i create a cluster by kind in my local env
why the ip list by node cant connected? like bottom
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
kind-control-plane Ready control-plane,master 22h v1.21.1 172.18.0.2 <none> Ubuntu 21.04 4.19.121-linuxkit containerd://1.5.2
ping 172.18.0.2 get Request timeout
i follow doc https://istio.io/latest/docs/setup/getting-started/ and blocked in step Verify external access
"http://$GATEWAY_URL/productpage" is not a useful site for me
i meet this question so when i test istio in local,cant expose my service from pod inside
so , how can i complete the step??
CodePudding user response:
Kind runs each Kubernetes node in a separate Docker container. The IP address you see is a Docker-internal address, but that's not directly accessible (unless you're calling from outside a container, on the same host, and it's a native-Linux host).
When you create the kind cluster you need to configure it to publish ports from the node container. For this to work you need to know the port number on the node that's being published; if it's a NodePort-type service, you need to know (or probably directly specify) the nodePort: value, for example.
The Istio documentation describes looking up the ingress port but that's not too useful since you need to reinstall the cluster with that value. Istio has several installation profiles. It's very possible to customize them, including changing the Service port definitions; the Gateway definition is substantial but does allow explicitly setting the nodePort values.
So: first, pick a port, in the ordinary NodePort range (30000-32767); let's use 31380 (a number that appears in the documentation page you link to).
You need to configure kind to make that port visible:
# kindconfig.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
extraPortMappings:
- containerPort: 31380 # actually the nodePort
hostPort: 8000 # some available port on your host (can be 80)
Create the cluster
kind create cluster --config=kindconfig.yaml
Create an Istio configuration. Note that you must copy the entire list of ports.
# istioconfig.yaml
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
components:
ingressGateways:
- name: istio-ingressgateway
enabled: true
k8s:
service:
ports:
- port: 15021
targetPort: 15021
name: status-port
- port: 80
targetPort: 8080
nodePort: 31380 # <-- add this
name: http2
# and copy the remaining ports from the reference config
Then, in the new kind cluster, install Istio using this setup
istioctl install --set profile=demo -f istioconfig.yaml
Once Istio fully comes up and you deploy the application, you should be able to access http://localhost:8000 from the host system, where 8000 is the kind hostPort: setting we configured (if you picked port 80 there, you can leave off the port number).
The routing here is:
localhostport 8000 from the host reaches a Docker port-forward;- Docker forwards to port 31380 in the
kind-control-planecontainer; - Port 31380 is attached to a NodePort (actually LoadBalancer)
istio-ingressgatewayService in theistio-systemnamespace; - That forwards to port 8080 on the actual ingress Pod(s);
- The ingress gateway does URL-based routing to your application using normal Kubernetes and Istio intra-cluster networking.