DEV Community

Ravindra Singh for AWS Community Builders

Posted on • Updated on

Install Istio Using Helm Chart in AWS EKS.

Image description

Istio

  1. It is an open-source service mesh.
  2. It operates as a transparent layer among microservices within an application.
  3. Originally created by Google, IBM, and Lyft, it now falls under the CNCF.
  4. Managing, securing, and monitoring traffic between microservices.

Why Istio ?

  1. Istio employs a sidecar proxy (Envoy) alongside each microservice.
  2. These proxies intercept and manage all incoming and outgoing traffic within the application.
  3. Their role is crucial as they enable Istio to control traffic flow, enforce security policies, and gather telemetry data.
  4. Istio's control plane, consisting of components like Pilot and Mixer:
  • Configures and monitors these proxies.
  • Ensures consistent and coordinated behavior across all microservices.

Benifits of using Istio:

  1. Traffic Management
  2. Circuit Breaking and Request Retries
  3. Eases Microservices Management
  4. Policy Enforcement at Network Level
  5. Security
  6. Load Balancing

Prerequisites :

  • A running Kubernetes cluster: This can be a self-managed cluster or a managed service like Amazon EKS.

  • Kubectl – Kubernetes command-line tool.
  • Helm – Package manager for Kubernetes.

Steps to install Istio using Helm charts
There are three steps involved in the process

  1. Add Istio repository to Helm
  2. Install Istio base chart
  3. Install Istio control plane

Step #1: Add Istio repository to Helm
Istio repository contains the necessary configurations and Istio charts for installing Istio. The first step is to add it to Helm by running the command below.



helm repo add istio https://istio-release.storage.googleapis.com/charts


Enter fullscreen mode Exit fullscreen mode

Now, update Helm repository to get the latest charts:



helm repo update


Enter fullscreen mode Exit fullscreen mode


istioctl x precheck 


Enter fullscreen mode Exit fullscreen mode

The istioctl x precheck command is used in the Istio service mesh to perform pre-installation checks before deploying Istio

Step #2: Install Istio base chart
Enter the following command to install the Istio base chart, which contains cluster-wide Custom Resource Definitions (CRDs). (Note that this is a requirement for installing the Istio control plane.)



helm install istio-base istio/base -n istio-system --create-namespace --set defaultRevision=default


Enter fullscreen mode Exit fullscreen mode
  • In the above command, istio-base and istio/base represent the chart name and the chart path, respectively.

  • The chart will be installed in istio-system namespace. Since the namespace does not exist already, we passed the argument –create-namespace to create it. The namespace will set up the validator required for Istio.

  • defaultRevision: As the Istio base chart sets up a ValidatingWebhookConfiguration to perform resource validation, it is necessary to select a default revision that will be used for validation. We will use the default revision here.

Step #3: Install Istio control plane
The below command will install the Istio control plane component, Istiod, into the istio-system namespace.



helm install istiod istio/istiod -n istio-system --wait


Enter fullscreen mode Exit fullscreen mode

Verify Istio base and Istiod deployment status
By running the following command, we can see the deployment status of istio-base and istiod.



helm ls -n istio-system


Enter fullscreen mode Exit fullscreen mode

Also, run the following command to verify if it is actually running:



kubectl get deployments -n istio-system -o wide


Enter fullscreen mode Exit fullscreen mode

We can see that the istiod service’s pod is running.

If you prefer a video tutorial to help guide you through the process of Install Istio Using Helm Chart in AWS EKS

Top comments (0)