Customizable Install with Helm

Follow this guide to install and configure an Istio mesh for in-depth evaluation or production use.

This installation guide uses Helm charts that provide rich customization of the Istio control plane and of the sidecars for the Istio data plane. You can simply use helm template to generate the configuration and then install it using kubectl apply.

Using these instructions, you can select any one of Istio’s built-in configuration profiles and then further customize the configuration for your specific needs.

Prerequisites

  1. Download the Istio release.

  2. Perform any necessary platform-specific setup.

  3. Check the Requirements for Pods and Services.

  4. Install a Helm client with a version higher than 2.10.

Helm chart release repositories

The commands in this guide use the Helm charts that are included in the Istio release image. If you want to use the Istio release Helm chart repository instead, adjust the commands accordingly and add the Istio release repository as follows:

$ helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.5.4/charts/

Installation steps

Change directory to the root of the release and then follow the instructions below.

Previously, this document described a Helm installation method that utilized the Tiller component. That installation method is no longer recommended. Instead, we recommend using istioctl as documented in Installing with istioctl. If you want to use Helm, then you need to use the helm template method described below.

  1. Create a namespace for the istio-system components:

    $ kubectl create namespace istio-system
    
  2. Install all the Istio Custom Resource Definitions (CRDs) using kubectl apply:

    $ helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -
    
  3. Wait for all Istio CRDs to be created:

    $ kubectl -n istio-system wait --for=condition=complete job --all
    
  4. Select a configuration profile and then render and apply Istio’s core components corresponding to your chosen profile. The default profile is recommended for production deployments:

$ helm template install/kubernetes/helm/istio --name istio --namespace istio-system | kubectl apply -f -

Verifying the installation

  1. Referring to components table in configuration profiles, verify that the Kubernetes services corresponding to your selected profile have been deployed.

    $ kubectl get svc -n istio-system
    
  2. Ensure the corresponding Kubernetes pods are deployed and have a STATUS of Running:

    $ kubectl get pods -n istio-system
    

Uninstall

  • You can use the helm template command to uninstall Istio. Uninstall with these commands:
$ helm template install/kubernetes/helm/istio --name istio --namespace istio-system | kubectl delete -f -
$ kubectl delete namespace istio-system

Deleting CRDs and Istio Configuration

Istio, by design, expects Istio’s Custom Resources contained within CRDs to leak into the Kubernetes environment. CRDs contain the runtime configuration set by the operator. Because of this, we consider it better for operators to explicitly delete the runtime configuration data rather than unexpectedly lose it.

The istio-init chart contains all raw CRDs in the istio-init/files directory. You can simply delete the CRDs using kubectl. To permanently delete Istio’s CRDs and the entire Istio configuration, run:

$ kubectl delete -f install/kubernetes/helm/istio-init/files
Was this information useful?
Do you have any suggestions for improvement?

Thanks for your feedback!