public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-16 01:53:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Document installing Istio on an RKE2 cluster #2877

Browse Source 
https://github.com/rancher/docs/issues/2877#issuecomment-739077980
This commit is contained in:
Catherine Luse
2020-12-16 00:00:38 -07:00
committed by GitHub
parent 8bed54f1b2
commit 71b7e1ac64
1 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/rancher/v2.x/en/istio/v2.5/_index.md
+36
View File
@@ -28,6 +28,7 @@ Istio needs to be set up by a `cluster-admin` before it can be used in a project
- [Migrate from Previous Istio Version](#migrate-from-previous-istio-version)
- [Accessing Visualizations](#accessing-visualizations)
- [Architecture](#architecture)
- [Additional steps for installing Istio on an RKE2 cluster](#additional-steps-for-installing-istio-on-an-rke2-cluster)
# What's New in Rancher v2.5
@@ -65,6 +66,8 @@ Note that this is not a production-qualified deployment of Jaeger. This deployme
Before enabling Istio, we recommend that you confirm that your Rancher worker nodes have enough [CPU and memory]({{<baseurl>}}/rancher/v2.x/en/cluster-admin/tools/istio/resources) to run all of the components of Istio.
If you are installing Istio on RKE2 cluster, some additional steps are required. For details, see [this section.](#additional-steps-for-installing-istio-on-an-rke2-cluster)
# Setup Guide
Refer to the [setup guide]({{<baseurl>}}/rancher/v2.x/en/cluster-admin/tools/istio/setup) for instructions on how to set up Istio and use it in a project.
@@ -116,3 +119,36 @@ By default, each Rancher-provisioned cluster has one NGINX ingress controller al
### Egress Support
By default the Egress gateway is disabled, but can be enabled on install or upgrade through the values.yaml or via the [overlay file]({{<baseurl>}}/rancher/v2.x/en/istio/setup/enable-istio-in-cluster/#overlay-file).
# Additional Steps for Installing Istio on an RKE2 Cluster
Through the **Cluster Explorer,** when installing or upgrading Istio through **Apps & Marketplace,**
1. Click **Components.**
1. Check the box next to **Enabled CNI.**
1. Add a custom overlay file specifying `cniBinDir` and `cniConfDir`. For more information on these options, refer to the [Istio documentation.](https://istio.io/latest/docs/setup/additional-setup/cni/#helm-chart-parameters) An example is below:
```yaml
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
components:
cni:
enabled: true
values:
cni:
image: rancher/istio-install-cni:1.7.3
excludeNamespaces:
- istio-system
- kube-system
logLevel: info
cniBinDir: /opt/cni/bin
cniConfDir: /etc/cni/net.d
```
1. After installing Istio, you'll notice the cni-node pods in the istio-system namespace in a CrashLoopBackoff error. Manually edit the `istio-cni-node` daemonset to include the following on the `install-cni` container:
```yaml
securityContext:
privileged: true
```
**Result:** Now you should be able to utilize Istio as desired, including sidecar injection and monitoring via Kiali.