To play with Istio and demonstrate some of it's capabilities we will deploy the sample BookInfo application, which is included the Istio package.
This application is polyglot, i.e., the microservices are written in different languages and sample bookinfo application displays information about a book, similar to a single catalog entry of an online book store. Displayed on the page is a description of the book, book details (ISBN, number of pages, and so on), and a few book reviews.
The end-to-end architecture of the application is shown here.
It’s worth noting that these services have no dependencies on Istio, but make an interesting service mesh example, particularly because of the multitude of services, languages and versions for the reviews service.
Sidecars proxy can either manually or automatically injected into your pods.
Automatic sidecar injection requires that your Kubernetes api-server supports admissionregistration.k8s.io/v1beta1 or admissionregistration.k8s.io/v1beta2 APIs. Verify whether your Kubernetes deployment supports these APIs by executing:
kubectl api-versions | grep admissionregistrationIf your environment supports these two APIs, then you may use automatic sidecar injection. As part of Istio deployment in Lab 2, we have deployed the sidecar injector, however, we will not use the automatic sidecar injector in this workshop.
Please note: Our PWK environment will HAVE to use manual injection irrespective of the version of Istio because PWK comes with Kubernetes version 1.8 which does not support admissionregistration.k8s.io/v1beta1 or admissionregistration.k8s.io/v1beta2 APIs. See Appendix 3.A for instructions on automatic sidecar injection.
To do a manual sidecar injection we will be using istioctl command:
curl https://raw.githubusercontent.com/leecalcote/istio-service-mesh-workshop/master/deployment_files/istio-0.8.0/bookinfo.yaml | istioctl kube-inject --debug -f - > newBookInfo.yamlObserving the new yaml file reveals that additional container Istio Proxy has been added to the Pods with necessary configurations:
image: docker.io/istio/proxyv2:0.8.0
imagePullPolicy: IfNotPresent
name: istio-proxy
We need to now deploy the new yaml using kubectl
kubectl apply -f newBookInfo.yamlTo do both in a single command:
kubectl apply -f <(curl https://raw.githubusercontent.com/leecalcote/istio-service-mesh-workshop/master/deployment_files/istio-0.8.0/bookinfo.yaml | istioctl kube-inject --debug -f -)-
Verify that previous deployments are all in a state of AVAILABLE before continuing. Do not procede until they are up and running.
watch kubectl get deployment
-
Inspect the details of the pods
Let us look at the details of the pods:
watch kubectl get po
Let us look at the details of the services:
watch kubectl get svc
Now let us pick a service, for instance productpage service, and view it's sidecar configuration:
kubectl get po kubectl describe pod productpage-v1-.....
Istio, deployed as part of this workshop, will also deploy the sidecar injector. If you are using PWK, please proceed to Deploying Sample App with manual sidecar injection
Let us now verify sidecar injector deployment & label namespace for automatic sidecar injection.
kubectl -n istio-system get deployment -listio=sidecar-injectorOutput:
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
istio-sidecar-injector 1 1 1 1 1dNamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector.
Label the default namespace with istio-injection=enabled
kubectl label namespace default istio-injection=enabledkubectl get namespace -L istio-injectionOutput:
NAME STATUS AGE ISTIO-INJECTION
default Active 1h enabled
istio-system Active 1h
kube-public Active 1h
kube-system Active 1hNow that we have the sidecar injector with mutating webhook in place and the namespace labelled for automatic sidecar injection, we can proceed to deploy the sample app:
kubectl apply -f https://raw.githubusercontent.com/leecalcote/istio-service-mesh-workshop/master/deployment_files/istio-0.8.0/bookinfo.yaml