I've simple single page golang web application, I'm trying to migrate to istio.
My prod setup (via nginx ingress):
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: goapp
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
spec:
tls:
- hosts:
- mycustomapp.mycustomapp.com
secretName: go-tls
rules:
- host: mycustomapp.mycustomapp.com
http:
paths:
- path: /
backend:
serviceName: mycustomapp
servicePort: 80
And I'm trying to build at least http configuration for istio
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: goapp
annotations:
kubernetes.io/ingress.class: istio
spec:
rules:
- host: mycustomapp.mycustomapp.com
http:
paths:
- path: /
backend:
serviceName: mycustomapp
servicePort: 80
But I always get 404 from istio lb on clean cluster with istio 0.7.1 only installed. Samples like bookinfo and httpbin works well
Application yaml:
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: mycustomapp
name: mycustomapp
spec:
replicas: 1
selector:
matchLabels:
k8s-app: mycustomapp
template:
metadata:
labels:
k8s-app: mycustomapp
spec:
containers:
- name: mycustomapp
image: xxxx.azurecr.io/mycustomapp:999
ports:
- containerPort: 80
protocol: TCP
imagePullSecrets:
- name: xxxx
serviceAccountName: mycustomapp
---
kind: Service
apiVersion: v1
metadata:
annotations:
prometheus.io/scrape: 'true'
labels:
k8s-app: mycustomapp
name: mycustomapp
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
selector:
k8s-app: mycustomapp
To get rid of the 404 error in your case, it should be enough to add the correct port name to the service and deployment YAML files, and add istio sidecar to the deployment YAML file. Then you should redeploy all changed files.
Perhaps you may need to add label app: mycustomapp
to the service and deployment, but I'm not sure is it required or optional.
Here is example of the service.yaml file with the correct port name (more about the port names you can read here):
kind: Service
apiVersion: v1
metadata:
annotations:
prometheus.io/scrape: 'true'
labels:
app: mycustomapp
k8s-app: mycustomapp
name: mycustomapp
spec:
type: ClusterIP
ports:
- name: http-80
port: 80
targetPort: 80
selector:
k8s-app: mycustomapp
Ensure you have also the correct port name in your deployment file.
You can add the istio sidecar to the container manually, following these steps:
Change directory to istio package. For example, if the package is istio-0.7
cd istio-0.7
Create inject config:
kubectl create -f install/kubernetes/istio-sidecar-injector-configmap-release.yaml --dry-run -o=jsonpath='{.data.config}' > inject-config.yaml
Create mesh config:
kubectl -n istio-system get configmap istio -o=jsonpath='{.data.mesh}' > mesh-config.yaml
Add istio sidecar container to your deployment:
bin/istioctl kube-inject \ --injectConfigFile inject-config.yaml \ --meshConfigFile mesh-config.yaml \ --filename path/to/original/deployment.yaml \ --output deployment-injected.yaml
Deploy new deployment: kubectl apply -f deployment-injected.yaml
If you want to have automatic sidecar injection, follow this manual.
You can check if the sidecar has been injected into the deployment:
$ kubectl get deployment mycustomapp -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
mycustomapp 1 1 1 1 3h mycustomapp,istio-proxy nginx:1.7.9,docker.io/istio/proxy:0.7.1 k8s-app=mycustomapp