3. Add Deployments and Services with the Istio Sidecar
> Prerequisite: To enable Istio for a workload, the cluster and namespace must have the Istio app installed.
Enabling Istio in a namespace only enables automatic sidecar injection for new workloads. To enable the Envoy sidecar for existing workloads, you need to enable it manually for each workload.
To inject the Istio sidecar on an existing workload in the namespace,
- In the upper left corner, click ☰ > Cluster Management.
- On the Clusters page, go to the cluster where you want to see the visualizations and click Explore.
- Click Workload.
- Go to the workload where you want to inject the Istio sidecar and click â‹® > Redeploy. When the workload is redeployed, it will have the Envoy sidecar automatically injected.
Wait a few minutes for the workload to upgrade to have the istio sidecar. Click it and go to the Containers section. You should be able to see istio-proxy alongside your original workload. This means the Istio sidecar is enabled for the workload. Istio is doing all the wiring for the sidecar envoy. Now Istio can do all the features automatically if you enable them in the yaml.
Add Deployments and Services#
There are a few ways to add new Deployments in your namespace:
- Click ☰ > Cluster Management.
- Go to the cluster that you created and click Explore.
- Click Workload.
- Click Create.
- Click Deployment.
- Fill out the form, or Edit as Yaml.
- Click Create.
To add a Service to your namespace:
- Click ☰ > Cluster Management.
- Go to the cluster that you created and click Explore.
- Click Service Discovery > Services.
- Click Create.
- Select the type of service that you want.
- Fill out the form, or Edit as Yaml.
- Click Create
You can also create deployments and services using the kubectl shell
- Run
kubectl create -f \<name of service/deployment file\>.yamlif your file is stored locally in the cluster - Or run
cat\<\< EOF | kubectl apply -f -, paste the file contents into the terminal, then runEOFto complete the command.
Example Deployments and Services#
Next we add the Kubernetes resources for the sample deployments and services for the BookInfo app in Istio's documentation.
- Click ☰ > Cluster Management.
- Go to the cluster that you created and click Explore.
- In the top navigation bar, open the kubectl shell.
- Run
cat\<\< EOF | kubectl apply -f - - Copy the below resources into the the shell.
- Run
EOF
This will set up the following sample resources from Istio's example BookInfo app:
Details service and deployment:
- A
detailsService - A ServiceAccount for
bookinfo-details - A
details-v1Deployment
Ratings service and deployment:
- A
ratingsService - A ServiceAccount for
bookinfo-ratings - A
ratings-v1Deployment
Reviews service and deployments (three versions):
- A
reviewsService - A ServiceAccount for
bookinfo-reviews - A
reviews-v1Deployment - A
reviews-v2Deployment - A
reviews-v3Deployment
Productpage service and deployment:
This is the main page of the app, which will be visible from a web browser. The other services will be called from this page.
- A
productpageservice - A ServiceAccount for
bookinfo-productpage - A
productpage-v1Deployment
Resource YAML#
# Copyright 2017 Istio Authors## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at## http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.
################################################################################################### Details service##################################################################################################apiVersion: v1kind: Servicemetadata: name: details labels: app: details service: detailsspec: ports: - port: 9080 name: http selector: app: details---apiVersion: v1kind: ServiceAccountmetadata: name: bookinfo-details---apiVersion: apps/v1kind: Deploymentmetadata: name: details-v1 labels: app: details version: v1spec: replicas: 1 selector: matchLabels: app: details version: v1 template: metadata: labels: app: details version: v1 spec: serviceAccountName: bookinfo-details containers: - name: details image: docker.io/istio/examples-bookinfo-details-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---################################################################################################### Ratings service##################################################################################################apiVersion: v1kind: Servicemetadata: name: ratings labels: app: ratings service: ratingsspec: ports: - port: 9080 name: http selector: app: ratings---apiVersion: v1kind: ServiceAccountmetadata: name: bookinfo-ratings---apiVersion: apps/v1kind: Deploymentmetadata: name: ratings-v1 labels: app: ratings version: v1spec: replicas: 1 selector: matchLabels: app: ratings version: v1 template: metadata: labels: app: ratings version: v1 spec: serviceAccountName: bookinfo-ratings containers: - name: ratings image: docker.io/istio/examples-bookinfo-ratings-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---################################################################################################### Reviews service##################################################################################################apiVersion: v1kind: Servicemetadata: name: reviews labels: app: reviews service: reviewsspec: ports: - port: 9080 name: http selector: app: reviews---apiVersion: v1kind: ServiceAccountmetadata: name: bookinfo-reviews---apiVersion: apps/v1kind: Deploymentmetadata: name: reviews-v1 labels: app: reviews version: v1spec: replicas: 1 selector: matchLabels: app: reviews version: v1 template: metadata: labels: app: reviews version: v1 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---apiVersion: apps/v1kind: Deploymentmetadata: name: reviews-v2 labels: app: reviews version: v2spec: replicas: 1 selector: matchLabels: app: reviews version: v2 template: metadata: labels: app: reviews version: v2 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v2:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---apiVersion: apps/v1kind: Deploymentmetadata: name: reviews-v3 labels: app: reviews version: v3spec: replicas: 1 selector: matchLabels: app: reviews version: v3 template: metadata: labels: app: reviews version: v3 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v3:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---################################################################################################### Productpage services##################################################################################################apiVersion: v1kind: Servicemetadata: name: productpage labels: app: productpage service: productpagespec: ports: - port: 9080 name: http selector: app: productpage---apiVersion: v1kind: ServiceAccountmetadata: name: bookinfo-productpage---apiVersion: apps/v1kind: Deploymentmetadata: name: productpage-v1 labels: app: productpage version: v1spec: replicas: 1 selector: matchLabels: app: productpage version: v1 template: metadata: labels: app: productpage version: v1 spec: serviceAccountName: bookinfo-productpage containers: - name: productpage image: docker.io/istio/examples-bookinfo-productpage-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080---