Difficulty: Basic Understanding of Kubernetes
Estimated Time: 15 minutes

Objective

The objective of this scenario is to demonstrate how to use Istio ingress and egress rules to control access into a Kuberenetes cluster and outside of a Kubernetes cluster to an external URL.

Please be advised ...

This scenario preloads a multi-node Kubernetes cluster and Load Balancer that are created using Kubernetes in Docker (KinD). There will be one control plane node and two worker nodes. You might see the cluster spinning up when you view the teminal pane in Lesson 1. Be patient. It might take a few minutes for the cluster to spin up and load.

What you need to know to start

In order to get full benefit from taking this scenario, you need to have basic understanding of following Kubernetetes concepts:

This video describes the basics of Kubernetes you need to know:

) This video describes the basics of Kubernetes you need to know:

Whatg you'll be doing

In this scenario, you are going to install a demonstration microservice written under Node.JS and installed as a Docker container from DockerHub.

Istio App

The application has two subordinate services, frontend and business. frontend delegates to business to call worldclockapi.com to get the current time. However, because the microservice will be running under a Kubernetes cluster controlled by an Istio service mesh, users cannot access the frontend service by default. An ingress rule is needed to allow access. Part of this scenario is to apply a pre-installed ingress rule to Istio.

However, even if users could access the microservice, the microservice would not be fully operational because the subordinate service, business will still try to access, worldclockapi.com. Istio will not permit this unless an egress rule is set to allow calls to the external site. The final part of this scenario is to apply a pre-installed egress rule to Istio to allow access to worldclockapi.com.

In addition to working with the demonstration API you'll install the Isito Add On, Kiali and Grafana. These tools allow you to manage and monitor activities within the Istio service mesh.

This scenarios is divided into the following steps.

  • Step 1 - Confirm that Kubernetes and the Load Balancer are Installed
  • Step 2 - Install Istio
  • Step 3 - Implement an Ingress rule under Istio
  • Step 4 - Implement an Egress rule under Istio
  • Step 5 - Exposing the Istio Add-Ons to the outside world
  • Step 6 - Viewing the Istio Add-Ons in a web browser

Executing command line instructions

This scenario is completely interactive. The instructions you'll be given will be executed directly in the terminal window that is embedded directly in the Katacoda interactive learning environment. In the steps to come, when you see a command line instruction with a black background and check mark at the end, like so:

Katacoda command line

just click on it and the command will execute in the interative terminal window.

Congratulations! You've completed the scenario, Running Kubernetes in Docker (KinD) with Istio.

In this scenario you did the following:

  • Step 1 - Confirmed that Kubernetes and the Load Balancer are Installed
  • Step 2 - Installed Istio
  • Step 3 - Implemented an Ingress rule under Istio
  • Step 4 - Implemented an Egress rule under Istio
  • Step 5 - Exposed the Istio Add-Ons to the outside world
  • Step 6 - Viewed the Istio Add-Ons in a web browser

For more information about Istio, visit the website, here.

Running Kubernetes in Docker with Istio

Step 1 of 6

Confirming that Kubernetes and the Load Balancer are Installed

Objective

The objective of this lesson is to confirm that Kubernetes is up and running that the automatically installed Load Balancer is operational

What to expect

This scenario preloads a multi-node Kubernetes cluster that is created using Kubernetes in Docker (KinD). There will be on control plane node and two worker nodes. When you start out you might see the cluster spinning up in the teminal pane like so:

Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.19.1) 🖼
 ✓ Preparing nodes 📦 📦 📦
 ✓ Writing configuration 📜
 ✓ Starting control-plane 🕹️
 ✓ Installing CNI 🔌
 ✓ Installing StorageClass 💾
 ✓ Joining worker nodes 🚜
Set kubectl context to "kind-kind"
You can now use your cluster with:

kubectl cluster-info --context kind-kind

Have a nice day! 👋

The setup also loads a Load Balancer that will provide an IP address that allows external access to the Kubernetes cluster. You can verify that the Load Balancer is working by executing the following command:

kubectl get services

You might get output as follows that says the assignment of an IP address to the Load Balancer is <pending>.

NAME         TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP      10.96.0.1      <none>        443/TCP        44s
nginx        LoadBalancer   10.96.126.61   <pending>     80:30675/TCP   0s

Give it a few minutes, then execute:

kubectl get services

You'll get the output similar to thge following means the Load Balancer is operational:

NAME         TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)        AGE
kubernetes   ClusterIP      10.96.0.1      <none>         443/TCP        3m14s
nginx        LoadBalancer   10.96.126.61   172.19.255.1   80:30675/TCP   2m30s

AGAIN: Be patient! It takes time for the Kubernetes cluster and Load Balancer to install. This can take two or three minutes.


Next: Installing Istio