This guide will walk you through deploying Istio and the Istio CRDs in your cluster. EFK uses Istio as its service mesh to control how workloads communicate with each other, apply authorization policies, encrypt traffic, and provide enhanced security.
If you have already deployed Istio to your cluster, expand this box to fast-forward.
- Proceed to the Verify section.
Choose one of the following options to deploy Istio:
What You’ll Need¶
Option 1: Deploy Istio Automatically (preferred)¶
Choose one of the following options, based on your cloud provider.
Option 2: Deploy Istio Manually¶
If you want to deploy Istio manually, follow the instructions below.
Go to your GitOps repository, inside your
rok-toolsmanagement environment:root@rok-tools:~# cd ~/ops/deployments
Deploy Istio CRDs and resources in the
istio-systemnamespace:root@rok-tools:~/ops/deployments# rok-deploy --apply install/istio
Verify that the Istio daemon Pod is up and running. Check the Pod status and verify field STATUS is Running and field READY is 1/1:root@rok-tools:~/ops/deployments# kubectl get pods -n istio-system -l app=istiod NAME READY STATUS RESTARTS AGE istiod-55cdc9bb69-892zk 1/1 Running 0 9m42s
Verify that the Istio Ingress Gateway Pod is up and running. Check the Pod status and verify field STATUS is Running and field READY is 1/1:root@rok-tools:~/ops/deployments# kubectl get pods -n istio-system -l app=istio-ingressgateway NAME READY STATUS RESTARTS AGE istio-ingressgateway-5f67fb9d94-dl5np 1/1 Running 0 9m42s
You have successfully deployed Istio as the service mesh of your EKF cluster.