Out of the box! Using Rancher 2.3 to enable the initial experience of Istio

This article comes from Rancher Labs


Rancher's idea is Run Kubernetes Everywhere. Many major updates in Rancher 2.3 take this idea to a new step.

The two most important features are the integration of Istio and support for Windows. In this article, we will mainly discuss how to use Istio support provided by Rancher UI and visualize it through Kiali dashboard.

Preliminary preparation:


  • Running Kubernetes cluster

  • Install Rancher and import the cluster

In this example, we will use the large k3s hosting cluster on CIVO Cloud, and have completed the installation of Rancher App (the Rancher application in Civo Marketplace will install Rancher on the cluster and import the cluster into it). For cluster setting, please refer to the following steps:


After starting the cluster, select Rancher from the marketplace to install during cluster creation. Civo will start the Rancher server and import the cluster.

When the cluster is ready, you will see the dashboard of Rancher 2.3, which supports Istio and Kiali. Let's explore this dashboard!


After the cluster is created, you can download kubeconfig and connect to the cluster. Then check whether the Rancher server and the cat agents are up and running.

kubectl get nodes 
NAME               STATUS   ROLES    AGE   VERSION
kube-node-79ed     Ready    worker   96m   v1.15.4-k3s.1
kube-master-bca5   Ready    master   96m   v1.15.4-k3s.1

kubectlg get pods -n cattle-system
NAME                                    READY   STATUS    RESTARTS   AGE
cattle-5669c57dcf-tw65t                 1/1     Running   0          3h27m
cattle-node-agent-8lppr                 1/1     Running   0          3h27m
cattle-node-agent-g5f6f                 1/1     Running   0          3h27m
cattle-cluster-agent-587b6d44cf-ppnjd   1/1     Running   0          3h27m

To access the Rancher UI, create an ingress. rancher-ingress.yaml is as follows:

>> kubectl apply -f rancher-ingress.yaml
ingress.extensions/cattle-ingress created

kubectl get ingress -n cattle-system

NAME             HOSTS   ADDRESS        PORTS   AGE
cattle-ingress   *   80      32s

Now if you access any node ip, you will see that the Rancher server is running.

Create a password and save the URL. Then you should be able to see the imported cluster.


Enable Istio through the Rancher UI


Istio is described in the document as follows:

Enterprises or organizations that use the cloud platform can benefit a lot from it. But there is no denying that adopting cloud technology will put pressure on the DevOps team. Developers must use microservices to build portability, while operations personnel manage very large hybrid and multi cloud deployments. Service grid makes microservices easier to use. Istio can help you connect, protect, control and observe services.

To a large extent, istio helps reduce the complexity of deployment and the burden on the development team. It is a fully open source service grid that can transparently inject one layer into existing distributed applications. It is also a platform, including API s that can be integrated into any logging platform, telemetry or policy system. Istio's diverse capabilities allow you to successfully and efficiently run a distributed microservice architecture, and provide a unified local way to protect, connect and monitor microservices.
Now, let's start to enable Istio in the Rancher UI and deploy it.

To enable Istio, you need to access the menu bar at the top of the UI. The path is: Tools > Istio. You can change many configuration options. Now, I want all configurations to remain default and set the inress gateway to True. Enabling this feature will also enable monitoring, which is a prerequisite for Istio to function properly.

When enabled, you will see monitoring and Istio pod appear under the namespaces cat Prometheus (for monitoring) and istio system (for istio).


