I have started to read Istio-in-action (by Manning) and Mastering-service-mesh (by Packt) and there are some examples where I cannot 'see' the right output. I work on my laptop with Ubuntu 20.04 and I use [kind] for my local k8s cluster where I can create 3 or more worker-nodes.
When I deploy some Istio resources (e.g. virtual service) I would like to browse the service-mesh from my Ubuntu browser or from a different client (either a different laptop or cell phone) but it misses something in my 'infrastructure'- is it the external load balancer or some local Ubuntu configuration? Is it mandatory to work with a public cloud provider - GCP/AWS/Azure ; if Yes, which one is the most simple? I have tried with kubectl port-forward
but without success.
Other resources are ok (e.g. istioctl dashboard kiali/jaeger/prometheus) even without an ExternalIP.
Could you help me to find a blog or a tutorial/hint/advice about the necessary elements for browsing the k8s/Istio services from the internet?
Thank you in advance!
When installing istio with the istio-ingressgateway enabled a service with that name is created in the istio-system
namespace.
❯ kubectl get svc -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
istio-ingressgateway LoadBalancer 100.71.98.21 <pending> 80:32564:80/TCP,...
When deploying istio to a public cloud provider, that will create a load balancer (like AWS ELB) for you. When the setup is done the EXTERNAL-IP
will switch from <pending>
to an actual ip, the public ip of the load balancer. You can access your cluster by visiting that ip.
On your local setup you don't have this luxury. But the service still is created. In the PORT(S)
column you can see a bunch of ports. That is actually a port mapping. So ports of your node machine are being mapped to that service.
You use this to get the port mapped to http (port 80): For me it would be the 32564
. Or you can run this:
kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}'
Now just open your browser and use one of your worker's ip to access the cluster by visiting <NODE_IP>:<PORT>
(where PORT
is the one from above).
See docs