Merge pull request #1760 from hpe-dev-incubator/cms/blog/a-guide-to-enable-managed-istio-service-mesh-in-a-kubernetes-cluster-on-hpe-greenlake-for-private-cloud-enterprise

Update Blog “a-guide-to-enable-managed-istio-service-mesh-in-a-kubernetes-cluster-on-hpe-greenlake-for-private-cloud-enterprise”

Author: choukden

content/blog/a-guide-to-enable-managed-istio-service-mesh-in-a-kubernetes-cluster-on-hpe-greenlake-for-private-cloud-enterprise.md

@@ -18,17 +18,17 @@ tags:
   - site-reliability-engineer
   - hpe-greenlake-for-private-cloud-enterprise-containers
 ---
-## **Introduction**
+## Introduction
 
 In this blog post, we demonstrate how an end user can deploy a containerized application or a managed service on a Kubernetes-based container stack using the cluster add-on feature provided by **HPE GreenLake for Private Cloud Enterprise: Containers** and then access it over an external network or internet. The containers service evaluates the user’s environment and makes add-ons available to the user so that they can add the containerized application or managed service to the cluster as required.
 
 For those of you who may be unfamiliar with the term, a **Service mesh** is a network of microservices that consist of distributed applications and communications between those applications. It is a dedicated infrastructure layer that facilitates service-to-service communications routed through the proxy, ensuring secure communication.
 
 **Istio** is an open-source service mesh that provides a platform for distributed applications that includes API integrations with logging, telemetry, or policy systems. It provides a uniform and more efficient way to secure, connect, and monitor services. Istio automatically manages load balancing for HTTP, gRPC, WebSocket, and TCP traffic. For details, see **[The Istio service mesh](https://istio.io/latest/about/service-mesh/)**.
 
-## **Enabling Istio service mesh add-on from a cluster**
+## Enabling Istio service mesh add-on from a cluster
 
-### **Step-1: Create a Kubernetes cluster from the containers page**
+### Step-1: Create a Kubernetes cluster from the containers page
 
 To create a cluster, you must have been assigned the roles of **Private Cloud Cluster Owner** and **Private Cloud Widget Viewer**.
 
@@ -41,7 +41,7 @@ As indicated above, there are multiple clusters deployed in parallel for multipl
 
 ![](/img/clusterhpeview.png "Cluster 'hpe' view")
 
-### **Step-2: Enabling an add-on from a cluster**
+### Step-2: Enabling an add-on from a cluster
 
 * On the **Containers** main page, click a cluster row to open the cluster details screen.
 * On the cluster details screen, click the **Add-ons** tab.
@@ -65,7 +65,7 @@ As indicated above, there are multiple clusters deployed in parallel for multipl
 
 ![](/img/istioaddondetailspage.png "Add-on Istio-service-mesh overview")
 
-### **Step-3: Launching the Kiali dashboard - the console for Istio service mesh**
+### Step-3: Launching the Kiali dashboard - the console for Istio service mesh
 
 **Kiali** is an open-source project that provides observability for the Istio service mesh.
 
@@ -79,18 +79,18 @@ The **Kiali dashboard** launches in a new web page.
 
 **Note**: To take advantage of the Istio features, pods in the mesh must be running an Istio sidecar proxy. Injection of the proxy can be done either on a per-pod basis or at namespace level. To enable side car injection, refer to the [setup instructions](https://istio.io/latest/docs/setup/additional-setup/sidecar-injection/). For information about using Kiali, see the **[Kiali documentation](https://kiali.io/docs/)**.
 
-### **Step-4: Download scoped kubeconfig from the container platform page**
+### Step-4: Download scoped kubeconfig from the container platform page
 
 * From the **Clusters** tab, select the '**hpe**' Kubernetes cluster and click **Launch Service Console**. This will direct you to the container platform page.
 * Click on Download **kubeconfig**.
 
 **Note**: Launching the service console from HPE GreenLake Central is configured through SAML SSO and adds a session token to the kubeconfig file. You will need to download the kubeconfig file again if you want to continue to access the cluster when the session token expires after an hour.
 
