ubuntu 22.04 install minikube and istio
1. Use vmware to install ubuntu22.04 server
? The steps are simple, just search it on Baidu yourself
2. Install minikube
Learn from the installation script: https://blog.csdn.net/LeoForBest/article/details/126524892
#!/usr/bin/bash # ~~~~~~~~~ # Ubuntu 22.04 Minikube install # Update Author: yuluo # Usage: bash install-minikube.sh (do not root, use normal user) echo "Preparing environment..." sudo apt-get update -y sudo apt-get install ca-certificates curl gnupg lsb-release apt-transport-https -y function install_docker() {<!-- --> echo "Uninstalling old version of docker..." sudo apt-get remove docker docker-engine docker.io containerd runc -y echo "Adding docker gpg..." sudo mkdir -p /etc/apt/keyrings if [ -f "/etc/apt/keyrings/docker.gpg" ]; then sudo rm /etc/apt/keyrings/docker.gpg fi sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a + r /etc/apt/keyrings/docker.gpg echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list >/dev/null echo "Installing docker..." sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y echo "Adding current user ${<!-- -->USER} to docker group..." sudo usermod -aG docker "$USER" echo "Setting up docker registry domestic image..." if [ -f "/etc/docker/daemon.json" ]; then sudo mv /etc/docker/daemon.json{<!-- -->,.bak} fi cat <<EOF | sudo tee /etc/docker/daemon.json >/dev/null { "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn", "https://registry.docker-cn.com"] } EOF # Change the owner of the docker.sock file to the current user to ensure that minikube starts successfully sudo chown $USER /var/run/docker.sock sudo systemctl restart docker.service echo "Docker installation completed." } function install_kubectl() {<!-- --> \t echo "Downloading and installing kubectl" # Same as minukube # sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux /amd64/kubectl sudo chmod +x ./kubectl sudo mv ./kubectl /usr/local/bin/ echo "kubectl installation completed..." } install_kubectl function install_minikube() {<!-- --> echo "Downloading and installing minikube-linux-amd64..." # Download minikube to the current path in advance. The download is too slow due to network reasons, so comment this step. # sudo curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 sudo install minikube-linux-amd64 /usr/local/bin/minikube echo "Starting minikube..." #minikube Cleared all content, use with caution # minikube delete # --kubernetes-version=v1.23.8 https://github.com/kubernetes/minikube/issues/14477 minikube start minikube status echo "minikube started successfully, minikube installation is complete..." } install_docker # echo "Installing virtualbox..." # This is used when running on a physical Linux machine. If it is already on a vm virtual machine, just run it on bare metal. # sudo apt install virtualbox virtualbox-ext-pack -y install_minikube echo -e "\\ \\ " cat <<EOF *************************************** docker version *************************************** EOF sudo docker version cat <<EOF ******************************************* Set minikube kubectl alias to kubectl ******************************************* EOF # optional echo 'alias kubectl="minikube kubectl --"' >> ~/.profile source ~/.profile cat <<EOF *************************************** kubectl -- get po -A *************************************** EOF kubectl get pods -A echo -e "\\ Add kubectl execution permissions to the root user for the following reasons: because minikube is started under a normal user, there is no minikube application under the root user. Therefore, 8080 refused" will be displayed when used. sudo mkdir -p /root/.kube sudo cp $HOME/.kube/config /root/.kube sudo su echo -e "\\ For more information, please refer to: https://minikube.sigs.k8s.io/docs/start/"
The final effect of the installation is as follows:
yuluo@yuluo-ubuntu:~/minikube$ kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-5d78c9869d-s4hrm 1/1 Running 0 2m57s kube-system etcd-minikube 1/1 Running 0 3m10s kube-system kube-apiserver-minikube 1/1 Running 0 3m10s kube-system kube-controller-manager-minikube 1/1 Running 0 3m10s kube-system kube-proxy-sbpzx 1/1 Running 0 2m57s kube-system kube-scheduler-minikube 1/1 Running 0 3m10s kube-system storage-provisioner 1/1 Running 1 (2m36s ago) 3m9s yuluo@yuluo-ubuntu:~/minikube$
Deploy minikube dashboard
