Hi! I have istio 1.2.2 installed with helm.
I’m basically using the deployment manager configuration that is on the istio releases, but I changed it to use version 1.2.2 instead of 1.0.0.
So the startup script of my VM looks something like this:
Blockquote
gcloud container clusters get-credentials {{ properties[‘gkeClusterName’] }} --zone {{ properties[‘zone’] }}
kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value core/account)
wget -P /root/helm/ https://storage.googleapis.com/kubernetes-helm/helm-v2.14.1-linux-amd64.tar.gz
tar xf /root/helm/helm-v2.14.1-linux-amd64.tar.gz -C /root/helm/
curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.2.2 sh -
export PATH=$PWD/bin:$PATH
export PATH="$PATH:/root/istio-1.2.2/bin::/root/helm/linux-amd64/"
cd /root/istio-1.2.2
helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.2.2/charts/
kubectl create ns istio-system
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set sidecar-injector.enabled=true"
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set tracing.enabled=true "
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set pilot.tracingSample={{ properties['traceSampling'] }} "
helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -
helm template install/kubernetes/helm/istio --name istio --namespace istio-system $ISTIO_OPTIONS > istio.yaml
kubectl apply -f istio.yaml
Blockquote
I want to use stackdriver adapters, by using kind: stackdriver and kind: tracespan, but I’m getting an error that those are unknown, How do I install stackdriver adapter? I do not want the Istio on GKE version that has stackdriver installed because I cant change things on the control plane, so I just want to install Istio on my own.
Any thoughts? or pointers?
Thanks.
Hi! It looks like you are missing the CRDs for those kinds. I believe you will need something like the following in your cluster first:
kind: CustomResourceDefinition
apiVersion: apiextensions.k8s.io/v1beta1
metadata:
name: stackdrivers.config.istio.io
annotations:
"helm.sh/hook": crd-install
labels:
k8s-app: istio
addonmanager.kubernetes.io/mode: Reconcile
app: mixer
package: stackdriver
istio: mixer-adapter
spec:
group: config.istio.io
names:
kind: stackdriver
plural: stackdrivers
singular: stackdriver
categories:
- istio-io
- policy-istio-io
scope: Namespaced
version: v1alpha2
---
kind: CustomResourceDefinition
apiVersion: apiextensions.k8s.io/v1beta1
metadata:
name: tracespans.config.istio.io
annotations:
"helm.sh/hook": crd-install
labels:
k8s-app: istio
addonmanager.kubernetes.io/mode: Reconcile
app: mixer
package: tracespan
istio: mixer-instance
spec:
group: config.istio.io
names:
kind: tracespan
plural: tracespans
singular: tracespan
categories:
- istio-io
- policy-istio-io
scope: Namespaced
version: v1alpha2
Note: that style of config is deprecated. Instead of custom CRs for each adapter type, Mixer config shifted to use a much more restricted set of kinds (exs: handler, instance, template). So you could also update your config to use kind: handler and kind: instance and point to compiledAdapter: stackdriver and compiledTemplate: tracespan in those new-style configs (examples: handler config, instance config).
Hope that helps,
Doug.
Hi @douglas-reid ! First of all, thank you very much for your help!
I did try the new configuration as you point out, using the instance kind and handler kind, with the right adapter annotations. Even doing so I still got errors.
The errors I got were:
- failed to evaluate expression for field ‘TraceId’: unknown attribute request.headers
- rule=‘stackdriver-tracing-rule.rule.istio-system’.Match: unknown attribute request.path
I went to the configs you linked me to, If I add the ISTIO_OPTIONS for it, will it add them?
I’m guessing that’s why it does not have the reference to request and the other variables set in there.
Thanks a lot for the help!
If you are seeing “unknown attribute” errors, that suggests that you don’t have the attributemanifest installed. Are you sure that all of the default config installed properly?
Hi @douglas-reid
Based on the error they are not installed, but I just pasted on my first post how I’m installing istio, which is exactly as how the docs describe how to do it, so what am I doing wrong? Why I dont have the attributemanifests?
Blockquote
#!/bin/bash -x
apt-get update && apt-get install -y git google-cloud-sdk curl kubectl
export HOME=/root
cd /root/
gcloud container clusters get-credentials {{ properties['gkeClusterName'] }} --zone {{ properties['zone'] }}
kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value core/account)
wget -P /root/helm/ https://storage.googleapis.com/kubernetes-helm/helm-v2.14.1-linux-amd64.tar.gz
tar xf /root/helm/helm-v2.14.1-linux-amd64.tar.gz -C /root/helm/
curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.2.2 sh -
export PATH=$PWD/bin:$PATH
export PATH="$PATH:/root/istio-1.2.2/bin::/root/helm/linux-amd64/"
cd /root/istio-1.2.2
helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.2.2/charts/
kubectl create ns istio-system
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set sidecar-injector.enabled=true"
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set tracing.enabled=true "
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set pilot.tracingSample={{ properties['traceSampling'] }} "
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set mixer.policy.enabled=true "
ISTIO_OPTIONS=$ISTIO_OPTIONS" --set mixer.telemetry.enabled=true "
helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system $ISTIO_OPTIONS > istio_init.yaml
kubectl apply -f istio_init.yaml
helm template install/kubernetes/helm/istio --name istio --namespace istio-system $ISTIO_OPTIONS > istio.yaml
kubectl apply -f istio.yaml
sleep 200
gcloud beta runtime-config configs variables set success/{{ CLUSTER_NAME }}-waiter success --config-name $(ref.{{ CLUSTER_NAME }}-config.name)
gcloud -q compute instances delete {{ CLUSTER_NAME }}-vm --zone {{ properties['zone'] }}
I’m kinda lost now, I thought based on the links you posted that if I added the mixer.policy.enabled flag it was going to work, is still doing the same… Also using the “Old definitions” I get the same error about the attributemanifests…
I would like to have it working with the new kinds “instance” “handler” “rule” but idk why the attributemanifest is not there
Ok, I got it working… I installed it with tiller instead of using template and it worked fine, so there is something wrong when trying to install it with the template.
In any case, now I have a permission error:
- error adapters Stackdriver trace: rpc error: code = PermissionDenied desc = Request had insufficient authentication scopes
@douglas-reid can you tell me how do I give permissions to an adapter?
Thanks for all the help.
I added the permissions to the cluster in the scope, now everything works.
I also figured out the problem happens as well with tiller.
The .jinja files on the istio release should be changed, they need a sleep before running the other commands, as the CRD’s or the Pods need a bit of time to initialise, otherwise it throws errors.
Can I create an issue on the repository and do a PR with this? @douglas-reid
Happy you were able to figure it out!
Would love to have an issue and a PR to fix! Please file one.