- Overview
- Requirements
- Pre-installation
- Installation
- Post-installation
- Migration and upgrade
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Troubleshooting
Automation Suite on EKS/AKS Installation Guide
Installing and configuring the service mesh
Automation Suite requires the Istio service mesh for ingress and networking.
The service mesh installation and configuration is a two-step process. Which of the steps you must perform depends on whether or not you can grant the Automation Suite installer admin privileges over your cluster. For details, see the following table:
Step |
Admin privileges |
No admin privileges |
---|---|---|
Step 1: Installing the service mesh |
Step not required |
Required step |
Step 2: Configuring Istio and installing the WASM plugin for routing |
Step not required |
Required step |
To install Istio, follow the instructions in the Istio documentation.
Automation Suite does not require applications such as Kiali and Jaeger. However, you can use them at your discretion.
input.json
file:"ingress": {
"gateway_selector": {
"istio": "ingressgateway"
},
"ingress_gateway_secret": "istio-ingressgateway-certs",
"namespace": "<istio-system>"
},
"ingress": {
"gateway_selector": {
"istio": "ingressgateway"
},
"ingress_gateway_secret": "istio-ingressgateway-certs",
"namespace": "<istio-system>"
},
Parameter |
Value |
---|---|
ingress.gateway_selector.istio |
Default value:
ingressgateway If you have changed the value, then use the following command to get the right value:
|
ingress.ingress_gateway_secret |
The name of the secret that contains the certificate files. The default value is
istio-ingressgateway-certs .
|
ingress.namespace | The namespace where you have installed the service mesh. |
This step requires admin privileges for installation in the Istio namespace.
-
Option A: If you cannot provide the permissions that the Automation Suite installer requires, then you must perform this step before the Automation Suite installation.
-
Option B: During the Automation Suite installation. This method requires the Kubeconfig file that you use during the Automation Suite installation to have the necessary permissions. To review the permissions, refer to the Granting installation permissions section. If you can provide all the necessary permissions, then skip this step.
To configure Istio and install the WASM plugin for routing, take the following steps:
When you install Automation Suite in a shared cluster, if you update the FQDN post-installation, one of the following scenarios applies:
-
If you grant the Automation Suite installer admin privileges and you did not add the
istio-configure
component to theexclude_components
list in yourinput.json
file, you do not need to perform any additional step. -
If you do not grant the Automation Suite installer admin privileges and you added the
istio-configure
component to theexclude_components
list in yourinput.json
file, you must take the following steps:-
Update the parameter values file mentioned in Point 3 with the new FQDN.
-
Repeat all the steps for configuring Istio and installing the WASM plugin for routing.
-