Kiali: Manage, visualize, validate and troubleshoot your Service mesh!
In this blog, we will talk about Kiali and its need in Service mesh setup.
What is Kiali ?.
Kiali is a management console for Istio service mesh. Kiali can be quickly installed as an Istio add-on or trusted as a part of your production environment.
Why do we need Kiali ?.
- Overall observability and management of Service Mesh Infrastructure.
- Easy integration with products like Prometheus,Jaeger,Zipkin and Grafana etc.
- Kiali helps in understanding the functionality of how mTLS is used in a typical complex Istio mesh environment.
- Advanced Mesh Deployment and Multi-cluster support.
Kiali Architecture :
Kiali is composed of two components: a back-end application running in the container application platform, and a user-facing front-end application. Kiali depends on external services and components provided by the container application platform and Istio.
Implementation steps:
We are considering you already have the K8s cluster and Istio deployed in it. But in case you don't have you can set up one on any of your cloud providers on use Minikube on your local machine.
Once you have the above things in place next is you need to deploy Kiali in your environment. Kiali can be deployed using two approaches (Kiali Operator and Kaili Server).
In this blog, we will go ahead with the Kiali server method to deploy the same. We can deploy it using Kubectl YAML file or Helm charts.
kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.12/samples/addons/kiali.yaml```We will recommend it to deploy using the Helm chart and the steps are as below:
helm repo add kiali https://kiali.org/helm-chartshelm repo updatehelm install \
--namespace istio-system \
kiali-server \
kiali/kiali-server
Once deployment is done you will see Kiali resources deployed in istio-system namespace. By default service type is Cluster IP so to access the dashboard, you will go ahead with the port forward method.
kubectl port-forward svc/kiali 20001:20001 -n istio-systemAccess Kiali by visiting https://localhost:20001/ in your web browser. You can also expose it via Ingress controller or Cloud Loadbalancer (https://kiali.io/docs/installation/installation-guide/accessing-kiali/)
Now if you access the dashboard it will directly login and show you all the resources in the cluster since the default authentication mechanism is set as anonymous.
You can also integrate Kiali with ODIC providers like (OKTA, KeyClock) for SSO. (https://kiali.io/docs/configuration/authentication/openid/)
All the metrics in Kiali dashboards are fetched via the Prometheus server and by default, it looks for the Prometheus server in the Istio-system namespace. If you don't have either install or you can pass the existing server URL as input to the helm chart. (https://kiali.io/docs/configuration/p8s-jaeger-grafana/)
The next step is to deploy a sample application and validate it in the Kiali console. We will deploy a book application that has 4 microservices.
- The Product page: written in Python, this service displays the book page to the end-user. In doing so, it must display the book information by contacting the details service and the book reviews by contacting the reviews service.
- The Details Service: written in Ruby, it provides book information.
- The Reviews Service: written in Java, it provides book reviews. In doing so, it must contact the rating service to also get the star rating of the book.
- The Rating Service: written on NodeJS, it provides the star rating count for books.
The default Istio installation uses automatic sidecar injection. Label the namespace that will host the application with istio-injection=enabled:
kubectl label namespace default istio-injection=enabledkubeclt apply -f https://raw.githubusercontent.com/istio/istio/release-1.12/samples/bookinfo/platform/kube/bookinfo.yam
The sample application is deployed now we will generate some traffic to the application using the curl command. I have another container up will use it to fire the curl request.
curl productpage:9080/productpageRefresh the dashboard and you will be able to see the traffic coming to your application and how it is flowing to other microservices. Also, it will show you detailed metrics of incoming/outgoing metrics to your service.
Hope this helps you in getting your Kiali dashboard up and running. Please reach out to me in case you need any help or have queries would be an absolute pleasure to discuss the same.
Reference links:
