Open3
Mesh Week: Istio installation, upgrade and configuration (# 1)
I tried the mock exam provided by Mesh Week at the following link:
Question: Istio installation, upgrade and configuration
Create an IstioOperator resource you can use to deploy Istio with the following configuration:
Two ingress gateways:
payments-ingress
, deployed to the payments
namespace
frontend-ingress
, deployed to the frontend
namespace
Single egress gateway:
cluster-egress
, deployed to the egress
namespace
Also update the Pilot component and set the CPU requests to 750m
and memory to 4096Mi
.
Answer
# Dump the demo profile of Istio into a YAML file for customization
$ istioctl profile dump demo > iop.yaml
# YAML configuration for customizing the IstioOperator
$ vi iop.yaml
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
components:
base:
enabled: true
egressGateways: # change
- enabled: true
name: cluster-egress
namespace: egress
ingressGateways: # change
- enabled: true
name: payments-ingress
namespace: payments
- enabled: true
name: frontend-ingress
namespace: frontend
pilot:
enabled: true
k8s: #add
resources:
requests:
cpu: 750m
memory: 4096Mi
hub: docker.io/istio
profile: demo
tag: 1.23.0
values:
defaultRevision: ""
gateways:
istio-egressgateway: {}
istio-ingressgateway: {}
global:
configValidation: true
istioNamespace: istio-system
profile: demo
# Create namespaces for custom ingress and egress gateways:
# - 'payments' for the payments-ingress gateway
# - 'frontend' for the frontend-ingress gateway
# - 'egress' for the cluster-egress gateway
$ kubectl create ns payments
$ kubectl create ns frontend
$ kubectl create ns egress
# Install Istio using the customized IstioOperator YAML file (iop.yaml)
$ istioctl install -f iop.yaml
# Check if all resources are successfully deployed in the relevant namespaces:
# - 'istio-system' for Istio's core components
# - 'egress' for the cluster-egress gateway
# - 'payments' for the payments-ingress gateway
# - 'frontend' for the frontend-ingress gateway
$ kubectl get all -n istio-system
$ kubectl get all -n egress
$ kubectl get all -n payments
$ kubectl get all -n frontend