Istio dev environment

gistfile1.txt

mkdir /mnt/registry
mkdir registry-certs
cd registry-certs/
openssl genrsa 2048 > myregistry.example.com.key
chmod 0400 myregistry.example.com.key
openssl req -new -x509 -nodes -sha256 -days 365 -key  myregistry.example.com.key -out myregistry.example.com.keycrt
q.redhat.com.crt

cat start-registry.sh
~~~
#!/bin/sh

docker run -d \
  --name registry \
  -p 5000:5000 \
  --restart=always \
  -v "$(pwd)"/registry-certs:/registry-certs \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/registry-certs/myregistry.example.com.crt \
  -e REGISTRY_HTTP_TLS_KEY=/registry-certs/myregistry.example.com.key \
  -v /mnt/registry/:/var/lib/registry \
  registry:2
~~~

cat tag-local-istio-images.sh
#!/bin/sh
IMAGES=`docker images --filter=reference='istio/*' --format "{{.Repository}}:{{.Tag}}"`
REGISTRY="myregistry.example.com:5000"
for image in $IMAGES ; do
        BARENAME=`echo ${image} | cut -f2 -d/ | cut -f1 -d:`
        echo "Tagging ${image} to ${REGISTRY}/${BARENAME}:latest..."
        docker tag ${image} $REGISTRY/$BARENAME:latest
        docker push $REGISTRY/$BARENAME:latest
done

# If intending to use minikube and the development registry has no certs or self-signed
minikube start --driver=kvm --memory=65536 --cpus=4 --kubernetes-version=v1.20.0 --insecure-registry=myregistry.example.com:5000

cd istio
make build
make docker

./start-registry.sh
./tag-local-istio-images.sh

istioctl x uninstall --purge
istioctl install --set profile=demo --set hub=myregistry.example.com:5000 --set tag=latest