Create single cluster mesh
Prerequisites
You need the Service Mesh Manager CLI
tool installed on your computer and a Kubernetes cluster as described in the Prerequisites section.
Install Service Mesh Manager
For a quick demo or evaluation, complete the following steps to install Service Mesh Manager with every component, including the demo application. If you prefer a more interactive installation, see Installing Service Mesh Manager interactively.
- If you have already received access to the Service Mesh Manager binaries, see Accessing the Service Mesh Manager binaries.
- If you are new to Service Mesh Manager, you can also use the free edition of Service Mesh Manager for evaluation.
Note: If you are installing Service Mesh Manager on a managed Kubernetes solution of a public cloud provider (for example, Amazon EKS, AKS, or GKE) or kOps, the cluster name auto-discovered by Service Mesh Manager is incompatible with Kubernetes resource naming restrictions and Istio’s method of identifying clusters in a multicluster mesh.
In earlier Service Mesh Manager versions, you had to manually use the
--cluster-name
parameter to set a cluster name that complies with the RFC 1123 DNS subdomain/label format (alphanumeric string without “_” or “.” characters). Starting with Service Mesh Manager version 1.11, non-compliant names are automatically converted using the following rules:
- Replace ‘_’ characters with ‘-’
- Replace ‘.’ characters with ‘-’
- Replace ‘:’ characters with ‘-’
- Truncate the name to 63 characters
-
Run the following command. This will install the main Service Mesh Manager components.
-
On OpenShift (for details, see OpenShift integration):
smm install -a --platform=openshift
-
Otherwise, run
smm install -a
Calisti supports KUBECONFIG contexts having the following authentication methods:
- certfile and keyfile
- certdata and keydata
- bearer token
- exec/auth provider
Username-password pairs are not supported.
If you are installing Service Mesh Manager in a test environment, you can install it without requiring authentication by running:
smm install --anonymous-auth -a
If you experience errors during the installation, try running the installation in verbose mode:
smm install -v
Note: If you are installing Service Mesh Manager on a local cluster (for example, using MiniKube) and you don’t have a local LoadBalancer setup, disable the meshexpansion gateway support. To do that, create a file called
local_icp_cr.yaml
with the following content:apiVersion: servicemesh.cisco.com/v1alpha1 kind: IstioControlPlane metadata: name: mesh namespace: istio-system spec: meshExpansion: enabled: false
Then, run the following command:
smm install --istio-cr-file local_icp_cr.yaml
-
-
Wait until the installation is completed. This can take a few minutes. Run the following command to open the dashboard.
smm dashboard
If you don’t already have Istio workload and traffic, the dashboard will be empty. To install the demo application, run:
smm demoapp install
After installation, the demo application automatically starts generating traffic, and the dashboard draws a picture of the data flow. (If it doesn’t, run the
smm demoapp load start
command, or Generate load on the UI. If you want to stop generating traffic, runsmm demoapp load stop
.) -
If you are installing Service Mesh Manager on a managed Kubernetes solution of a public cloud provider (for example, AWS, Azure, or Google Cloud), assign admin roles, so that you can tail the logs of your containers from the Service Mesh Manager UI, use Service Level Objectives and perform various tasks from the CLI that require custom permissions. Run the following command:
kubectl create clusterrolebinding user-cluster-admin --clusterrole=cluster-admin --user=<gcp/aws/azure username>
CAUTION:
Assigning administrator roles might be very dangerous because it gives wide access to your infrastructure. Be careful and do that only when you’re confident in what you’re doing. -
At this point, Service Mesh Manager is up and running. On the dashboard select MENU > TOPOLOGY to see how the traffic flows through your mesh, and experiment with any of the available features described in the documentation.
-
If you have purchased a commercial license for Service Mesh Manager, apply the license. For details, see Paid tier.
Install Service Mesh Manager interactively
With the interactive installation, you can:
- Install the Service Mesh Manager core, which provides a dashboard and an internal API for handling the service mesh.
- Install and execute the Istio operator.
- Install a demo application (optional).
Complete the following steps.
-
Start the installation.
smm install
If you experience errors during the installation, try running the installation in verbose mode:
smm install -v
During installation, answer the interactive questions in the terminal.
? Install istio-operator (recommended). Press enter to accept Yes ? Install cert-manager (recommended). Press enter to accept Yes ? Install Streaming Data Manager (optional). Press enter to skip Yes ? Install and run demo application (optional). Press enter to skip Yes
Note: If you don’t need the demo application, you can simply accept the defaults by pressing enter for each question as it will only install the core components. You can install additional components later.
-
Wait until the installation is completed. This can take a few minutes. If you have selected to install the demo application, the Service Mesh Manager dashboard automatically opens in your browser. Otherwise, run the following command to open the dashboard.
smm dashboard
If you don’t already have Istio workload and traffic, the dashboard will be empty. To install the demo application, run:
smm demoapp install
After installation, the demo application automatically starts generating traffic, and the dashboard draws a picture of the data flow. (If it doesn’t, run the
smm demoapp load start
command, or Generate load on the UI. If you want to stop generating traffic, runsmm demoapp load stop
.) -
If you are installing Service Mesh Manager on a managed Kubernetes solution of a public cloud provider (for example, AWS, Azure, or Google Cloud), assign admin roles, so that you can tail the logs of your containers from the Service Mesh Manager UI, use Service Level Objectives and perform various tasks from the CLI that require custom permissions. Run the following command:
kubectl create clusterrolebinding user-cluster-admin --clusterrole=cluster-admin --user=<gcp/aws/azure username>
CAUTION:
Assigning administrator roles might be very dangerous because it gives wide access to your infrastructure. Be careful and do that only when you’re confident in what you’re doing. -
At this point, Service Mesh Manager is up and running. On the dashboard select MENU > TOPOLOGY to see how the traffic flows through your mesh, and experiment with any of the available features described in the documentation.
-
If you have purchased a commercial license for Service Mesh Manager, apply the license. For details, see Paid tier.