Prerequisites
Two Container Service for Kubernetes (ACK) clusters, m1c1 and m1c2 in this example, are created in the same VPC. For more information, see Create an ACK dedicated cluster or Create an ACK managed cluster.
Note When you create a cluster, we recommend that you configure advanced security groups for the cluster.
An ASM instance of v1.18.0.139 or later is created. The ASM instance mesh1 is used in this example. For more information about how to create an ASM instance, see Create an ASM instance.
Step 1: Make sure that the two clusters can communicate with each other
By default, two clusters in the same VPC can communicate with each other if they are associated with advanced security groups. If one cluster is associated with a basic security group or the two security groups cannot communicate with each other, you must configure security group rules for the clusters. For more information, see Add a security group rule.
Step 2: Add the clusters to the ASM instance and create a serverless ingress gateway
After you add the two clusters to the ASM instance, create a serverless ingress gateway.
Add the two clusters to the ASM instance. For more information, see Add a cluster to an ASM instance.
Use the following YAML file to create a serverless ingress gateway. For more information, see Create an ingress gateway.
Expand to view the YAML file of the serverless ingress gateway
apiVersion: istio.alibabacloud.com/v1beta1
kind: IstioGateway
metadata:
annotations:
asm.alibabacloud.com/managed-by-asm: 'true'
name: ingressgateway
namespace: istio-system
spec:
gatewayType: ingress
dnsPolicy: ClusterFirst
externalTrafficPolicy: Local
hostNetwork: false
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
replicaCount: 1
resources:
limits:
cpu: '2'
memory: 2G
requests:
cpu: 200m
memory: 256Mi
rollingMaxSurge: 100%
rollingMaxUnavailable: 25%
runAsRoot: true
serviceType: LoadBalancer
Step 3: Deploy the Bookinfo application
ASM allows you to deploy an application across clusters. You can deploy the microservices of the Bookinfo application in the two clusters.
Use the following content to create resources configured in the bookinfo-m1c2.yaml file in the m1c2 cluster:
Note The v3 version of the reviews microservice displays ratings as red stars.
Show the YAML file of the Bookinfo application
# Details service
apiVersion: v1
kind: Service
metadata:
name: details
labels:
app: details
service: details
spec:
ports:
- port: 9080
name: http
selector:
app: details
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-details
labels:
account: details
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: details-v1
labels:
app: details
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: details
version: v1
template:
metadata:
labels:
app: details
version: v1
spec:
serviceAccountName: bookinfo-details
containers:
- name: details
image: docker.io/istio/examples-bookinfo-details-v1:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Ratings service
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
service: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-ratings
labels:
account: ratings
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ratings-v1
labels:
app: ratings
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: ratings
version: v1
template:
metadata:
labels:
app: ratings
version: v1
spec:
serviceAccountName: bookinfo-ratings
containers:
- name: ratings
image: docker.io/istio/examples-bookinfo-ratings-v1:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Reviews service
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
service: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-reviews
labels:
account: reviews
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v1
labels:
app: reviews
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v1
template:
metadata:
labels:
app: reviews
version: v1
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: docker.io/istio/examples-bookinfo-reviews-v1:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v2
labels:
app: reviews
version: v2
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v2
template:
metadata:
labels:
app: reviews
version: v2
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: docker.io/istio/examples-bookinfo-reviews-v2:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Productpage services
apiVersion: v1
kind: Service
metadata:
name: productpage
labels:
app: productpage
service: productpage
spec:
ports:
- port: 9080
name: http
selector:
app: productpage
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-productpage
labels:
account: productpage
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: productpage-v1
labels:
app: productpage
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: productpage
version: v1
template:
metadata:
labels:
app: productpage
version: v1
spec:
serviceAccountName: bookinfo-productpage
containers:
- name: productpage
image: docker.io/istio/examples-bookinfo-productpage-v1:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
Run the following command to deploy the Bookinfo application that does not contain the v3 version of the reviews microservice in the m1c2 cluster:
kubectl apply -f bookinfo-m1c2.yaml
Use the following content to create resources configured in the bookinfo-m1c1.yaml file in the m1c1 cluster:
Show the YAML file
# Reviews service
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
service: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-reviews
labels:
account: reviews
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v3
labels:
app: reviews
version: v3
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v3
template:
metadata:
labels:
app: reviews
version: v3
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: docker.io/istio/examples-bookinfo-reviews-v3:1.15.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Ratings service
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
service: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
Run the following command to deploy the v3 version of the reviews microservice and the ratings microservice in the m1c1 cluster:
kubectl apply -f bookinfo-m1c1.yaml
Step 4: Add a virtual service and an Istio gateway
Create a virtual service named bookinfo in the default namespace of the ASM instance. For more information, see Manage virtual services.
Expand to view the YAML file of the virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- "*"
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
Create an Istio gateway named bookinfo-gateway in the default namespace of the ASM instance. For more information, see Manage Istio gateways.
Expand to view the YAML file of the Istio gateway
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: bookinfo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
In the address bar of your browser, enter http://{IP address of the serverless ingress gateway}/productpage and refresh the page multiple times.
You can see that the ratio of the requests routed to the three versions of the reviews microservice is close to 1:1:1. The v3 version of the reviews microservice can take effect normally though it is not deployed in the same cluster as other microservices.
(Optional) Step 5: Specify that requests are always routed to the v3 version of the reviews microservice
You can define a destination rule and a virtual service to set a policy for deploying the microservices of the Bookinfo application. The following example specifies that requests are always routed to the v3 version of the reviews microservice.
Create a destination rule named reviews in the default namespace of the ASM instance. For more information, see Manage virtual services.
Expand to view the YAML file of the destination rule
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v3
labels:
version: v3
Create a virtual service named reviews in the default namespace of the ASM instance. For more information, see Manage virtual services.
Expand to view the YAML file of the virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v3
In the address bar of your browser, enter http://{IP address of the serverless ingress gateway}/productpage and refresh the page multiple times.
You can see that requests are always routed to the v3 version of the reviews microservice. In this case, ratings are displayed as red stars.