How to Enable Kiali for Istio on IBM Cloud Kubernetes Service

By Yang Yang and Jia Yuanyuan

What is Kiali?

Kiali is an open source project that works with Istio to visualize the service mesh topology, including features like circuit breakers or request rates. It provides insight into what the microservices in your Istio service mesh are doing. Kiali also includes Jaeger Tracing to provide distributed tracing out of the box.

This article will explain how to enable Kiali easily in your Istio environment with IBM Cloud Kubernetes Service.

If you want to learn more about Istio, check out our post: “What is Istio?

Getting started with Kiali

Before starting, please make sure you already have done the following:

  • Follow the steps described in this document to prepare your cluster on IBM Cloud Kubernetes Service.

  • Read the tutorials here to download and install Istio by Helm. When working with Kiali, you need to have jaeger-query service installed, which is not the default. Make sure you added “–set tracing.enabled=true –set tracing.jaeger.enabled=true” in step 1-c in the linked tutorial.

Here’s the installation command we use:

helm install ibm/ibm-istio --name=istio --namespace istio-system \
--set tracing.enabled=true \
--set tracing.jaeger.enabled=true

Note: Kiali is still under active development, and it is not production ready at the time this article released. If you find any further issue following this guide, feel free to contact us and the Kiali community

Get the Kiali deployment file

You can get the Kiali deployment file by using a curl command. The steps below will help you download the deployment file from GitHub, replace specific values—like replacing the “${VERSION_LABEL}” in the raw script to “master,” “${IMAGE_NAME}” to “kiali/kiali”—and write to a local file for further edit and config purposes.

$ curl https://raw.githubusercontent.com/kiali/kiali/master/deploy/kubernetes/kiali-configmap.yaml | \
VERSION_LABEL=master envsubst > kiali-configmap.yaml

$ curl https://raw.githubusercontent.com/kiali/kiali/master/deploy/kubernetes/kiali-secrets.yaml | \
VERSION_LABEL=master envsubst > kiali-secrets.yaml

$ curl https://raw.githubusercontent.com/kiali/kiali/master/deploy/kubernetes/kiali.yaml | \
IMAGE_NAME=kiali/kiali \
IMAGE_VERSION=latest \
NAMESPACE=istio-system \
VERSION_LABEL=master \
VERBOSE_MODE=4 envsubst > kiali.yaml

“envsubst” is packed with Ubuntu by default, and if you do not have envsubst installed, you can get it via the Gnu gettext package. For example, on a Mac, run the following command:

$ brew install gettext
$ brew link --force gettext

This will enable envsubst on OS X and force it to link properly. It requires homebrew to be installed.

Install Kiali

Under the directory of downloaded deployment files, install Kiali into the istio-system namespace:

kubectl create -f kiali-configmap.yaml -n istio-system
kubectl create -f kiali-secrets.yaml -n istio-system
kubectl create -f kiali.yaml -n istio-system

The output will look like this:

~/workspace/install/kiali# ls
kiali-configmap.yaml kiali-secrets.yaml kiali.yaml
~/workspace/install/kiali# kubectl create -f kiali-configmap.yaml -n istio-system
configmap "kiali" created
~/workspace/install/kiali# kubectl create -f kiali-secrets.yaml -n istio-system
secret "kiali" created
~/workspace/install/kiali# kubectl create -f kiali.yaml -n istio-system
serviceaccount "kiali" created
service "kiali" created
service "kiali-jaeger" created
ingress.extensions "kiali" created
deployment.extensions "kiali" created
clusterrole.rbac.authorization.k8s.io "kiali" created
clusterrolebinding.rbac.authorization.k8s.io "kiali" created

Config Kiali

After installing Kiali with the above command, you should be able to see the service in istio-system namespace, and svcs may differ for different versions of Istio:

table

Once this is done, Kiali will be deployed and running in your IBM Cloud cluster. You can visit Kiali UI by using NodePort. In our case, Kiali UI would be: http://<SOME_EXTERNAL_IP>:31392. The credentials to log in are defined in “kiali-secrets.yaml.”

kiali_homepage

After you are logged in, you can see the default Service Graph view, which is generated automatically by analyzing service calls.

kiali_default_graph

In the lefthand menu, you may see an error in the Distributed Tracing view (see screenshot below):

 kiali_tracing_error

This is because Kiali does not know where the Jaeger service is. If Jaeger is installed by enabling the jaeger.enabled=true in Istio default istio-system namespace, Kiali should be able to communicate with it by default. However, if your cluster does not have an External IP like I do, then you need to manually configure and tell Kiali where to find the Jaeger service. To do this, we need to open up the downloaded kiali-configmap.yaml again and edit it by adding “external_services.jaeger.url”:

 Screen-Shot code

The Jaeger URL value can be found by checking the kubectl get svc tracing -n istio-system -o ‘jsonpath={.status.loadBalancer.ingress[0].ip}:{.spec.ports[0].nodePort}’ command. You can try to visit the URL directly from your browser, and it should take you to the Jaeger tracing UI. After confirming that the Jaeger URL is working, you can update the kiali-configmap.yaml accordingly and reapply the deployment.

Check the page again, and you should see a Jaeger UI page embedded in the Distributed Tracing view.

kiali_tracing

Kiali is now installed in your cluster in IBM Cloud Kubernetes Service, and you can explore the console and view your service in your cluster.

 

Be the first to hear about news, product updates, and innovation from IBM Cloud