:  
Status:       Active
No resource quota.
No LimitRange resource.

So here I do have the label istio-injection=enabled. So any POD that is getting created within this specific namespace will have two containers within it. That’s why any POD that is getting created within this namespace will be having two containers.

Get PODs and Deployments

Let me go ahead and get all the PODs and deployments available. As I have already installed the Istio I do have the deployment for the Istio system. And when it comes to the pods I do have the pods for the Istio system as well as the kube system.

[email protected]:~/istio-1.10.0# kubectl get deployment --all-namespaces
NAMESPACE      NAME                   READY   UP-TO-DATE   AVAILABLE   AGE
istio-system   istio-egressgateway    1/1     1            1           17h
istio-system   istio-ingressgateway   1/1     1            1           17h
istio-system   istiod                 1/1     1            1           17h
kube-system    coredns                1/1     1            1           19h
[email protected]:~/istio-1.10.0# kubectl get pods --all-namespaces
NAMESPACE      NAME                                    READY   STATUS    RESTARTS   AGE
istio-system   istio-egressgateway-585f7668fc-x5wvq    1/1     Running   1          17h
istio-system   istio-ingressgateway-8657768d87-w7gdm   1/1     Running   1          17h
istio-system   istiod-56874696b5-rqftq                 1/1     Running   1          17h
kube-system    coredns-74ff55c5b-7hr6l                 1/1     Running   1          19h
kube-system    etcd-cluster-node                       1/1     Running   1          19h
kube-system    kube-apiserver-cluster-node             1/1     Running   1          19h
kube-system    kube-controller-manager-cluster-node    1/1     Running   1          19h
kube-system    kube-proxy-g2qth                        1/1     Running   1          19h
kube-system    kube-scheduler-cluster-node             1/1     Running   1          19h
kube-system    storage-provisioner                     1/1     Running   2          19h

These are all the pods that are required for the Kubernetes to work and got started because of the minikube installation.

We will be having detailed discussion about each and every POD and its role later when we are discussing about the architecture.

Sample Application Example

Now, let me go ahead and add the sample application by running the bookinfo.yaml file available as a part of samples folder.

I’m going to run the book info yaml file available within the samples folder.

[email protected]:~/istio-1.10.0# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml 
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created

This is going to deploy all the required entities like deployments, services, service account, pods and all the entities would get created.

Now, let me go ahead and check all the entities as a part of the default namespace, as I did not provide any namespace It’s going to get created within the default namespace.

[email protected]:~/istio-1.10.0# kubectl get pods
NAME                              READY   STATUS    RESTARTS   AGE
details-v1-79f774bdb9-km2kh       2/2     Running   0          2m20s
productpage-v1-6b746f74dc-4nrzr   2/2     Running   0          2m20s
ratings-v1-b6994bb9-rrdqc         2/2     Running   0          2m20s
reviews-v1-545db77b95-6dccl       2/2     Running   0          2m20s
reviews-v2-7bf8c9648f-njnkh       2/2     Running   0          2m20s
reviews-v3-84779c7bbc-qpjfm       2/2     Running   0          2m20s

Finally, it’s going to create two containers within the pod. As we discussed earlier It’s going to inject the proxy container as a part of each and every pod.

The reason, because we do have the label istio-injection=enabled added as part of the default namespace. I can get the details about any single pod using describe pod command. So within the pod I do have two containers. One is istio proxy container and another one is bookinfo details.

Now, this particular application is up and running and we need to have a way to access this particular application. I can go ahead and use the curl and access in the port 9080. That’s where the service is running.

List Services

Let me go ahead and get all the services running using the command kubectl get services.

[email protected]:~/istio-1.10.0# kubectl get services
NAME          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
details       ClusterIP   10.98.97.147       <none>      9080/TCP   9m19s
kubernetes    ClusterIP   10.96.0.1          <none>      443/TCP    19h
productpage   ClusterIP   10.105.162.110     <none>      9080/TCP   9m19s
ratings       ClusterIP   10.104.111.31      <none>      9080/TCP   9m19s
reviews       ClusterIP   10.102.103.237     <none>      9080/TCP   9m19s

So the product page is running in the port 9080 and it is accessible from the cluster IP address 10.105.162.110. If I have a external IP address then I can access it directly or I need to expose this to access the application.

Prepare Minikube With Istio

Scroll to top