We are transitioning to versioned documentation. The v2.x docs will no longer be maintained. For Rancher v2.5 docs, go here. For Rancher v2.0-v2.4 docs, go here.

Additional Steps for Installing Istio on an RKE2 Cluster

? Need Help? Get free intro and advanced online training ×

Additional Steps for Installing Istio on an RKE2 Cluster

Through the Cluster Explorer, when installing or upgrading Istio through Apps & Marketplace,

Click Components.
Check the box next to Enabled CNI.

Add a custom overlay file specifying cniBinDir and cniConfDir. For more information on these options, refer to the Istio documentation. An example is below:

apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
  components:
    cni:
      enabled: true
  values:
    cni:
      image: rancher/istio-install-cni:1.7.3
      excludeNamespaces:
        - istio-system
        - kube-system
      logLevel: info
      cniBinDir: /opt/cni/bin
      cniConfDir: /etc/cni/net.d

After installing Istio, you’ll notice the cni-node pods in the istio-system namespace in a CrashLoopBackoff error. Manually edit the istio-cni-node daemonset to include the following on the install-cni container:
```
securityContext:
    privileged: true
```

Result: Now you should be able to utilize Istio as desired, including sidecar injection and monitoring via Kiali.

Continental

Additional Steps for Installing Istio on an RKE2 Cluster