Service namespaces

Now that Istio is up and running, you can create service namespaces for your teams to run app workloads in. For any namespaces that you want to deploy apps to, be sure to follow these steps to include your services in the service mesh.

  1. Get the revision that you used for your installation. Typically, this is main for a Helm installation, or gloo for a Gloo operator installation.

      export REVISION=$(kubectl get pod -L app=istiod -n istio-system -o jsonpath='{.items[0].metadata.labels.istio\.io/rev}')      
    echo ${REVISION}
      
  2. Label the service namespace for Istio sidecar injection with the revision label.

      kubectl label namespace <namespace> istio.io/rev=${REVISION} --overwrite
      
  3. If you already deployed app pods to the namespace, restart the workloads so that sidecars are injected into the pods. For example, you might roll out a restart to each deployment by using a command similar to the following.

      kubectl rollout restart deployment -n <namespace> <deployment>
      

Bookinfo example

For testing purposes, you can deploy Bookinfo, the Istio sample app, and add it to your service mesh.

Single cluster

  1. Get the revision that you used for your installation. Typically, this is main for a Helm installation, or gloo for a Gloo operator installation.

      export REVISION=$(kubectl get pod -L app=istiod -n istio-system -o jsonpath='{.items[0].metadata.labels.istio\.io/rev}')      
    echo ${REVISION}
      
  2. Create the bookinfo namespace and label it so that the services become part of the service mesh.

      kubectl create ns bookinfo
    kubectl label ns bookinfo istio.io/rev=${REVISION} --overwrite
      
  3. Deploy the Bookinfo app.

      # deploy bookinfo application components for all versions less than v3
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'app,version notin (v3)'
    # deploy an updated product page with extra container utilities such as 'curl' and 'netcat'
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/policy-demo/productpage-with-curl.yaml
    # deploy all bookinfo service accounts
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'account'
      
  4. Verify that the Bookinfo app deployed successfully.

      kubectl get pods,svc -n bookinfo
      

Multicluster

  1. Get the revision that you used for your installation. Typically, this is main for a Helm installation, or gloo for a Gloo operator installation.

      export REVISION=$(kubectl get pod -L app=istiod -n istio-system -o jsonpath='{.items[0].metadata.labels.istio\.io/rev}')      
    echo ${REVISION}
      
  2. Create the bookinfo namespace in each workload cluster, and label the namespaces for Istio injection so that the services become part of the service mesh.

      kubectl create ns bookinfo --context ${REMOTE_CONTEXT1}
    kubectl label ns bookinfo istio.io/rev=${REVISION} --overwrite --context ${REMOTE_CONTEXT1}
    kubectl create ns bookinfo --context ${REMOTE_CONTEXT2}
    kubectl label ns bookinfo istio.io/rev=${REVISION} --overwrite --context ${REMOTE_CONTEXT2}
      
  3. Deploy Bookinfo with the details, productpage, ratings, reviews-v1, and reviews-v2 services in the first cluster.

      # deploy bookinfo application components for all versions less than v3
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'app,version notin (v3)' --context ${REMOTE_CONTEXT1}
    # deploy an updated product page with extra container utilities such as 'curl' and 'netcat'
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/policy-demo/productpage-with-curl.yaml
    # deploy all bookinfo service accounts
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'account' --context ${REMOTE_CONTEXT1}
      
  4. Deploy Bookinfo with the ratings and reviews-v3 services in the second cluster.

      # deploy reviews and ratings services
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'service in (reviews)' --context ${REMOTE_CONTEXT2}
    # deploy reviews-v3
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'app in (reviews),version in (v3)' --context ${REMOTE_CONTEXT2}
    # deploy ratings
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'app in (ratings)' --context ${REMOTE_CONTEXT2}
    # deploy reviews and ratings service accounts
    kubectl -n bookinfo apply -f https://raw.githubusercontent.com/istio/istio/1.24.2/samples/bookinfo/platform/kube/bookinfo.yaml -l 'account in (reviews, ratings)' --context ${REMOTE_CONTEXT2}
      
  5. Verify that the Bookinfo app deployed successfully.

      kubectl get pods,svc -n bookinfo --context ${REMOTE_CONTEXT1}
    kubectl get pods,svc -n bookinfo --context ${REMOTE_CONTEXT2}
      

Next

  • Expose apps in your mesh with an ingress gateway.
  • Launch the Gloo UI to review the Istio insights that were captured for your service mesh setup. Gloo Mesh Core comes with an insights engine that automatically analyzes your Istio setups for health issues. These issues are displayed in the UI along with recommendations to harden your Istio setups. The insights give you a checklist to address issues that might otherwise be hard to detect across your environment. For more information, see Insights.
  • When it’s time to upgrade your service mesh, you can perform a safe in-place upgrade by using the Gloo operator or Helm.