Istio

1curl -L https://istio.io/downloadIstio | sh -# 或者访问https://istio.io/downloadIstio，执行得到的shell脚本，或者访问https://github.com/istio/istio/releases进行下载
2# 设置环境变量
3cd istio-1.19.3
4export PATH=$PWD/bin:$PATH
5# 列出配置模板
6istioctl profile list
7istioctl install # default
8# 设置istio（可选）
9# k label namespace default istio-injection=enabled
10#kubectl label namespace default istio-injection=enabled

1istioctl x uninstall --purge
2istioctl x uninstall <your original installation options>
3istioctl manifest generate <your original installation options> | kubectl delete -f -
4kubectl delete namespace istio-system

1kubectl apply -f samples/addons
2kubectl rollout status deployment/kiali -n istio-system
3kubectl apply -f samples/addons/prometheus.yaml #grafana, jaeger, kiali, loki, prometheus
4istioctl dashboard kiali
5kubectl delete -f samples/addons
6

1kubectl edit cm istio-sidecar-injector -n istio-system
2# Change the requests as following json
3k delete po istiod-64d75d6b98-kg7x4 -n istio-system

1"resources": {
2  "limits": {
3    "cpu": "2000m",
4    "memory": "1024Mi"
5  },
6  "requests": {
7    "cpu": "100m", //need to change
8    "memory": "128Mi" // need to change
9  }
10},

1istioctl profile list
2istioctl profile dump default
3istioctl profile diff default demo
4istioctl manifest generate > $HOME/generated-manifest.yaml
5istioctl verify-install -f $HOME/generated-manifest.yaml

1info    JWT policy is first-party-jwt
2Missing JWT token, can't use in process SDS /var/run/secrets/kubernetes.io/serviceaccount/tokenstat /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
3Missing JWT, can't authenticate with control plane. Try using plain text (15010)

1kubectl describe pod kube-apiserver -n kube-system | grep 'service-cluster-ip-range'
2# --service-cluster-ip-range=10.96.0.0/12
3./istioctl profile list
4./istioctl install --set values.global.proxy.includeIPRanges="10.96.0.0/12"
5# 清除值
6#./istioctl install --set values.global.proxy.includeIPRanges=""