Install with Helm
This guide shows you how to install ambient mesh with Helm. Besides the demo in Getting Started with Ambient Mesh, we encourage you to follow this guide to install ambient mesh. Helm helps you manage components separately, and you can easily upgrade the components to the latest version.
Prerequisites
Perform any necessary platform-specific setup.
Check the Requirements for Pods and Services.
Install the Helm client, version 3.6 or above.
Configure the Helm repository:
$ helm repo add istio https://istio-release.storage.googleapis.com/charts $ helm repo update
See helm repo for command documentation.
Installing the Components
Installing the base Component
The base chart contains the basic CRDs and cluster roles required to set up Istio.
This should be installed prior to any other Istio component.
$ helm install istio-base istio/base -n istio-system --create-namespace
Installing the CNI Component
The CNI chart installs the Istio CNI Plugin. It is responsible for detecting the pods that belong to the ambient mesh, and configuring the traffic redirection between the ztunnel DaemonSet, which will be installed later.
$ helm install istio-cni istio/cni -n istio-system --set profile=ambient
Installing the discovery Component
The istiod chart installs a revision of Istiod. Istiod is the control plane component that manages and
configures the proxies to route traffic within the mesh.
$ helm install istiod istio/istiod --namespace istio-system --set profile=ambient
Installing the ztunnel component
The ztunnel chart installs the ztunnel DaemonSet, which is the node-proxy component of ambient.
$ helm install ztunnel istio/ztunnel -n istio-system
(Optional) Install an ingress gateway
$ helm install istio-ingress istio/gateway -n istio-ingress --wait --create-namespace
See Installing Gateways for in-depth documentation on gateway installation.
Configuration
To view supported configuration options and documentation, run:
$ helm show values istio/istiod
Verifying the Installation
Verifying the workload status
After installing all the components, you can check the Helm deployment status with:
$ helm ls -n istio-system
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
istio-base istio-system 1 ... ... ... ... deployed base-1.0.0 1.0.0
istio-cni istio-system 1 ... ... ... ... deployed cni-1.0.0 1.0.0
istiod istio-system 1 ... ... ... ... deployed istiod-1.0.0 1.0.0
ztunnel istio-system 1 ... ... ... ... deployed ztunnel-1.0.0 1.0.0
You can check the status of the deployed pods with:
$ kubectl get pods -n istio-system
NAME READY STATUS RESTARTS AGE
istio-cni-node-g97z5 1/1 Running 0 10m
istiod-5f4c75464f-gskxf 1/1 Running 0 10m
ztunnel-c2z4s 1/1 Running 0 10m
Verifying with the Sample Application
After installing ambient with Helm, you can follow Deploy the sample application guide to deploy the sample application and ingress gateways, and then you can add your application to ambient.
Uninstall
You can uninstall Istio and its components by uninstalling the charts installed above.
List all the Istio charts installed in
istio-systemnamespace:$ helm ls -n istio-system NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION istio-base istio-system 1 ... ... ... ... deployed base-1.0.0 1.0.0 istio-cni istio-system 1 ... ... ... ... deployed cni-1.0.0 1.0.0 istiod istio-system 1 ... ... ... ... deployed istiod-1.0.0 1.0.0 ztunnel istio-system 1 ... ... ... ... deployed ztunnel-1.0.0 1.0.0(Optional) Delete any Istio gateway chart installations:
$ helm delete istio-ingress -n istio-ingress $ kubectl delete namespace istio-ingressDelete Istio CNI chart:
$ helm delete istio-cni -n istio-systemDelete Istio ztunnel chart:
$ helm delete ztunnel -n istio-systemDelete Istio discovery chart:
$ helm delete istiod -n istio-systemDelete Istio base chart:
$ helm delete istio-base -n istio-systemDelete CRDs Installed by Istio (Optional)
$ kubectl get crd -oname | grep --color=never 'istio.io' | xargs kubectl deleteDelete the
istio-systemnamespace:$ kubectl delete namespace istio-system