Istio installation for production

Hi,

For our deployment, we would like to not download the docker images from the internet (dockerhub) everytime.

Meaning we want to get all images for istio-init and istio and store it in our local repository. This step is required for security/certification etc.

Question 1
Now Istio-init and Istio are made up of multiple disparate pieces (meaning there are many docker images). What’s the best way to source all of these. Is there are quick way to get all these images as collection ?

Question 2
And finally this also means the helm charts would now need to point to the local repo. What’s the best way to alter the charts to point to the local repository ? I’m asking this question from future maintainability when newer versions of istio are released how can I get them installed (from local source) with NO or minimal changes to the chart ?

Appreciate your help on this.

Hi @howardjohn, can you pls take a look and suggest

There is a dump of all our docker files here https://gcsweb.istio.io/gcs/istio-prerelease/prerelease/1.3.0/docker/ as well as the charts . You can use all of those. Not sure why we only seem to push it as prerelease though… in 1.4 this will be fixed

1 Like

Awesome @howardjohn … I’ll try this

As always, appreciate all your help !

@howardjohn Just to confirm, I presume this includes the images required for istio-init too right ?

@howardjohn

Where should we get the images for the Jobs in the istio-init.

All Jobs source their images from -

image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"

which translates to -

image: "docker.io/istio/kubectl:1.3.0"

I think I got it. Its here: kubectl.tar.gz

Let me try this out.

This works, thanks !