Before you can install Red Hat OpenShift Service Mesh, review the installation activities, ensure that you meet the prerequisites:

  • Possess an active OpenShift Container Platform subscription on your Red Hat account. If you do not have a subscription, contact your sales representative for more information.

  • Install OpenShift Container Platform 4.1.

  • Install the version of the OpenShift Container Platform command line utility (the oc client tool) that matches your OpenShift Container Platform version and add it to your path.

    • If you are using OpenShift Container Platform 4.1, see About the CLI.

Red Hat OpenShift Service Mesh installation activities

The Red Hat OpenShift Service Mesh installation process creates two different projects (namespaces):

  • istio-operator project (1 pod)

  • istio-system project (17 pods)

  • kiali-operator project (1 pod)

  • observability project (1 pod)

You first create a Kubernetes Operator. This Operator defines and monitors a custom resource that manages the deployment, updating, and deletion of the Service Mesh components.

Depending on how you define the custom resource file, you can install one or more of the following components when you install the Service Mesh:

  • Istio - based on the open source Istio project, lets you connect, secure, control, and observe the microservices that make up your applications.

  • Jaeger - based on the open source Jaeger project, lets you perform tracing to monitor and troubleshoot transactions in complex distributed systems.

  • Kiali - based on the open source Kiali project, Kiali provides observability for your service mesh. Using Kiali lets you view configurations, monitor traffic, and view and analyze traces in a single console.

Red Hat OpenShift Service Mesh supported configurations

The following are the only supported configurations for the Red Hat OpenShift Service Mesh 0.12.TechPreview:

  • Red Hat OpenShift Container Platform version 4.1.

OpenShift Online and OpenShift Dedicated are not supported for Red Hat OpenShift Service Mesh 0.12.TechPreview.

  • The deployment must be contained to a single OpenShift Container Platform cluster that is not federated.

  • This release of Red Hat OpenShift Service Mesh is only available on OpenShift Container Platform x86_64.

  • Red Hat OpenShift Service Mesh is only suited for OpenShift Container Platform Software Defined Networking (SDN) configured as a flat network with no external providers.

  • This release only supports configurations where all Service Mesh components are contained in the OpenShift cluster in which it operates. It does not support management of microservices that reside outside of the cluster, or in a multi-cluster scenario.

  • The Kiali observability console is only supported on the two most recent releases of the Chrome, Edge, Firefox, or Safari browsers.

Updating the node configuration

Before you can install the Service Mesh into an OpenShift Container Platform installation, you must modify the master configuration and each of the schedulable nodes. These changes enable the features that are required in the Service Mesh and also ensure that Elasticsearch features function correctly.

Updating the node configuration is not necessary if you are running OpenShift Container Platform 4.1.


To run the Elastisearch application, you must repeat the steps in this procedure for each node in your OpenShift Container Platform installation.

  1. Create a file named /etc/sysctl.d/99-elasticsearch.conf with the following contents:

    vm.max_map_count = 262144
  2. Execute the following command:

    $ sysctl vm.max_map_count=262144
Next steps
  • Install Red Hat OpenShift Service Mesh in your OpenShift Container Platform environment.