You will install the Nginx Service Mesh locally using minikube.
Launch a new cluster with:
minikube start \
--extra-config=apiserver.service-account-signing-key-file=/var/lib/minikube/certs/sa.key \
--extra-config=apiserver.service-account-key-file=/var/lib/minikube/certs/sa.pub \
--extra-config=apiserver.service-account-issuer=kubernetes/serviceaccount \
--extra-config=apiserver.service-account-api-audiences=api
Wait, what are those flags? Those are used to authenticate apps in the cluster. You might want to find out more here.
You should sign up for an F5 account.
Once you have an account, you should download the Nginx Service Mesh.
You will need the following files:
- the
nginx-meshctl
command-line utility. - the container images (the file is named
nginx-mesh-images-VERSION.NUMBER
).
In my case, I downloaded nginx-mesh-images-0.8.0.tar.gz
and nginx-meshctl_darwin.gz
.
I installed the CLI with:
gunzip nginx-meshctl_darwin.gz
sudo mv nginx-meshctl_darwin /usr/local/bin/nginx-meshctl
sudo chmod +x /usr/local/bin/nginx-meshctl
nginx-meshctl version
Then for the Docker images, I unzipped them with:
tar zxvf nginx-mesh-images.X.Y.Z.tar.gz
cd nginx-mesh-images-X.Y.Z
Inside the directory, I executed the following command:
eval $(minikube -p minikube docker-env)
From this point onwards, all Docker commands are forwarded to the Docker daemon inside minikube.
You can now upload the images with:
docker load < nginx-mesh-sidecar-0.8.0.tar.gz
docker load < nginx-mesh-init-0.8.0.tar.gz
docker load < nginx-mesh-metrics-0.8.0.tar.gz
docker load < nginx-mesh-api-0.8.0.tar.gz
Finally, you can start the mesh with:
export MESH_VER=0.8.0
nginx-meshctl deploy \
--nginx-mesh-api-image "nginx-mesh-api:${MESH_VER}" \
--nginx-mesh-sidecar-image "nginx-mesh-sidecar:${MESH_VER}" \
--nginx-mesh-init-image "nginx-mesh-init:${MESH_VER}" \
--nginx-mesh-metrics-image "nginx-mesh-metrics:${MESH_VER}" \
Created namespace "nginx-mesh".
Created SpiffeID CRD.
Waiting for Spire pods to be running...done.
Deployed Spire.
Deployed NATS server.
Created traffic policy CRDs.
Deployed Mesh API.
Deployed Metrics API Server.
Deployed Prometheus Server nginx-mesh/Prometheus-server.
Deployed Grafana nginx-mesh/grafana.
Deployed tracing server nginx-mesh/Zipkin.
All resources created. Testing the connection to the Service Mesh API Server...
Connected to the NGINX Service Mesh API successfully.
NGINX Service Mesh is running.
Excellent!
Installation completed.
If you want to test the mesh, you can install a book shop microservices app with:
kubectl apply -f https://docs.nginx.com/nginx-service-mesh/examples/bookinfo.yaml
Once ready, you can visit the app here:
kubectl port-forward svc/product page 9080
You can find the app at http://localhost:9080/.
Please notice that here you reach the app directly and skip the Nginx Proxy.
You can connect to an Nginx Plus proxy with:
kubectl get pods
kubectl port-forward <product_pod_id> 8886
Visit http://localhost:8886 to inspect the Nginx Plus proxy dashboard.
Finally, you can check Prometheus with:
kubectl -n nginx-mesh get pods
kubectl -n nginx-mesh port-forward <prometheus pod id> 9090
You can find Prometheus at http://localhost:9090/graph.
You can also check out the Zipkin (tracing) dashboard with:
kubectl -n nginx-mesh get pods
kubectl -n nginx-mesh port-forward <tracing pod name> 9411
You can find Zipkin at http://localhost:9411/zipkin/.