Install Istio Using Helm Chart in AWS EKS.

Istio

1. It is an open-source service mesh.
2. It operates as a transparent layer among microservices within an application.
3. Originally created by Google, IBM, and Lyft, it now falls under the CNCF.
4. Managing, securing, and monitoring traffic between microservices.

Why Istio ?

1. Istio employs a sidecar proxy (Envoy) alongside each microservice.
2. These proxies intercept and manage all incoming and outgoing traffic within the application.
3. Their role is crucial as they enable Istio to control traffic flow, enforce security policies, and gather telemetry data.
4. Istio's control plane, consisting of components like Pilot and Mixer:

• Configures and monitors these proxies.
• Ensures consistent and coordinated behavior across all microservices.

Benifits of using Istio:

1. Traffic Management
2. Circuit Breaking and Request Retries
3. Eases Microservices Management
4. Policy Enforcement at Network Level
5. Security
6. Load Balancing

Prerequisites :

• A running Kubernetes cluster: This can be a self-managed cluster or a managed service like Amazon EKS.

• Kubectl – Kubernetes command-line tool.
• Helm – Package manager for Kubernetes.

Steps to install Istio using Helm charts
There are three steps involved in the process

1. Add Istio repository to Helm
2. Install Istio base chart
3. Install Istio control plane

Step #1: Add Istio repository to Helm
Istio repository contains the necessary configurations and Istio charts for installing Istio. The first step is to add it to Helm by running the command below.

helm repo add istio https://istio-release.storage.googleapis.com/charts

Now, update Helm repository to get the latest charts:

helm repo update

istioctl x precheck 

The istioctl x precheck command is used in the Istio service mesh to perform pre-installation checks before deploying Istio

Step #2: Install Istio base chart
Enter the following command to install the Istio base chart, which contains cluster-wide Custom Resource Definitions (CRDs). (Note that this is a requirement for installing the Istio control plane.)

helm install istio-base istio/base -n istio-system --create-namespace --set defaultRevision=default

• In the above command, istio-base and istio/base represent the chart name and the chart path, respectively.

• The chart will be installed in istio-system namespace. Since the namespace does not exist already, we passed the argument –create-namespace to create it. The namespace will set up the validator required for Istio.

• defaultRevision: As the Istio base chart sets up a ValidatingWebhookConfiguration to perform resource validation, it is necessary to select a default revision that will be used for validation. We will use the default revision here.

Step #3: Install Istio control plane
The below command will install the Istio control plane component, Istiod, into the istio-system namespace.

helm install istiod istio/istiod -n istio-system --wait

Verify Istio base and Istiod deployment status
By running the following command, we can see the deployment status of istio-base and istiod.

helm ls -n istio-system

Also, run the following command to verify if it is actually running:

kubectl get deployments -n istio-system -o wide

We can see that the istiod service’s pod is running.

If you prefer a video tutorial to help guide you through the process of Install Istio Using Helm Chart in AWS EKS