DevSecOps for BBK
  • Introduction
  • Getting Started
    • Virtual Training Practices
    • Training Plan
    • Tools and Configuration
    • Troubleshooting
  • Docker Fundamentals
    • Docker Setup
    • Docker First Container
    • Docker Network Basics
    • Docker Network Exercise
    • Docker Volume Basics
    • Docker Storage
  • Dockerfile Fundamentals
    • Dockerfile Instructions
    • Dockerfile Environment Variables
    • Dockerfile Build Arguments
    • Non-privileged Containers
    • Dockerfile Order of Execution
    • Dockerfile Volume
    • Entrypoint Command
    • Multiple Stage Build
  • Container Management
    • Containers Start Automatically
  • Docker Security
    • Seccomp Profile
  • Docker Compose
    • Docker Compose Install
    • Docker Compose Commands
    • Docker Compose File
    • Docker Compose Volumes and Network
  • K8s Cluster Setup
    • Minikube Installation
    • Calico Networking
    • K8s Walkthrough
    • K8s Cheat Sheet
  • Understand K8s
    • Pod Connectivity
    • Deployments
    • Service Cluster IP
    • Service NodePort
    • ClusterIP Exercise
    • NodePort Exercise
    • Service LoadBalancer
    • Configmap
    • Secrets
  • Application Lifecycle Management
    • Rolling Updates and Rollback
    • Multi Container Pod
  • K8s Storage
    • Persistent Volume
    • Persistent Volume Claim
    • PVC in POD
  • Istio
    • AKS Setup
    • Kubectl Setup in Windows
    • Istio Setup Manual
    • Istio Demo App
    • Istio Observability
  • Terraform
    • Terraform Setup
    • Terraform Demo
    • Azure Terraform Setup
  • Terraform AWS
    • Terraform AWS Setup
    • Terraform AWS Demo S3
  • Refrences
    • Docker Static Site
    • Docker First Image
Powered by GitBook
On this page
  • Profile Configuration
  • Deploy the sample application
  • Open the application to outside traffic
  • Determining the ingress IP and ports
  1. Istio

Istio Demo App

PreviousIstio Setup ManualNextIstio Observability

Last updated 2 years ago

If you are following the guide sequentially, all necessary requriments are met from the previous section of lab. However if you are starting from the Middle of lab guide. Please ensure the following are met.

  • Istioctl is configured properly and path is already set.

Profile Configuration

For this installation, we use the demo . It’s selected to have a good set of defaults for testing, but there are other profiles for production or performance testing.

istioctl install --set profile=demo -y

Deploy the sample application

Deploy the 

kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml

The application will start. As each pod becomes ready, the Istio sidecar will be deployed along with it.

kubectl get services

and

kubectl get pods

Verify everything is working correctly up to this point

Open the application to outside traffic

  1. Associate this application with the Istio gateway:

    kubectl apply -f samples/bookinfo/networking/bookinfo-gateway.yaml

  2. Ensure that there are no issues with the configuration:

    istioctl analyze

Determining the ingress IP and ports, by visiting the Services Section.

If required make a productpage services as NodePort

Determining the ingress IP and ports

Follow these instructions to set the INGRESS_HOST and INGRESS_PORT variables for accessing the gateway. Use the tabs to choose the instructions for your chosen platform:

Set the ingress ports:

export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}')
export SECURE_INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="https")].nodePort}')

Ensure a port was successfully assigned to each environment variable:

echo "$INGRESS_PORT"
echo "$SECURE_INGRESS_PORT"

Set the ingress IP ( Using sredemo cluster name to Identify cluster ip )

export INGRESS_HOST=$(minikube ip -p sredemo)

Ensure an IP address was successfully assigned to the environment variable:

echo "$INGRESS_HOST"

Set GATEWAY_URL:

export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT

Ensure an IP address and port were successfully assigned to the environment variable:

echo "$GATEWAY_URL"

The Bookinfo application is deployed but not accessible from the outside. To make it accessible, you need to create an , which maps a path to a route at the edge of your mesh.

configuration profile
Bookinfo sample application
Istio Ingress Gateway