minikube dashboard yuluo@yuluo-ubuntu:~$ kubectl get pods -A | grep dashboard kubernetes-dashboard dashboard-metrics-scraper-5dd9cbfd69-mzxzp 1/1 Running 0 104s kubernetes-dashboard kubernetes-dashboard-5c5cfc8747-np7qt 1/1 Running 0 104s # Configure minikube remote access yuluo@yuluo-ubuntu:~$ kubectl proxy --address='0.0.0.0' --disable-filter=true W1022 09:09:49.061124 193925 proxy.go:175] Request filter disabled, your proxy is vulnerable to XSRF attacks, please be cautious Starting to serve on [::]:8001 Browser access: http://ip:8001/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
3. Test deployment application
1. Writing Go Application
package main import ( "fmt" "log" "net/http" ) func main() {<!-- --> http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {<!-- --> fmt.Fprintln(w, "Hello World!") }) log.Fatalln(http.ListenAndServe(":80", nil)) }
2. Compile
-
go mod init
-
go mod tidy
-
GOOS=linux GOARCH=386 go build -ldflags '-s -w' -o webserver
3. Packaging docker image
# docker build -t leo/webserver . # In order to reduce the size, use scratch, actually use the golang official image FROM scratch COPY ./webserver /webserver CMD ["/webserver"]
4. Build Docker image
# 1. Create go image locally docker build -t yuluo/webserver . (name must be Dockerfile) docker image save yuluo/webserver > webserver.tar # 2. Upload to the docker image library in the minikube virtual machine minikube image load webserver.tar
5. Deployment
1. Deploy Pod
-
Write yaml
apiVersion: v1 Kind: Pod metadata: name: webserver labels: name: webserver spec: containers: - name: webserver image: yuluo/webserver imagePullPolicy: Never resources: limits: memory: "128Mi" cpu: "500m" ports: - containerPort: 80 hostPort: 8080
This field is set to
imagePullPolicy: Never
to use the local image, otherwise it will pull the latest image from the image warehouse and cause failureError: ErrImagePull
At the same time, because the hostPort is set, minikubeIp:8080 can be accessed on the minikube node
-
Deploy to minikube
kubectl apply -f webserver-pod.yaml # The following appears to indicate successful deployment root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE default webserver 1/1 Running 0 7s kube-system coredns-5d78c9869d-s4hrm 1/1 Running 6 (24m ago) 27h
-
View Pod status
kubectl get pods webserver kubectl describe pods webserver root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# kubectl describe pod webserver Name: webserver Namespace: default Priority: 0 Service Account: default Node: minikube/192.168.49.2 # Node ip Start Time: Sat, 21 Oct 2023 04:22:54 + 0000 Labels: name=webserver Annotations: <none> Status: Running IP: 10.244.0.10 # pod ip
-
access test
# Use minikube ssh to access the pod on this node for verification minikube ssh --node minikube curl podIp #The final result is as follows docker@minikube:~$ curl 10.244.0.10 Hello World!
2. Create Service-associated Pod
-
Write yaml resource file
# service apiVersion: v1 Kind: Service metadata: name: webserver-svc spec: selector: name: webserver ports: - port: 80 targetPort: 80 protocol: TCP
The above example defines a ClusterIP Service. Traffic to port 80 on ClusterIP will be forwarded to port 8080 on your Pod (targetPort configuration item), and the Pod carrying the name: webserver label will be added to the Service as an available endpoint for the service
-
Deploy svc
kubectl apply -f webserver-pod.yaml
-
View SVC status
kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 27h webserver-svc ClusterIP 10.103.70.226 <none> 80/TCP 76s # kubectl describe service webserver-svc Use this command to view the relationship between service and pod root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# kubectl describe service webserver-svc Name: webserver-svc Namespace: default Labels: <none> Annotations: <none> Selector: name=webserver Type: ClusterIP IP Family Policy: SingleStack IP Families: IPv4 IP: 10.103.70.226 IPs: 10.103.70.226 Port: <unset> 80/TCP TargetPort: 80/TCP Endpoints: 10.244.0.10:80 Session Affinity: None Events: <none>
-
test access
# service test access minikube ssh --node minikube # Displayed as follows docker@minikube:~$ curl 10.244.0.10 Hello World!
3. Create Ingress exposure service
Ingress is actually a completely different resource from Service. It is a layer of proxy above Service. Ingress is usually used before Service to provide HTTP routing configuration. It allows us to set up external URLs, domain-based virtual hosting, SSL and load balancing. Here nginx-ingress is used as the controller, which uses the NGINX server as a reverse proxy to route traffic to the subsequent Service.
