Networking
Istio tutorial
Nejrozšířenější service mesh pro Kubernetes.
Instalace
curl -L https://istio.io/downloadIstio | sh -
istioctl install --set profile=demo
kubectl label namespace default istio-injection=enabled
Traffic management
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
spec:
hosts: [myapp]
http:
- route:
- destination: { host: myapp, subset: v2 }
weight: 20
- destination: { host: myapp, subset: v1 }
weight: 80
mTLS
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
spec:
mtls: { mode: STRICT }
Observability
- Kiali — dashboard
- Jaeger — tracing
- Grafana — metriky
istioctl dashboard kiali
Istio pro enterprise
Začněte traffic management + mTLS, přidávejte postupně.