본문으로 건너뛰기

Kiali

Kiali architecture

설치

helm repo add kiali https://kiali.org/helm-charts

Istio 버전에 따라 호환되는 Kiali 버전을 선택해야합니다.

helm repo update kiali \
&& helm search repo kiali -l | head -n 10
mkdir -p istio/kiali/{base,helm}
helm show values kiali/kiali-server \
--version 1.50.0 \
> istio/kiali/helm/values.yaml
istio/kiali/helm/values.yaml
auth:
strategy: anonymous

external_services:
custom_dashboards:
enabled: true
prometheus:
url: http://prometheus-operator-prometheus.monitoring:9090 # 프로메테우스 서비스 주소
grafana:
url: http://prometheus-operator-grafana.monitoring # 그라파나 서비스 주소
경고

Grafana는 아직 테스트 되지 않았습니다.

helm upgrade kiali kiali/kiali-server \
--install \
--version 1.50.0 \
-n istio-system \
-f istio/kiali/helm/values.yaml

Keycloak

Kubernetes api-server과 OIDC를 연결합니다.

istio/kiali/helm/values.yaml
auth:
strategy: "openid"
openid:
client_id: <k8s>
issuer_uri: <oidc-issuer-uri>
scopes:
- "openid"
- "profile"
- "email"
- "groups"
username_claim: "email"

deployment:
secret_name: "kiali"
apiVersion: v1
kind: Secret
metadata:
name: kiali
namespace: istio-system
labels:
app: kiali
type: Opaque
stringData:
oidc-secret: <oidc-secret>
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: kiali-vscv
namespace: istio-system
spec:
hosts:
- <kiali-host>
gateways:
- <gateway>
http:
- match:
- uri:
prefix: "/"
headers:
request:
set:
X-Forwarded-Port: "443"
route:
- destination:
host: kiali.istio-system.svc.cluster.local
port:
number: 20001

Service

kubectl port-forward -n istio-system service/kiali 8007:20001

Reference