Istio is the simplify observability, traffic management, security, and policy with the leading service mesh
Istio addresses the challenges developers and operators face with a distributed or microservices architecture. Whether you’re building from scratch or migrating existing applications to cloud native, Istio can help.
This article is about how to use Pulumi, kubernetes (K8S) provider, Helm Chart and TypeScript SDK to deploy Istio within Kubernetes (K8S).
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
See Getting started | Kubernetes - https://kubernetes.io/docs/setup/ to leanr more.
Pulumi is a modern infrastructure-as-code platform that allows you to use common programming languages, tools, and frameworks, to provision, update, and manage cloud infrastructure resources.
Install the Pulumi - https://www.pulumi.com/ CLI.
Mac OS X
brew install pulumi
See Download and Install | Pulumi - https://www.pulumi.com/docs/get-started/install/ to learn more about others OS.
Install Node.js - https://nodejs.org/en/ CLI.
Mac OS X
brew install node
See Node.js - https://nodejs.org/en/ to learn more about others OS.
Create the workspace directory.
mkdir -p col-example-pulumi-typescript-istio
Pulumi login into local file system.
pulumi login file://.
Pulumi new a project with kubernetes-typescript SDK.
pulumi new kubernetes-typescript
The above command will create some files within the current directory.
tree . -L 1
js-yaml package to load and parse yaml file.
npm i js-yaml
By default, Pulumi will look for a kubeconfig file in the following locations, just like kubectl:
The environment variable:
Or in current user’s default kubeconfig directory:
If the kubeconfig file is not in either of these locations, Pulumi will not find it, and it will fail to authenticate against the cluster. Set one of these locations to a valid kubeconfig file, if you have not done so already.
See and modify istio-base/main.ts file.
See and modify istio-ingress/main.ts file.
Edit istio-ingress/values.yaml and replace content within
See and modify istio-istiod/main.ts file.
Check all files.
tree . -L 1
Run pulumi up to create the namespace and pods.
See pods about istio.
kubectl get pods -n istio-system
Assume you have determined that your environment has an external load balancer
kubectl get svc -n istio-system
Destroy all resources created by Pulumi.