Wyssmann Engineering
Wyssmann Engineering
  • English

Rancher 2.5.x istio v2

Posted on September 9, 2021 by Adrian Wyssmann ‐ 2 min read

rancher kubernetes monitoring ms-teams alerting

Installing istio with Rancher is quite easy, but in combination wit alerting for MS Teams some guidance might be helpful. I guide you trough the process of the complete installation

Istio Operator

Installation

Prerequisites

Since we want to use restricted pod security policies with Istio we have to use the Istio CNI plugin.

Follow the instructions from the Rancher documentation.

  1. In Rancher ensure ingress Gateway is enabled → see Installation and Configuration Details Container Platform

  2. Open the “Cluster Explorer”

  3. Select the desired project

  4. Open “Apps & Marketplace” and open “istio

  5. Select “Components” and then select these options

    • Version: 1.9.300 (latest, depends on the version of Rancher)
    • Install into Project: System
    • Components: select all

    Screenshot of setup parameters for istio

  6. We override some of the default options with the istio-overlay-file Select Overlay File and add this snippet:

    apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
hub: docker.intra # not needed
values:
  pilot:
  autoscaleEnabled: true
  autoscaleMax: 5
  autoscaleMin: 3
components:
  ingressGateways:
  - name: istio-ingressgateway
    k8s:
      hpaSpec:
        minReplicas: 3
  egressGateways:
  - name: istio-egressgateway
    k8s:
      hpaSpec:
        minReplicas: 3
  pilot:
    k8s:
      hpaSpec:
        minReplicas: 3

to clarify

In previous versions we had the custom answers, but we have to clarify what is still needed: Case 00309732 · Custom answers equivalent for istio 1.9 (suse.com)

Some of them are obsolete as they are either enabled by default or not valid anymore

gateways.istio-egressgateway.autoscaleMin = 3
gateways.istio-ingressgateway.autoscaleMin = 3
global.controlPlaneSecurityEnabled = true
global.outboundTrafficPolicy.mode = REGISTRY_ONLY
kiali.hub = ci-tools.intra:5000
kiali.replicaCount = 3
  1. Click “Install”

Reference

Installation of istio is documented at Confluence.

Some reference documentation for this:

Tips

Check what’s installed

See also Install with Istioctl

kubectl -n istio-system get IstioOperator installed-state -o yaml
← Rancher 2.5.x monitoring and alerting with MS Teams
Rancher 2.5.x v2 logging using splunk →