>> kubectl get pods -n istio-system

NAME                                      READY   STATUS    RESTARTS   AGE
istio-citadel-6bb9c9f6fb-md9f8            1/1     Running   0          6m16s
istio-tracing-64d646945-xm4sm             2/2     Running   0          6m15s
istio-policy-68959c7999-5kmdb             2/2     Running   1          6m16s
istio-galley-67848cd58-g5tbt              1/1     Running   0          6m16s
kiali-5f8f876bd5-6djxf                    2/2     Running   0          6m16s
istio-telemetry-778bfdcf74-ps9vl          2/2     Running   1          6m16s
istio-pilot-7546b9fdcc-rbxj8              2/2     Running   0          6m16s
istio-ingressgateway-6f877dd689-rskn4     1/1     Running   0          6m16s
istio-sidecar-injector-69c97ddbb5-x7jcv   1/1     Running   0          6m16s

>> kubectl get pods -n cattle-prometheus
NAME                                                       READY   STATUS    RESTARTS   AGE
prometheus-operator-monitoring-operator-79484b9c6f-zshlq   1/1     Running   0          7m42s
exporter-node-cluster-monitoring-wnxtc                     1/1     Running   0          7m39s
exporter-node-cluster-monitoring-k68fb                     1/1     Running   0          7m39s
grafana-cluster-monitoring-5d676d89c5-vkbzm                2/2     Running   0          7m39s
prometheus-cluster-monitoring-0                            5/5     Running   1          7m15s
exporter-kube-state-cluster-monitoring-5dfd658dc-pn8mt     1/1     Running   0          7m39s

Now let's take an example of Istio deployment, generate traffic and view it in Kiali dashboard.


We will create deployment, Gateway, and virtual services for the sample application, as follows:

kubectl  label namespace default istio-injection=enabled
namespace/default labeled

kubectl  apply -f

service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created

kubectl  apply -f 
gateway.networking.istio.io/bookinfo-gateway created

kubectl  apply -f 
virtualservice.networking.istio.io/bookinfo created

Generate traffic:


Now that the application is deployed, you can view it through Istio gateway.

>> kubectl  get pods

NAME                              READY   STATUS    RESTARTS   AGE

details-v1-74f858558f-m5tsx       2/2     Running   0          10m
ratings-v1-7855f5bcb9-lkhgg       2/2     Running   0          10m
productpage-v1-8554d58bff-llnqh   2/2     Running   0          10m|
reviews-v2-d6cfdb7d6-rl4zk        2/2     Running   0          10m
reviews-v3-75699b5cfb-crdrd       2/2     Running   0          10m
reviews-v1-59fd8b965b-rmct2       2/2     Running   0          10m

>> kubectl get svc

NAME          TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)    AGE
kubernetes    ClusterIP     <none>        443/TCP    140m
details       ClusterIP   <none>        9080/TCP   10m
ratings       ClusterIP    <none>        9080/TCP   10m
reviews       ClusterIP    <none>        9080/TCP   10m
productpage   ClusterIP    <none>        9080/TCP   10m


Click Test user and ordinary user to generate some traffic.

Select Istio from the menu bar above UI. You can see the following chart:

Click on the Kiali icon on the screen.



Kiali is Istio's visual console, which has the function of service grid configuration. It helps to understand your service grid architecture and provide the health status of your grid by inferring topology. In addition, kiali provides detailed indicators and integrates basic Grafana, so it can be used for advanced queries. Jaeger is also integrated to provide distributed tracking.

You can view the complete topology and process of the deployed application.

Here is a diagram of the deployed applications:

Here are other charts:

Service chart

Versioning application diagram

Workload map

Inspired by Dapper and OpenZipkin, Jaeger was designed as an open source distributed tracking system, which was released by Uber Technologies. It is used to monitor and diagnose distributed system based on microservice, including:


  • Distributed Context Propagation

  • Distributed transaction monitoring

  • Root cause analysis

  • Service dependency analysis

  • Performance / delay optimization

Jaeger UI

Jaeger query

Sum up


In this article, we discussed how to install Istio in Rancher 2.3.x and use Kiali to visualize the service grid. We also deployed a sample application and generated some traffic, using Kiali and Jaeger to see them.


If you want to learn more about Istio, Kiali and Jaeger, please visit the following website to watch the video:


Tags: Kubernetes Windows

Posted on Thu, 09 Jan 2020 07:39:11 -0800 by Shp0ngl3