This article comes from Rancher Labs
Rancher's idea is Run Kubernetes Everywhere. Many major updates in Rancher 2.3 take this idea to a new step.
The two most important features are the integration of Istio and support for Windows. In this article, we will mainly discuss how to use Istio support provided by Rancher UI and visualize it through Kiali dashboard.
Running Kubernetes cluster
- Install Rancher and import the cluster
In this example, we will use the large k3s hosting cluster on CIVO Cloud, and have completed the installation of Rancher App (the Rancher application in Civo Marketplace will install Rancher on the cluster and import the cluster into it). For cluster setting, please refer to the following steps:
After starting the cluster, select Rancher from the marketplace to install during cluster creation. Civo will start the Rancher server and import the cluster.
When the cluster is ready, you will see the dashboard of Rancher 2.3, which supports Istio and Kiali. Let's explore this dashboard!
After the cluster is created, you can download kubeconfig and connect to the cluster. Then check whether the Rancher server and the cat agents are up and running.
kubectl get nodes NAME STATUS ROLES AGE VERSION kube-node-79ed Ready worker 96m v1.15.4-k3s.1 kube-master-bca5 Ready master 96m v1.15.4-k3s.1 kubectlg get pods -n cattle-system NAME READY STATUS RESTARTS AGE cattle-5669c57dcf-tw65t 1/1 Running 0 3h27m cattle-node-agent-8lppr 1/1 Running 0 3h27m cattle-node-agent-g5f6f 1/1 Running 0 3h27m cattle-cluster-agent-587b6d44cf-ppnjd 1/1 Running 0 3h27m
To access the Rancher UI, create an ingress. rancher-ingress.yaml is as follows:
>> kubectl apply -f rancher-ingress.yaml ingress.extensions/cattle-ingress created kubectl get ingress -n cattle-system NAME HOSTS ADDRESS PORTS AGE cattle-ingress * 172.31.0.189 80 32s
Now if you access any node ip, you will see that the Rancher server is running.
Create a password and save the URL. Then you should be able to see the imported cluster.
Enable Istio through the Rancher UI
Istio is described in the document as follows:
Enterprises or organizations that use the cloud platform can benefit a lot from it. But there is no denying that adopting cloud technology will put pressure on the DevOps team. Developers must use microservices to build portability, while operations personnel manage very large hybrid and multi cloud deployments. Service grid makes microservices easier to use. Istio can help you connect, protect, control and observe services.
To a large extent, istio helps reduce the complexity of deployment and the burden on the development team. It is a fully open source service grid that can transparently inject one layer into existing distributed applications. It is also a platform, including API s that can be integrated into any logging platform, telemetry or policy system. Istio's diverse capabilities allow you to successfully and efficiently run a distributed microservice architecture, and provide a unified local way to protect, connect and monitor microservices.
Now, let's start to enable Istio in the Rancher UI and deploy it.
To enable Istio, you need to access the menu bar at the top of the UI. The path is: Tools > Istio. You can change many configuration options. Now, I want all configurations to remain default and set the inress gateway to True. Enabling this feature will also enable monitoring, which is a prerequisite for Istio to function properly.
When enabled, you will see monitoring and Istio pod appear under the namespaces cat Prometheus (for monitoring) and istio system (for istio).
>> kubectl get pods -n istio-system NAME READY STATUS RESTARTS AGE istio-citadel-6bb9c9f6fb-md9f8 1/1 Running 0 6m16s istio-tracing-64d646945-xm4sm 2/2 Running 0 6m15s istio-policy-68959c7999-5kmdb 2/2 Running 1 6m16s istio-galley-67848cd58-g5tbt 1/1 Running 0 6m16s kiali-5f8f876bd5-6djxf 2/2 Running 0 6m16s istio-telemetry-778bfdcf74-ps9vl 2/2 Running 1 6m16s istio-pilot-7546b9fdcc-rbxj8 2/2 Running 0 6m16s istio-ingressgateway-6f877dd689-rskn4 1/1 Running 0 6m16s istio-sidecar-injector-69c97ddbb5-x7jcv 1/1 Running 0 6m16s >> kubectl get pods -n cattle-prometheus NAME READY STATUS RESTARTS AGE prometheus-operator-monitoring-operator-79484b9c6f-zshlq 1/1 Running 0 7m42s exporter-node-cluster-monitoring-wnxtc 1/1 Running 0 7m39s exporter-node-cluster-monitoring-k68fb 1/1 Running 0 7m39s grafana-cluster-monitoring-5d676d89c5-vkbzm 2/2 Running 0 7m39s prometheus-cluster-monitoring-0 5/5 Running 1 7m15s exporter-kube-state-cluster-monitoring-5dfd658dc-pn8mt 1/1 Running 0 7m39s
Now let's take an example of Istio deployment, generate traffic and view it in Kiali dashboard.
We will create deployment, Gateway, and virtual services for the sample application, as follows:
kubectl label namespace default istio-injection=enabled namespace/default labeled kubectl apply -f service/details created serviceaccount/bookinfo-details created deployment.apps/details-v1 created service/ratings created serviceaccount/bookinfo-ratings created deployment.apps/ratings-v1 created service/reviews created serviceaccount/bookinfo-reviews created deployment.apps/reviews-v1 created deployment.apps/reviews-v2 created deployment.apps/reviews-v3 created service/productpage created serviceaccount/bookinfo-productpage created deployment.apps/productpage-v1 created kubectl apply -f gateway.networking.istio.io/bookinfo-gateway created kubectl apply -f virtualservice.networking.istio.io/bookinfo created
Now that the application is deployed, you can view it through Istio gateway.
>> kubectl get pods NAME READY STATUS RESTARTS AGE details-v1-74f858558f-m5tsx 2/2 Running 0 10m ratings-v1-7855f5bcb9-lkhgg 2/2 Running 0 10m productpage-v1-8554d58bff-llnqh 2/2 Running 0 10m| reviews-v2-d6cfdb7d6-rl4zk 2/2 Running 0 10m reviews-v3-75699b5cfb-crdrd 2/2 Running 0 10m reviews-v1-59fd8b965b-rmct2 2/2 Running 0 10m >> kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 192.168.128.1 <none> 443/TCP 140m details ClusterIP 192.168.154.118 <none> 9080/TCP 10m ratings ClusterIP 192.168.207.69 <none> 9080/TCP 10m reviews ClusterIP 192.168.141.42 <none> 9080/TCP 10m productpage ClusterIP 192.168.128.87 <none> 9080/TCP 10m
Click Test user and ordinary user to generate some traffic.
Select Istio from the menu bar above UI. You can see the following chart:
Click on the Kiali icon on the screen.
Kiali is Istio's visual console, which has the function of service grid configuration. It helps to understand your service grid architecture and provide the health status of your grid by inferring topology. In addition, kiali provides detailed indicators and integrates basic Grafana, so it can be used for advanced queries. Jaeger is also integrated to provide distributed tracking.
You can view the complete topology and process of the deployed application.
Here is a diagram of the deployed applications:
Here are other charts:
Versioning application diagram
Inspired by Dapper and OpenZipkin, Jaeger was designed as an open source distributed tracking system, which was released by Uber Technologies. It is used to monitor and diagnose distributed system based on microservice, including:
Distributed Context Propagation
Distributed transaction monitoring
Root cause analysis
Service dependency analysis
- Performance / delay optimization
In this article, we discussed how to install Istio in Rancher 2.3.x and use Kiali to visualize the service grid. We also deployed a sample application and generated some traffic, using Kiali and Jaeger to see them.
If you want to learn more about Istio, Kiali and Jaeger, please visit the following website to watch the video: