在Kubernetes集群中搭建Istio微服务网格的过程详解

1.设置主机名hostnamectl set-hostname k8s-masterhostnamectl set-hostname k8s-node1hostnamectl set-hostname k8s-node22.关闭selinux及防火墙setenforce 0sed -ri '/^SELINUX=/c SELINUX=disabled' /etc/sysconfig/selinux sed -ri '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config systemctl stop firewalldsystemctl disable firewalld

1.sealos官网获取软件包[root@k8s-master1 ~]# ll总用量 507472-rw-r--r-- 1 root root  552591411 8月   5 2021 kube1.19.16.tar.gz-rw-r--r-- 1 root root  44322816  4月  29 13:47 sealos2.将kube1.19.16.tar.gz文件上传到所有k8s节点3.安装sealos[root@k8s-master1 ~/soft]# chmod +x sealos && mv sealos /usr/bin[root@k8s-master1 ~/soft]# sealos versionVersion: 3.3.9-rc.3Last Commit: 4db4953Build Date: 2021-04-10T11:25:04Z4.部署K8S1.19.16版本[root@k8s-master ~]# sealos init --passwd 'teacher' --master 192.168.20.10  --node 192.168.20.11  --node 192.168.20.12 --pkg-url /root/kube1.19.16.tar.gz --version v1.19.16

[root@k8s-master ~]# curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.8.2 TARGET_ARCH=x86_64 sh -

1.准备istio命令[root@k8s-master ~]# cp istio-1.8.2/bin/istioctl /usr/bin/2.查看可用的配置列表[root@k8s-master ~]# istioctl profile listIstio configuration profiles:    default					#默认配置档，功能丰富，建议生产使用    demo					#快速入门使用，适中配置，不适合性能测试    empty    minimal					#功能最少的组件集配置    openshift    preview    remote					#用于配置共享控制平面的多集群服务网格3.指定安装的配置档$ istioctl install --set profile=demo -y

1.安装istio[root@k8s-master ~]# istioctl install -yDetected that your cluster does not support third party JWT authentication. Falling back to less secure first party JWT. See https://istio.io/v1.8/docs/ops/best-practices/security/#configure-third-party-service-account-tokens for details.
下载地址:
Nginx的mirror指令示例配置
一篇文章读懂nginx的gzip功能