在前述 Istio1.8 Bookinfo 路由分发，这节开始尝试进行流量控制可视化。

1. 删除已经安装的Kiali

$ kubectl delete all,secrets,sa,configmaps,deployments,ingresses,clusterroles,clusterrolebindings,virtualservices,destinationrules --selector=app=kiali -n istio-system

2. 安装Kiali

$ cd /usr/local/istio-1.8.1/
$ kubectl apply -f samples/addons/kiali.yaml
Warning: apiextensions.k8s.io/v1beta1 CustomResourceDefinition is deprecated in v1.16+, unavailable in v1.22+; use apiextensions.k8s.io/v1 CustomResourceDefinition
customresourcedefinition.apiextensions.k8s.io/monitoringdashboards.monitoring.kiali.io unchanged
serviceaccount/kiali created
configmap/kiali created
clusterrole.rbac.authorization.k8s.io/kiali-viewer created
clusterrole.rbac.authorization.k8s.io/kiali created
clusterrolebinding.rbac.authorization.k8s.io/kiali created
service/kiali created
deployment.apps/kiali created
monitoringdashboard.monitoring.kiali.io/envoy created
monitoringdashboard.monitoring.kiali.io/go created
monitoringdashboard.monitoring.kiali.io/kiali created
monitoringdashboard.monitoring.kiali.io/micrometer-1.0.6-jvm-pool created
monitoringdashboard.monitoring.kiali.io/micrometer-1.0.6-jvm created
monitoringdashboard.monitoring.kiali.io/micrometer-1.1-jvm created
monitoringdashboard.monitoring.kiali.io/microprofile-1.1 created
monitoringdashboard.monitoring.kiali.io/microprofile-x.y created
monitoringdashboard.monitoring.kiali.io/nodejs created
monitoringdashboard.monitoring.kiali.io/quarkus created
monitoringdashboard.monitoring.kiali.io/springboot-jvm-pool created
monitoringdashboard.monitoring.kiali.io/springboot-jvm created
monitoringdashboard.monitoring.kiali.io/springboot-tomcat created
monitoringdashboard.monitoring.kiali.io/thorntail created
monitoringdashboard.monitoring.kiali.io/tomcat created
monitoringdashboard.monitoring.kiali.io/vertx-client created
monitoringdashboard.monitoring.kiali.io/vertx-eventbus created
monitoringdashboard.monitoring.kiali.io/vertx-jvm created
monitoringdashboard.monitoring.kiali.io/vertx-pool created
monitoringdashboard.monitoring.kiali.io/vertx-server created

3 创建一个 Secret

在 Istio 命名空间中创建一个 Secret，作为 Kiali 的认证凭据

$ KIALI_USERNAME=$(echo -n 'admin' | base64)
$ KIALI_PASSPHRASE=$(echo -n 'admin' | base64)
$ NAMESPACE=istio-system
$ kubectl create namespace $NAMESPACE
$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: kiali
  namespace: $NAMESPACE
  labels:
    app: kiali
type: Opaque
data:
  username: $KIALI_USERNAME
  passphrase: $KIALI_PASSPHRASE
EOF

3 查看当前kiali的使用端口

$　kubectl get svc/kiali -n istio-system -o wide
NAME    TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)              AGE   SELECTOR
kiali   ClusterIP   10.97.49.252   <none>        20001/TCP,9090/TCP   24m   app.kubernetes.io/instance=kiali-server,app.kubernetes.io/name=kiali

4 本地测试

$ kubectl get svc -n istio-system kiali -o wide
NAME    TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)              AGE   SELECTOR
kiali   ClusterIP   10.99.74.82   <none>        20001/TCP,9090/TCP   21m   app.kubernetes.io/instance=kiali-server,app.kubernetes.io/name=kiali

$ curl 10.99.74.82:20001/kiali/console
<!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/>
....

5 暴露kiali端口到30910

先查看一下30910端口有没有被占用

$ lsof -i:30910

$ kubectl port-forward --address 0.0.0.0 service/kiali -n istio-system 30910:20001

6 访问一下：kmaster.local.com:30910/

这样一边刷新BookInfo，来观察kiali的数据流向