ISTIO Installation on EKS
What is Istio?
Typically architected as distributed collections of microservices, with each collection of microservices performing some discrete business function. A service mesh is a dedicated infrastructure layer that you can add to your applications. It allows you to transparently add capabilities like observability, traffic management, and security, without adding them to your own code. The term “service mesh” describes both the type of software you use to implement this pattern and the security or network domain that is created when you use that software.
As the deployment of distributed services, such as in a Kubernetes-based system, grows in size and complexity, it can become harder to understand and manage. Its requirements can include discovery, load balancing, failure recovery, metrics, and monitoring. A service mesh also often addresses more complex operational requirements, like A/B testing, canary deployments, rate limiting, access control, encryption, and end-to-end authentication.
Istio Installation
Make sure Kubectl is installed.
https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl-on-windows Follow this link to install.
Istioctl
Download latest version of Istioctl and Istio from https://github.com/istio/istio/releases with names istioctl-1.17.2-win.zip
And unzip the file in any path.
Add Istio path in Environment
- Press the Window Key + X to access the Power User Task Menu.
- In the Power User Task Menu, select the System option.
- In the System > About window, click the Advanced system settings link below the Device specifications section.
- In the System Properties window, click the Advanced tab, if not already selected.
- Click the Environment Variables button near the bottom-right of the Advanced tab.
- In the Environment Variables window, highlight the Path variable in the System variables section and click the Edit button. Add or modify the path lines with the paths you want the computer to access. Each directory path is separated with a semicolon, as shown below.
- In the path define this For example C:\istio\istioctl-1.17.2\bin
Now we need to communicate our Eks service. To communicate we required Access and Secret key.
aws eks update-kubeconfig — region us-west-1 — name eks-name
kubectl get nodes
kubectl get svc
istioctl install — profile=demo
istioctl analyze — all-namespaces
kubectl label namespace default istio-injection=enabled → this is to enable sidecar
TO check istioctl pods.
kubectl get po -n istio-system