Skip to content

Kiali on Istio

Jump to bottom
kimhyungkook edited this page Mar 7, 2019 · 6 revisions

Kiali κ°„λž΅ μ„€λͺ…

Kiali λŠ” 각 마이크둜 μ„œλΉ„μŠ€κ°„μ˜ 관계λ₯Ό μ‹œκ°ν™” ν•΄μ£ΌλŠ” λͺ¨λ‹ˆν„°λ§ 툴 이닀.
Kiali site 에 가보면 기본적인 λͺ¨λ‹ˆν„°λ§ 이외에도
Application(pods), Workload(deployment,statefulset..) and Service λ“€μ˜ health check, request and response metrics, inbound and outbound traffic,
μ„œλΉ„μŠ€λ“€μ˜ TRAFFIC ROUTING, 그리고 istio μ„€μ •(VirtualService, DestinationRule λ“±) 을
볼수 μžˆλŠ” κΈ°λŠ₯듀이 μžˆλ‹€.

install Kiali

1 kiali ν™ˆνŽ˜μ΄μ§€μ— 가보면 install 이 ν•œμ€„λ‘œ ν‘œμ‹œλ˜μ–΄μžˆλŠ”λ°, 이걸 μ„€μΉ˜ν•˜λ €λ©΄ envsubst κ°€ 미리 μ„€μΉ˜κ°€ λ˜μ–΄μžˆλ‹€κ³  μ”Œμ–΄μ Έ μžˆλ‹€.
Mac 으둜 ν…ŒμŠ€νŠΈλ₯Ό ν•˜μ˜€κΈ°μ— homebrew 둜 μ„€μΉ˜ν•˜λŠ” 방법을 μ λŠ”λ‹€.

### 1. envsubst μ„€μΉ˜
> brew install gettext
> brew link --force gettext

## kiali μ„€μΉ˜
> bash <(curl -L http://git.io/getLatestKialiKubernetes)

μ„€μΉ˜μ‹œ μ‚¬μš©μž λͺ…을 μž…λ ₯ν•˜λŠ”λž€μ΄ μžˆλ‹€.

2 λ‹€μŒμœΌλ‘œλŠ” Kiali λ₯Ό μ‚¬μš©ν• μˆ˜ μžˆλŠ” authenticate λ₯Ό μƒμ„±ν•œλ‹€.

NAMESPACE=istio-system
KIALI_USERNAME=$(read -p 'Kiali Username: ' uval && echo -n $uval | base64)
KIALI_PASSPHRASE=$(read -sp 'Kiali Passphrase: ' pval && echo -n $pval | base64)
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: kiali
  namespace: $NAMESPACE
  labels:
    app: kiali
type: Opaque
data:
  username: $KIALI_USERNAME
  passphrase: $KIALI_PASSPHRASE
EOF

ν•„μžλŠ” read -p λͺ…λ Ήμ–΄κ°€ μ•ˆλ¨Ήμ–΄μ„œ $(echo -n 'admin' | base64) μ΄λŸ°μ‹μœΌλ‘œ κ°•μ œλ‘œ 값을 μ£Όμ—ˆλ‹€.

3 istio μ„€μΉ˜μ‹œ kiali.enabled=true κ°€ μ•ˆλ˜μ–΄ μžˆμœΌλ‹ˆ, ν•΄λ‹Ή λͺ…령을 μž…λ ₯ν•  수 μžˆλŠ” μž‘μ—…μ„ μ‹œν–‰ν•œλ‹€.

> helm template --set kiali.enabled=true install/kubernetes/helm/istio --name istio --namespace istio-system > $HOME/istio.yaml
> kubectl apply -f $HOME/istio.yaml

3-1 kiali μ„€μΉ˜μ‹œ jaeger 와 grafana 도 μ—°κ²°ν•΄μ„œ μ‚¬μš©μ„ ν• μˆ˜ μžˆλ‹€.
이것을 μ‚¬μš©ν•˜λ €λ©΄ μ•„λž˜μ™€ 같이 jaegerURLκ³Ό grafanaURL 을 섀정을 ν•˜λ˜κ°€
ν˜Ήμ€ 졜초 μ„€μΉ˜μ‹œ ν™˜κ²½λ³€μˆ˜λ‘œ 등둝을 ν•΄ 놓아도 λœλ‹€.

μ„€μΉ˜ 전에 JAEGER_URI, GRAFANA_URI 을 ν™˜κ²½λ³€μˆ˜λ‘œ 등둝을 ν•˜λ©΄ μž…λ ₯λ˜μ–΄ μ„€μΉ˜λœλ‹€.
export GRAFANA_URL=grafana:3000
export JAEGER_URL=jaeger-query:16686

ν˜Ήμ‹œ url 을 λ°”κΏ€ κ²½μš°μ—λŠ” μ•„λž˜μ„œ λ§Œλ“  $HOME/istio.yaml 의 Config을 λ³€κ²½ν•˜λ©΄ λœλ‹€.
μˆ˜λ™ λ³€κ²½μ‹œ kiali pod λ₯Ό κ°•μ œλ‘œ μž¬μ‹œμž‘ ν•΄μ£Όμ–΄μ•Ό ν•œλ‹€.

> helm template \
    --set kiali.enabled=true \
    --set "kiali.dashboard.jaegerURL=http://$(kubectl get svc tracing -o jsonpath='{.spec.clusterIP}'):80" \
    --set "kiali.dashboard.grafanaURL=http://$(kubectl get svc grafana -o jsonpath='{.spec.clusterIP}'):3000" \
    install/kubernetes/helm/istio \
    --name istio --namespace istio-system > $HOME/istio.yaml
> kubectl apply -f $HOME/istio.yaml

접속

kiali λ₯Ό loadbalancer 둜 섀정을 ν•˜μ˜€λŠ”λ° 연결이 μ•ˆλœλ‹€.
원인은 ν•„μžλ„ 잘 λͺ°λΌμ„œ.. port-forward λ°©μ‹μœΌλ‘œ μ ‘μ†ν•˜μ˜€λ‹€.

kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=kiali -o jsonpath='{.items[0].metadata.name}') 20001:20001

Visit http://localhost:20001

μ•„λž˜ 그림은 uEngine-cloud-k8s κ°€ ν†΅μ‹ λ˜λŠ” λͺ¨μŠ΅μ΄λ‹€.

2019-03-07 4 22 59
Clone this wiki locally