istio-engressgateway does not work in microk8s - kubernetes

For testing and learning purposes I tried to use istio in microk8s.
microk8s.enable istio
Then
export MYHOST=$(microk8s.kubectl config view -o jsonpath={.contexts..namespace}).bookinfo.com
microk8s.kubectl apply -l version!=v2,version!=v3 -f https://raw.githubusercontent.com/istio/istio/release-1.5/samples/bookinfo/platform/kube/bookinfo.yaml
microk8s.kubectl get pods shows running bookinfo containers.
But when I try to get gateway it shows me nothing.
microk8s.kubectl get gateway
No resources found in default namespace.
microk8s.kubectl get all --all-namespaces shows pod/istio-engressgateway and its IP address.
But I can not access to that IP address, it shows not found.
What am I missing here? I just started Kubernetes and microk8s.

You also need to get bookinfo sample gateway yaml. To get that you must-
microk8s.kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.5/samples/bookinfo/networking/bookinfo-gateway.yaml
That should work..

Related

Unable to deploy WSO2 APIM in Minikube Kubernetes cluster

I'm trying to deploy WSO2 APIM on Kubernetes using the pattern-1 described on the github page https://github.com/wso2/kubernetes-apim. I have added my minikube ip to my etc/hosts file as follows:
[minikube ip] am.wso2.com gateway.am.wso2.com
I'm unable to access the Publisher and Devportal using this url:https://am.wso2.com/publisher
Is there any other configuration that needs to be done? Any help would be great:). Thanks in advance..
First, make sure all your WSO2 pods are running and they're in the ready state.
kubectl get po -n <your_namespace>
This should output.
Then make sure you have enabled Ingress addon.
minikube addons list
Then make sure Ingress pods are running.
kubectl get po -n ingress-nginx
Next, get the Ingress external IP.
kubectl get ing -A
Get the external IP and the Host from the above and add a entry to the /etc/hosts as shown below.
If everything is in place you should be able to access the Publisher by going to https://am.wso2.com/
Try to run the below command in the command line.
minikube tunnel

Kong Gateway using Kubernetes

Trying to deploy kong gateway via Kubernetes:
Created a namespace: kong-helm
Applied yaml files (using kubectl on kong-helm namespace) which includes: configmap.yaml, service.yaml, secret.yaml, ingress.yaml.
Upon applying the dbless.yaml(https://raw.githubusercontent.com/Kong/kubernetes-ingress-controller/master/deploy/single/all-in-one-dbless.yaml)ingress dbless pod is running.
kubectl get svc --all-namespaces - able to see the service(kong-test-poc) is created.
But when port forward is given: kubectl port-forward service/kong-test-poc 80:8080
Getting the following error: Error from server (NotFound): services "kong-test-poc" not found
Can you please tell how to rectify this error?
I believe you are missing the specific namespace where the service is running to it's going to your default namespace.
kubectl -n kong-helm port-forward service/kong-test-poc 8080:8080
I also recommend using an different port than 80 locally as this a unix reserved port. Also make sure that the kong-test-poc is configured to listen on 8080 (you didn't post the definition)

After few days my LoadBalancer External IP doesn't Work

When I deploy my Application my loadBalancer works just fine.But after few days, my loadBalancer External IP just doesn't work.My pod is running just fine and there is no issue with the logs as well.
I have had this issue with two different Application multiple times now.Not able to debug what's the issue.Have someone faced this type of error before?
For troubleshoot, you can check endpoints of your LoadBalancer service.
You need to see your pod's ip addresses and forwarded ports according your service like below.
$ kubectl get ep nginx
NAME ENDPOINTS AGE
nginx 100.96.5.44:80 17s
And describe
$ kubectl describe ep nginx
Then check logs of affected pod.
$ kubectl get pods
$ kubectl logs -f <pod-name>
ExternalIP addresses created to forward traffic to internal backends(pods)
If there is something, please provide your Yaml files, and outputs.

How to access port forward services on gke

I'm new to gke/gcp and this is my first project.
I'm setting up istio using https://istio.io/docs/setup/kubernetes/quick-start-gke-dm/ tutorial.
I've exposed grafana as shown in the post using:
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
curl http://localhost:3000/dashboard/db/istio-dashboard
gives me http page on terminal, to access it from the browser I'm using master ip I get after executing kubectl cluster-info.
http://{master-ip}:3000/dashboard/db/istio-dashboard is not accessible.
How do I access services using port-forward on gke?
First grab the name of the Pod
$ kubectl get pod
and then use the port-forward command.
$ kubectl port-forward <pod-name> 3000:3000
It worked for me, I've found it from this nice website also explained on detail how to do it. Hope it can be useful.
What (exact) http page is returned by the curl command? Both of these docs [1]&[2] suggest using the url (with localhost) in the browser after setting up a tunnel to Grafana: http://localhost:3000/dashboard/db/istio-dashboard
Alternatively, have you tried with istio-ingressgateway IP address?
[1] https://github.com/GoogleCloudPlatform/gke-istio-telemetry-demo#view-grafana-ui
[2] https://istio.io/docs/setup/kubernetes/quick-start-gke-dm/#grafana

I have deployed kubernetes cluster. The issue i have is that the dashboard is not accessible from external desktop system

I have deployed kubernetes cluster. The issue i have is that the dashboard is not accessible from external desktop system.
Following is my setup.
Two vm's with cluster deployed, one master one node.
dashboard running without any issue the kube-dns is also working as expected.
kubernetes version is 1.7.
Issue: When trying to access dashboard externally through kubectl proxy. i get unauthorized response.
This is with rbac role and rolebindings enabled.
How to i configure the cluster for http browser access to dashboard from external system.
Any hint/suggestions are most welcome.
kubectl proxy not working > 1.7
try this:
copy ~/.kube/config file to your desktop
then run the kubect like this
export POD_NAME=$(kubectl --kubeconfig=config get pods -n kube-system -l "app=kubernetes-dashboard,release=kubernetes-dashboard" -o jsonpath="{.items[0].metadata.name}")
echo http://127.0.0.1:9090/
kubectl --kubeconfig=config -n kube-system port-forward $POD_NAME 9090:9090
Then access the ui like this: http://127.0.0.1:9090
see this helps
If kubectl proxy gives the Unauthorized error, there can be 2 reasons:
Your user cert doesn't have the appropriate permissions. This is unlikely since you successfully deployed kube-dns and the dashboard.
kubelet authn/authz is enabled and it's not setup correctly. See the answer to my question.