Command Palette

Search for a command to run...

GitHubGitHub

Istio Installation Guide

Complete guide for installing Istio service mesh across different operating systems and Kubernetes distributions.

Istio is a service mesh that helps you connect, secure, control, and observe services. This guide covers installation across different operating systems.

Prerequisites

  • Kubernetes cluster (version 1.22 or higher)
  • kubectl CLI tool installed
  • Cluster admin privileges
  • 8GB+ RAM available
  • 4+ CPU cores

Installation Instructions

Ubuntu/Debian Installation

# Download Istio
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.20.0 sh -
 
# Move to Istio directory
cd istio-1.20.0
 
# Add istioctl to PATH
sudo cp bin/istioctl /usr/local/bin/
sudo chmod +x /usr/local/bin/istioctl
 
# Verify installation
istioctl version
 
# Install Istio into the cluster
istioctl install --set profile=demo -y
 
# Enable sidecar injection for default namespace
kubectl label namespace default istio-injection=enabled

Installation Profiles

Istio offers several installation profiles for different use cases:

# List available profiles
istioctl profile list
 
# Get profile details
istioctl profile dump demo
 
# Install specific profile
istioctl install --set profile=demo  # For testing/learning
istioctl install --set profile=production  # For production
istioctl install --set profile=minimal  # Minimal installation

Verifying Installation

# Check Istio pods
kubectl get pods -n istio-system
 
# Verify CRDs
kubectl get crd | grep istio
 
# Check configuration
istioctl analyze
 
# Verify proxy injection
kubectl get namespace -L istio-injection

Installing Add-ons

Kiali Dashboard

# Install Kiali and other addons
kubectl apply -f samples/addons/kiali.yaml
kubectl apply -f samples/addons/prometheus.yaml
kubectl apply -f samples/addons/grafana.yaml
kubectl apply -f samples/addons/jaeger.yaml
 
# Access Kiali dashboard
istioctl dashboard kiali

Troubleshooting

Configuration Examples

1. Traffic Management

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews-route
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1
      weight: 75
    - destination:
        host: reviews
        subset: v2
      weight: 25

2. Security Policies

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
  namespace: istio-system
spec:
  mtls:
    mode: STRICT

3. Monitoring Configuration

apiVersion: telemetry.istio.io/v1alpha1
kind: Telemetry
metadata:
  name: mesh-default
  namespace: istio-system
spec:
  tracing:
  - randomSamplingPercentage: 100.0
    customTags:
      environment:
        literal:
          value: production

Best Practices

  1. Resource Management

    apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
  components:
    pilot:
      k8s:
        resources:
          requests:
            cpu: 500m
            memory: 2048Mi
          limits:
            cpu: 1000m
            memory: 4096Mi

  2. Security Settings

    # Enable strict mTLS
kubectl apply -f - <<EOF
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
  namespace: istio-system
spec:
  mtls:
    mode: STRICT
EOF

  3. Monitoring Setup

    # Install monitoring stack
kubectl apply -f samples/addons/prometheus.yaml
kubectl apply -f samples/addons/grafana.yaml
kubectl apply -f samples/addons/jaeger.yaml

Next Steps

Helm

Complete guide for installing Helm package manager for Kubernetes across different operating systems.

Minikube

Complete guide for installing Minikube for local Kubernetes development across different operating systems.