Service Mesh (ASM) supports importing any type of Kubernetes cluster using kubeconfig with cluster administrator permissions and managing applications on it. This topic describes how to add a Kubernetes cluster by importing kubeconfig to ASM.
Prerequisites
An ASM instance has been created and the Service Mesh instance version is 1.22 or later. For more information, see Create an ASM instance.
A Kubernetes cluster with public network access has been enabled, and ASM control plane public network access has been enabled. For specific operations, see Attach or detach an EIP for the ASM control plane.
Procedure
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose .
Click Add. On the Add Kubernetes Cluster page, select the tab Add Kubernetes Cluster by Using Kubeconfig, fill in the cluster Name, enter the kubeconfig with administrator permissions that can access the cluster in the Cluster Kubeconfig field below, and then click OK.
ImportantSince this cluster is added to the ASM instance by importing kubeconfig, you need to ensure that the cluster meets the following conditions:
The imported kubeconfig has a public network access address.
The imported kubeconfig has administrator permissions for the corresponding Kubernetes cluster.
The corresponding Kubernetes cluster of the imported kubeconfig has public network access capability.
In the dialog box that appears, click OK.
After adding the cluster, on the ASM Instance > Basic Information page, you can see the Status of the ASM instance changes to Updating. After a few seconds (the duration depends on the number of clusters added), click Refresh in the upper right corner of the page, and the Status of the ASM instance will change to Running. On the Kubernetes Clusters page, you can see the information of the added clusters.
Known limitations
The following limitations apply to ASM console and product features when adding a cluster to the ASM instance by importing kubeconfig.
Cannot create LoadBalancer type ingress gateways through the ASM console. You can create LoadBalancer type ingress gateways through CRD (for specific operations, see ASM Gateway CRD Description), but your Kubernetes cluster needs to support LoadBalancer type services.
Cannot collect gateway and mesh proxy logs to Simple Log Service. We recommend that you collect the standard output of the istio-proxy container in the cluster by yourself.
Cannot collect monitoring metrics to Alibaba Cloud Managed Service for Prometheus. We recommend that you use a self-built Prometheus to collect mesh monitoring metrics. For specific operations, see Integrate self-built Prometheus for mesh monitoring.
Cannot use traffic lanes through the ASM console. We recommend that you use traffic lanes through CRD. For specific operations, see ASM SwimLaneGroup and ASM SwimLane CRD Description.
In the plug-in center, you cannot bind plug-ins to specific workloads. We recommend that you deploy plug-ins through the EnvoyFilterTemplate CRD. For specific operations, see EnvoyFilterTemplate and EnvoyFilterTemplateBinding CRD Description.
Cannot use Service discovery selectors in the ASM console.
Cannot use ASM CNI Plug-in.
Cannot use Kubernetes Service Management in the ASM console.
Cannot use Sync Sidecar Auto-Injecttion from Kubernetes Cluster feature, but Sync Automatic Sidecar Injection to Kubernetes Cluster and Enable/Disable Automatic Sidecar Proxy Injection features can be used normally.