Kyani Web Interface: Visualizing Istio Components and Traffic

Introduction

• Presented by: Ben Cat
• Channel: Open Source
• Topic: Kyani web interface for visualizing Istio components and service mesh traffic
• Previous Videos: Graphana with Istio, deploying Istio binary, Istio resources in Kubernetes cluster, and deploying the sample Book Info application
• Prerequisites: Kubernetes cluster, Helm installed, and a load balancing solution like MetalLB

Environment Setup

• Kubernetes Version: 1.15.0, running Kubernetes in Docker (Kind)
• Commands to Check Environment: kubectl version, kubectl get nodes
• Downloaded Istio Binary: Inside Istio directory (samples, install)
• Istio Installation: curl -L <URL> | sh, install Istio ctl binary
• Namespace: kubectl create namespace istio-system

Istio Installation

• Initialize Istio: Command
  • helm install under the install directory kubernetes helm istio-init --name istio-init --namespace istio-system
  • Creates three jobs, custom resource definitions
• Creating Secret for Kiali Web Interface:
  • Steps: Set environment variables for username and password, use kubectl create secret to create a secret
  • Example:
    • export KIALI_USERNAME=admin
    • export KIALI_PASSPHRASE=admin
    • kubectl -n istio-system create secret generic kiali --from-literal=username=$KIALI_USERNAME --from-literal=passphrase=$KIALI_PASSPHRASE
• Deploying Istio: helm install under the install directory kubernetes helm istio --name istio --namespace istio-system --set grafana.enabled=true --set kiali.enabled=true

Deploying Book Info Sample Application

• Labeling Namespace: Command: kubectl label namespace default istio-injection=enabled
• Deploy Application: kubectl create -f samples/bookinfo/platform/kube/bookinfo.yaml
• Create Gateway: kubectl create -f samples/bookinfo/networking/bookinfo-gateway.yaml
• Define Destination Rules: kubectl create -f samples/bookinfo/networking/destination-rule-all.yaml

Accessing Services

• Istio Ingress Gateway: Command kubectl -n istio-system get service istio-ingressgateway
• Grafana and Kiali Services:
  • kubectl -n istio-system get service grafana
  • kubectl -n istio-system edit service kiali
  • Update type to NodePort for external access or use Port Forwarding

Generating Traffic

• Using Curl to generate traffic:
  • watch curl -s -o /dev/null http://172.17.0.200/productpage

Kiali Web Interface

• Access Through Port Forwarding: kubectl -n istio-system port-forward svc/kiali 20001:20001
• Login: Username and password set as the secret
• Configuring Grafana URL: Pass during Helm install (--set kiali.dashboard.grafanaURL=http://grafana:3000)
• Dashboard Features:
  • Overview of namespaces: default, istio-system, metal-lb, dynamic NFS storage
  • Applications, Workloads, Services, Istio Configurations
  • Traffic visualization: Animated traffic flows, edge labels, request percentages
  • Filter options: Refresh intervals, detailed insights on individual micro-services

Visualization Options

• Traffic Graph Views: Display different service maps and traffic flows
  • App Graph
  • Versioned App Graph: Shows different versions of microservices
  • Service Graph
  • Workload Graph
• Traffic Animation: Shows real-time traffic flows and health indicators
• Drill Down: Clicking on individual microservices for more detailed insights
• Updating Configurations: Dynamically update traffic routing, request percentages

Next Steps

• Future Topics: Request routing and traffic management, updating routing rules, permanent changes vs temporary changes through Kiali interface.

Conclusion

• Feedback and Questions: Encouragement to leave comments
• Subscription Prompt: Encouragement to subscribe and share the video
• Future Content: Request routing and traffic management
• Personal Note: Enjoyment and appreciation for exploring Istio service mesh

Sign-Off

• Goodbye Message: Looking forward to next video, bye!