-
Set the proxy (to handle the situation where the ingress-nginx image may fail to pull, minikube needs to be restarted)
-
sudo vim /etc/profile.d/proxy.sh
-
Add the following content to the file
export http_proxy="http://10.10.1.10:8080/" export https_proxy="http://10.10.1.10:8080/"
-
sudo chmod +x /etc/profile.d/proxy.sh
-
source /etc/profile.d/proxy.sh #Check the environment variables to confirm whether they are effective env | grep -i proxy
-
Cancel proxy
unset http_proxy unset https_proxy
-
Restart minikube
yuluo@yuluo-ubuntu:~$ minikube start * minikube v1.31.2 on Ubuntu 22.04 * Using the docker driver based on existing profile * Starting control plane node minikube in cluster minikube * Pulling base image... * Restarting existing docker container for "minikube" ... * Found network options: - http_proxy=http://192.168.2.9:7890/ ! You appear to be using a proxy, but your NO_PROXY environment does not include the minikube IP (192.168.49.2). * Please see https://minikube.sigs.k8s.io/docs/handbook/vpn_and_proxy/ for more details - https_proxy=http://192.168.2.9:7890/ * Preparing Kubernetes v1.27.4 on Docker 24.0.4 ... - env HTTP_PROXY=http://192.168.2.9:7890/ - env HTTPS_PROXY=http://192.168.2.9:7890/ * Configuring bridge CNI (Container Networking Interface) ... * Verifying Kubernetes components... - Using image gcr.io/k8s-minikube/storage-provisioner:v5 * Enabled addons: default-storageclass, storage-provisioner * Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
-
-
Environment configuration
# In order to use nginx-ingress in minikube, you must execute the following command to enable it minikube addons enable ingress kubectl get pods -A # Check whether ingress-nginx starts successfully. If not, use the following command to try again. kubectl get pod podName -n nameSpace -o yaml | kubectl replace --force -f - # The following is the success status: root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# kubectl get pods -n ingress-nginx | grep ingress-nginx-controller ingress-nginx-controller-7799c6795f-29dnh 1/1 Running 0 21h
-
Write yaml resource configuration file
apiVersion: networking.k8s.io/v1 Kind: Ingress metadata: name: webserver-ingress spec: ingressClassName: nginx-ingress rules: - host: "webserver.com" http: paths: - path: "/" pathType: Prefix backend: service: name: webserver-svc port: number: 80
-
Deploy Ingress
kubectl apply -f webserver-ingress.yaml
-
View status
# View the created ingress resources through kubectl get ingress # Check the relationship between service and ingress through kubectl describe ingress webserver-ingress root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# kubectl describe ingress webserver-ingress Name: webserver-ingress Labels: <none> Namespace: default Address: Ingress Class: nginx-ingress Default backend: <default> Rules: Host Path Backends ---- ---- -------- webserver.com /webserver-svc:80 (10.244.0.10:80) Annotations: <none> Events: <none>
-
test access
# Set hosts file to create mapping relationship vim /etc/hosts <minikube ip> webserver.com # test curl webserver.com:8080 #The results are as follows: root@yuluo-ubuntu:/home/yuluo/app/test-deploy-app# curl webserver.com:8080 Hello World!
4. Install Istio
1. Download istio and upload it to the server
Istio installation package address: https://github.com/istio/istio/releases
2. Installation
# Decompress tar -zxvf istio-1.19.3 #Add bin directory to system path export PATH=$HOME/istio/istio-1.19.3/bin:$PATH # examine istioctl version # Check if istio can be installed root@yuluo-ubuntu:/home/yuluo# istioctl x precheck ? No issues found when checking the cluster. Istio is safe to install or upgrade! To get started, check out https://istio.io/latest/docs/setup/getting-started/ # Install Istio istioctl install enter y Appears as follows: Installation successful root@yuluo-ubuntu:/home/yuluo# istioctl install This will install the Istio 1.19.3 "default" profile (with components: Istio core, Istiod, and Ingress gateways) into the cluster. Proceed? (y/N) y ? Istio core installed ?Istiod installed ? Ingress gateways installed ? Installation complete Made this installation the default for injection and validation. # kubectl get pods -A | grep istio-system yuluo@yuluo-ubuntu:~$ kubectl get pods -A | grep istio-system istio-system istio-ingressgateway-cf99dfc5c-f5bnw 1/1 Running 0 11m istio-system istiod-78c4f7f756-lnd7g 1/1 Running 0 11m
3. Install Istio dashboard
-
Import grafana, reference: https://istio.io/latest/zh/docs/tasks/observability/metrics/using-istio-dashboard/
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.19/samples/addons/grafana.yaml # Start with the following command istioctl dashboard grafana # Mapping local access (if not specified here, only 127.0.0.1 can be used to access, and access using ipv4 address needs to be specified) kubectl port-forward grafana-5f9b8c6c5d-jnd6n -n istio-system --address 192.168.2.13 3000:3000 #Access the following address http://192.168.2.13:3000/d/G8wLrJIZk/istio-mesh-dashboard
-
import promethems
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.19/samples/addons/prometheus.yaml istioctl dashboard prometheus kubectl port-forward prometheus-5d5d6d6fc-w7rk4 -n istio-system --address 192.168.2.13 9090:9090
-
Install kiali
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.19/samples/addons/kiali.yaml kubectl port-forward kiali-7c9d5f9f96-b8bpj -n istio-system --address 172.23.235.246 20001:20001 http://172.23.235.246:20001/