chilcano.istio

Panoramica Versioni Approfondimenti

Ansible Role: Istio

This Ansible Role helps you install Istio (https://istio.io) on a local OpenShift cluster, usually set up with Minishift (https://www.openshift.org/minishift). The Role does the following:

  • Verifies if OpenShift is running locally.
  • Downloads and installs the specified or latest version of Istio.
  • Utilizes the latest oc binary from ~/.minishift/cache/oc/<VERSION>/<OS>/ and istioctl from the Istio binary you downloaded.

Requirements

  • You need Ansible version 2.3 or higher.
  • Clear your terminal session of any DOCKER* environment variables before running the role.
  • sudo access may be needed on your host to install istioctl (optional).
  • Make sure OpenShift is running locally. You can check https://galaxy.ansible.com/chilcano/minishift to get OpenShift running in a VM.

Testing

The Istio Ansible Role has been tested with:

  • Minishift v1.11.0+4459917
  • Kubernetes 3.7
  • Istio 0.2.7
  • VirtualBox 5.1.30
  • macOS High Sierra, version 10.13.2 (17C88)

Default Variables

The default variables can be found in defaults/main.yml.

Sample Playbook

Check the sample-1-istio.yml file for an example.

$ cat sample-1-istio.yml

---
- name: Install Istio.
  hosts: Pisc0
  connection: local
  gather_facts: yes
  vars:
    vm: openshift0

  roles:
    - role: chilcano.istio
      istio:
        action_to_trigger: clean  # [ deploy | clean ]
        action:
          deploy:
            istioctl: true    # install istioctl
            core: true        # install core components
            addons: true      # install Prometheus, Grafana, Zipkin, ServiceGraph
            sample_apps: true # install bookinfo sample app
        minishift:
          profile: "{{ vm }}"
        openshift:
          project: istio-system    # default namespace
          hostname: "{{ vm }}"
          admin_usr: "system:admin"
          admin_pwd: anypassword
          istio_usr: developer
          istio_pwd: anypassword
        repo:
          #release_tag_name: ""   # use latest version
          release_tag_name: "0.2.7"
          #release_tag_name: "0.2.6"

How to Use the Ansible Role

  1. Install the role:

    $ sudo ansible-galaxy install chilcano.istio

  2. Copy the playbook to your current working directory:

    $ cp ${ANSIBLE_ROLES_PATH}/chilcano.istio/sample-1-istio.yml .

  3. Create an inventory file:

    $ echo $(hostname) > ./inventory

  4. Run the playbook:

    $ ansible-playbook -i inventory --ask-become-pass sample-1-istio.yml

After the playbook finishes, check if Pods, Services, etc., have been deployed and are running.

$ eval $(minishift oc-env)

$ oc project bookinfo

$ oc status
In project bookinfo on server https://192.168.99.100:8443

svc/details - 172.30.118.151:9080
  pod/details-v1-1464079269-wxfl5 runs istio/examples-bookinfo-details-v1:0.2.3, docker.io/istio/proxy_debug:0.2.7

svc/productpage - 172.30.163.171:9080
  pod/productpage-v1-3915871613-p2cp6 runs istio/examples-bookinfo-productpage-v1:0.2.3, docker.io/istio/proxy_debug:0.2.7

svc/ratings - 172.30.13.63:9080
  pod/ratings-v1-327106889-rvqpv runs istio/examples-bookinfo-ratings-v1:0.2.3, docker.io/istio/proxy_debug:0.2.7

svc/reviews - 172.30.233.119:9080
  pod/reviews-v1-3806695627-2xkg6 runs istio/examples-bookinfo-reviews-v1:0.2.3, docker.io/istio/proxy_debug:0.2.7
  pod/reviews-v2-3096629009-2cfht runs istio/examples-bookinfo-reviews-v2:0.2.3, docker.io/istio/proxy_debug:0.2.7
  pod/reviews-v3-1994447391-ws74d runs istio/examples-bookinfo-reviews-v3:0.2.3, docker.io/istio/proxy_debug:0.2.7

Use 'oc describe <resource>/<name>' to see details or 'oc get all' to list everything.

$ oc get pods
NAME                              READY     STATUS     RESTARTS   AGE
details-v1-1464079269-wxfl5       0/2       Init:0/2   0          1m
productpage-v1-3915871613-p2cp6   0/2       Init:0/2   0          1m
ratings-v1-327106889-rvqpv        0/2       Init:0/2   0          1m
reviews-v1-3806695627-2xkg6       0/2       Init:0/2   0          1m
reviews-v2-3096629009-2cfht       0/2       Init:0/2   0          1m
reviews-v3-1994447391-ws74d       0/2       Init:0/2   0          1m

$ oc get pods
...

You will eventually see the Istio and BookInfo App running in your OpenShift Cluster. States like Init:0/2, Init:1/2, and PodInitializing show that the BookInfo App is starting up and isn't ready yet.

You can visualize and manage these components using the Weave Scope App. If you wish to install it, you can use the Weave Scope Ansible Role available at: Weave Scope Ansible Role.

License

MIT / BSD

Author

This role was created in 2017 by Roger Carhuatocto, who also writes for HolisticSecurity.io Blog.

Informazioni sul progetto

An Ansible Role that installs and configures Istio (https://istio.io) on an OpenShift cluster running locally that has been installed by using Minishift (https://www.openshift.org/minishift).

role ambassador container docker kubernetes minishift openshift sidecar
Installa
ansible-galaxy install chilcano.istio
GitHub repository
3 stelle
3 fork
0 problemi aperti
Licenza
Unknown
Download
98
Proprietario
Roger Carhuatocto
Crypto, PKI, DevSecOps, Cloud & Cyber Security, SOA, API & Service Mesh.