kubernetes-istio-service-mesh

kubernetes-istio-service-mesh-Logo kubernetes-istio-service-mesh-Logo

Kubernetes Istio Service Mesh With Kiali Console

[!IMPORTANT] If you discover a security vulnerability, please do the responsible thing, Privately report it to me at satyabrata.7059@gmail.com

πŸ“ Table of Contents - [Screenshot Kiali](#-screenshot-kiali) - [Step-by-Step Installation](#%EF%B8%8F-step-by-step-installation-guide) - [Install kind and kubectl macOS (via Homebrew)](#%EF%B8%8F-macos-via-homebrew) - [Install kind and kubectl Ubuntu / Linux](#-ubuntu--linux) - [Clone the Repository](#-clone-the-repository) - [Create Kind Cluster](#-create-kind-cluster) - [Add Istio and Install Components](#-add-istio-helm-repo-and-install-components) - [Enable Istio Injection](#-enable-istio-injection) - [Install Istio Gateway](#-install-istio-gateway) - [Monitoring Setup](#-monitoring-setup) - [Kiali Dashboard](#-kiali-dashboard) - [Kiali Service Gateway](#-kiali-service-gateway) - [Install Microservices](#%EF%B8%8F-install-microservices) - [Access at](#-access-at) - [Security](/kubernetes-istio-service-mesh/SECURITY.html) - [Code of Conduct](/kubernetes-istio-service-mesh/CODE_OF_CONDUCT.md) - [License](/kubernetes-istio-service-mesh/LICENSE) - [GitHub Packages](https://github.com/batpool?tab=packages&repo_name=kubernetes-istio-service-mesh)

πŸ“Š Screenshot Kiali

πŸ› οΈ Step-by-Step Installation Guide

πŸ–₯️ macOS (via Homebrew)

# Install Homebrew (if not already installed)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Install kind (Kubernetes in Docker)
brew install kind

# Install kubectl (Kubernetes CLI)
brew install kubectl

🐧 Ubuntu / Linux

# Install kind
# For AMD64 / x86_64
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.29.0/kind-linux-amd64
# For ARM64
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.29.0/kind-linux-arm64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind

# Install kubectl (based on system architecture)
ARCH=$(uname -m)
if [ "$ARCH" = "x86_64" ]; then
  KARCH=amd64
elif [ "$ARCH" = "aarch64" ]; then
  KARCH=arm64
else
  echo "❌ Unsupported architecture: $ARCH"
  exit 1
fi

curl -LO "https://dl.k8s.io/release/$(curl -s https://dl.k8s.io/release/stable.txt)/bin/linux/${KARCH}/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/kubectl

🧬 Clone the Repository

Start by cloning the project to your local machine:

git clone https://github.com/batpool/kubernetes-istio-service-mesh.git
cd kubernetes-istio-service-mesh

🧱 Create Kind Cluster

kind create cluster --config kind/config.yaml --name dev

πŸ“¦ Add Istio Helm Repo and Install Components

helm repo add istio https://istio-release.storage.googleapis.com/charts

helm install istio-base istio/base -n istio-system --create-namespace --wait
helm install istiod istio/istiod -n istio-system --wait

πŸ”§ Enable Istio Injection

kubectl label ns default istio-injection=enabled --overwrite
kubectl wait pods --for=condition=Ready -l app=istiod -n istio-system

🌐 Install Istio Gateway

helm install istio-gateway istio/gateway -n istio-system \
  --set "service.type=NodePort" \
  --set "service.ports[0].name=http2" \
  --set "service.ports[0].port=80" \
  --set "service.ports[0].nodePort=30000" \
  --set "service.ports[1].name=https" \
  --set "service.ports[1].port=443" \
  --set "service.ports[1].nodePort=31000" \
  --set "service.ports[2].name=status-port" \
  --set "service.ports[2].port=15021" \
  --set "service.ports[2].targetPort=15021" \
  --set "service.ports[2].nodePort=32000"

kubectl apply -f istio/servicemesh/gateway.yaml

πŸ“ˆ Monitoring Setup

helm repo add prometheus-community https://prometheus-community.github.io/helm-charts

helm install prometheus prometheus-community/prometheus -n monitoring --create-namespace

πŸ“Š Kiali Dashboard

helm install kiali-server kiali-server \
  --repo https://kiali.org/helm-charts \
  --namespace istio-system \
  --create-namespace \
  --set auth.strategy="anonymous" \
  --set external_services.prometheus.url="http://prometheus-server.monitoring" \
  --set external_services.grafana.enabled=false

πŸšͺ Kiali Service Gateway

kubectl apply -f istio/kiali/kvs.yaml

βš™οΈ Install Microservices

helm install fastapi-auth-service ./helm-charts/fastapi-auth-service

helm install golang-profile-service ./helm-charts/golang-profile-service

🌐 Access at

# fastapi microservice
http://127.0.0.1:8080/api/docs

# kiali
http://127.0.0.1:8080/kiali/

</a>

This project is licensed under the MIT License.

βœ… Now you’re ready to visualize your Istio Service Mesh with Kiali, Prometheus – all running on a local Kind cluster!

🌟 Don’t forget to give a ⭐ on GitHub if you find this project helpful!

This site is open source. Improve this page.