3.1 开放kiali至集群外部
-
首先将istio-inressateway暴露集群外部;
在node02的ens33网卡上面有多余的ip地址,将该地址绑定在igressgateway的svc 上面。
kubectl edit svc istio-ingressgateway -n istio-system
-
定义kiali的ingress gateway的资源配置清单
apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: kiali-gateway namespace: istio-system spec: selector: app: istio-ingressgateway servers: - hosts: - "kiali.icloud2native.com" port: name: http-kiali number: 80 protocol: HTTP ---
-
定义kiali的VirtualService清单
apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: kiali-vs namespace: istio-system spec: gateways: - kiali-gateway hosts: - "kiali.icloud2native.com" http: - match: - uri: prefix: / route: - destination: host: kiali port: number: 20001
-
定义kiali的DestinationRule清单
apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: kiali-dr namespace: istio-system spec: host: kiali trafficPolicy: tls: mode: DISABLE
-
本地解析,后访问kiali
3.2 开放grafana至集群外
-
定义grafana的gateway
apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: granafa-gw namespace: istio-system spec: selector: app: istio-ingressgateway servers: - port: name: http-80 number: 80 protocol: HTTP hosts: - "grafana.icloud2native.com" ---
-
定义grafana的virtualservice
apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: grafana-vs namespace: istio-system spec: gateways: - granafa-gw hosts: - "grafana.icloud2native.com" http: - match: - uri: prefix: / route: - destination: host: grafana port: number: 3000
-
定义grafana的dr
apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: grafana namespace: istio-system spec: host: grafana trafficPolicy: tls: mode: DISABLE ---
-
访问grafana
3.3 开放prometheus至集群外
-
prometheus的gateway,vs,dr资源配置清单
apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: prometheus-gateway namespace: istio-system spec: selector: app: istio-ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "prometheus.icloud2native.com" --- apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: prometheus-virtualservice namespace: istio-system spec: hosts: - "prometheus.icloud2native.com" gateways: - prometheus-gateway http: - match: - uri: prefix: / route: - destination: host: prometheus port: number: 9090 --- apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: prometheus namespace: istio-system spec: host: prometheus trafficPolicy: tls: mode: DISABLE ---
-
访问prometheus
3.4 开放trace至集群外
-
trace的gateway,vs,dr资源配置清单
apiVersion: networking.istio.io/v1beta1 kind: Gateway metadata: name: tracing-gateway namespace: istio-system spec: selector: app: istio-ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "tracing.icloud2native.com" --- apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: tracing-virtualservice namespace: istio-system spec: hosts: - "tracing.icloud2native.com" gateways: - tracing-gateway http: - match: - uri: prefix: / route: - destination: host: tracing port: number: 80 --- apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: tracing-dr namespace: istio-system spec: host: tracing trafficPolicy: tls: mode: DISABLE ---
-
访问Jaeger