Open3

Mesh Week: Istio installation, upgrade and configuration (# 1)

takashi.kanazawatakashi.kanazawa

I tried the mock exam provided by Mesh Week at the following link:

https://docs.google.com/forms/d/e/1FAIpQLSfD4BLLQfdUwnIyiTBSGC_OzmSbiyrIlNp5Am61fTOhRbfiLw/viewform

Question: Istio installation, upgrade and configuration

Create an IstioOperator resource you can use to deploy Istio with the following configuration:

Two ingress gateways:
payments-ingress, deployed to the payments namespace
frontend-ingress, deployed to the frontend namespace

Single egress gateway:
cluster-egress, deployed to the egress namespace

Also update the Pilot component and set the CPU requests to 750m and memory to 4096Mi .

takashi.kanazawatakashi.kanazawa

Answer

# Dump the demo profile of Istio into a YAML file for customization
$ istioctl profile dump demo > iop.yaml

# YAML configuration for customizing the IstioOperator
$ vi iop.yaml
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
  components:
    base:
      enabled: true
    egressGateways: # change
    - enabled: true
      name: cluster-egress
      namespace: egress
    ingressGateways: # change
    - enabled: true
      name: payments-ingress
      namespace: payments
    - enabled: true
      name: frontend-ingress
      namespace: frontend
    pilot:
      enabled: true
      k8s: #add
        resources:
          requests:
            cpu: 750m
            memory: 4096Mi
  hub: docker.io/istio
  profile: demo
  tag: 1.23.0
  values:
    defaultRevision: ""
    gateways:
      istio-egressgateway: {}
      istio-ingressgateway: {}
    global:
      configValidation: true
      istioNamespace: istio-system
    profile: demo

# Create namespaces for custom ingress and egress gateways:
# - 'payments' for the payments-ingress gateway
# - 'frontend' for the frontend-ingress gateway
# - 'egress' for the cluster-egress gateway
$ kubectl create ns payments
$ kubectl create ns frontend
$ kubectl create ns egress

# Install Istio using the customized IstioOperator YAML file (iop.yaml)
$ istioctl install -f iop.yaml

# Check if all resources are successfully deployed in the relevant namespaces:
# - 'istio-system' for Istio's core components
# - 'egress' for the cluster-egress gateway
# - 'payments' for the payments-ingress gateway
# - 'frontend' for the frontend-ingress gateway
$ kubectl get all -n istio-system
$ kubectl get all -n egress
$ kubectl get all -n payments
$ kubectl get all -n frontend