-### **Step-5: Deploying a sample Istio application: Bookinfo**
+### Step-5: Deploying a sample Istio application: Bookinfo
 
 This procedure follows the standard Istio documentation to deploy a sample application. To know more about Bookinfo Application, see the **[Istio documentation](https://istio.io/latest/docs/examples/bookinfo/)**.
 
-#### **Use the following commands to create the namespace and label for Istio sidecar proxy injection to deploy the application in the bookinfo namespace**.
+**Use the following commands to create the namespace and label for Istio sidecar proxy injection to deploy the application in the bookinfo namespace**.
 
 ```shellsession
 $ kubectl create namespace bookinfo		
@@ -104,7 +104,7 @@ NAME       STATUS   AGE    LABELS
 bookinfo   Active   105s   gl.hpe.com/namespaceid=10d70074-0c2b-4221-804e-1437ed1842ca,hpe.com/cluster=stub,hpe.com/namespacetype=Tenant,hpe.com/tenant=bookinfo,hpe.com/version=6.2.0,hpecp.hpe.com/hpecptenant=hpecp-tenant-106,istio-injection=enabled,kubernetes.io/metadata.name=bookinfo,serving.kubeflow.org/inferenceservice=enabled
 ```
 
-#### **Deploy** the **Bookinfo** application using the YAML manifest file i.e. **services/istio/release-1.16/samples/bookinfo/bookinfo.yaml** from the [](https://github)**[Github repository](https://github.com/cxteamtrials/caas-trials-content)**.
+**Deploy the Bookinfo application using the YAML manifest file i.e. services/istio/release-1.16/samples/bookinfo/bookinfo.yaml from the [](https://github)**[Github repository](https://github.com/cxteamtrials/caas-trials-content)**.
 
 ```shellsession
 $ kubectl apply -f bookinfo.yaml -n bookinfo
@@ -124,7 +124,7 @@ serviceaccount/bookinfo-productpage created
 deployment.apps/productpage-v1 created
 ```
 
-#### **Confirm all pods and services are deployed successfully**.
+**Confirm all pods and services are deployed successfully**.
 
 ```shellsession
 $ kubectl get pods,services -n bookinfo
@@ -143,7 +143,7 @@ ratings       ClusterIP   10.108.60.57     <none>        9080/TCP   6m46s
 reviews       ClusterIP   10.106.208.181   <none>        9080/TCP   14m
 ```
 
-#### **Configure the service to access the application outside of the cluster**.
+**Configure the service to access the application outside of the cluster**.
 
 * Edit the deployed service **productpage**.
 * Change service type from ClusterIP to **NodePort**.
@@ -175,7 +175,7 @@ Events:
   Normal  HpeCp   21s   hpecp-agent  Created HPECP K8S service
 ```
 
-#### **Confirm the application is accessible from outside the cluster**.
+**Confirm the application is accessible from outside the cluster**.
 
 The Bookinfo application **productpage** can be accessed in the browser by typing the URL **http://epicgw.customer.hpe.net:10072**
 
@@ -185,7 +185,7 @@ Note : The above URL might be different in your environment. You can form the UR
 
 ![](/img/bookinfo-productpage-normal-user.png "Bookinfo application productpage view")
 
-## **Monitor the sample application using the Kiali dashboard**
+## Monitor the sample application using the Kiali dashboard
 
 Enter **bookinfo** into the field Filter by Namespace. The Kiali overview screen displays the details about the namespace bookinfo. It shows that 4 applications are running in the **namespace bookinfo** with no inbound traffic.
 
@@ -207,7 +207,7 @@ In the **Services** tab from the left navigation menu, after selecting the **nam
 
 ![](/img/kiali-console-services.png "Kiali services view")
 
-## **Summary**
+## Summary
 
 You can find the GitHub repository that hosts demo code **[here](https://github.com/cxteamtrials/caas-trials-content)**.