Before you use traffic lanes in permissive mode to manage end-to-end traffic, you must make some preparations to ensure that all necessary conditions are met before you start to perform the steps in subsequent scenarios, so as to avoid unnecessary errors and obstacles. This topic describes the preparations for using traffic lanes in permissive mode to manage end-to-end traffic.
Prerequisites
A Service Mesh (ASM) instance of Enterprise Edition or Ultimate Edition is created, and the version of the ASM instance is 1.18.2.111 or later. For more information, see Create an ASM instance or Update an ASM instance.
The cluster is added to the ASM instance. For more information, see Add a cluster to an ASM instance.
An ASM ingress gateway named ingressgateway is created. For more information, see Create an ingress gateway.
Preparations
Create an Istio gateway named ingressgateway
Use the following content to create an Istio gateway named ingressgateway in the istio-system namespace. For more information, see Manage Istio gateways.
Deploy sample services (applicable to Scenario 1 and Scenario 2)
Enable automatic sidecar proxy injection for the default namespace. For more information about how to enable this feature, see Enable automatic sidecar proxy injection.
For more information about automatic sidecar proxy injection, see Configure sidecar proxy injection policies.
Run the following commands to deploy sample services in a Container Service for Kubernetes (ACK) cluster:
kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v1/mock-tracing-v1.yaml kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v2/mock-tracing-v2.yaml kubectl apply -f https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/swimlane/v3/mock-tracing-v3.yaml
NoteThe sample services in Scenario 1 and Scenario 2 are developed by using Golang. The sample services in Scenario 3 are developed by using Java. This is because the baggage header pass-through mechanism places restrictions on the development languages of services. For more information, see Injecting Auto-instrumentation.
Configure the feature that allows pods for services to transparently transmit baggage headers (applicable to Scenario 3)
This section shows you how to use the auto-instrumentation capability of the OpenTelemetry Operator to enable pods for services in the Kubernetes cluster to transparently transmit baggage headers.
Deploy the OpenTelemetry Operator.
Use a kubectl client to connect to the Kubernetes cluster that is added to the ASM instance. Run the following command to create a namespace named opentelemetry-operator-system:
kubectl create namespace opentelemetry-operator-system
Run the following commands to use Helm to install the OpenTelemetry Operator in the opentelemetry-operator-system namespace. For more information about how to install Helm, see Install Helm.
helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts helm install \ --namespace=opentelemetry-operator-system \ --version=0.46.0 \ --set admissionWebhooks.certManager.enabled=false \ --set admissionWebhooks.certManager.autoGenerateCert=true \ --set manager.image.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/opentelemetry-operator" \ --set manager.image.tag="0.92.1" \ --set kubeRBACProxy.image.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/kube-rbac-proxy" \ --set kubeRBACProxy.image.tag="v0.13.1" \ --set manager.collectorImage.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/opentelemetry-collector" \ --set manager.collectorImage.tag="0.97.0" \ --set manager.opampBridgeImage.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/operator-opamp-bridge" \ --set manager.opampBridgeImage.tag="0.97.0" \ --set manager.targetAllocatorImage.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/target-allocator" \ --set manager.targetAllocatorImage.tag="0.97.0" \ --set manager.autoInstrumentationImage.java.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/autoinstrumentation-java" \ --set manager.autoInstrumentationImage.java.tag="1.32.1" \ --set manager.autoInstrumentationImage.nodejs.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/autoinstrumentation-nodejs" \ --set manager.autoInstrumentationImage.nodejs.tag="0.49.1" \ --set manager.autoInstrumentationImage.python.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/autoinstrumentation-python" \ --set manager.autoInstrumentationImage.python.tag="0.44b0" \ --set manager.autoInstrumentationImage.dotnet.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/autoinstrumentation-dotnet" \ --set manager.autoInstrumentationImage.dotnet.tag="1.2.0" \ --set manager.autoInstrumentationImage.go.repository="registry-cn-hangzhou.ack.aliyuncs.com/acs/opentelemetry-go-instrumentation" \ --set manager.autoInstrumentationImage.go.tag="v0.10.1.alpha-2-aliyun" \ opentelemetry-operator open-telemetry/opentelemetry-operator
Run the following command to check whether the OpenTelemetry Operator works properly:
kubectl get pod -n opentelemetry-operator-system
Expected output:
NAME READY STATUS RESTARTS AGE opentelemetry-operator-854fb558b5-pvllj 2/2 Running 0 1m
Configure auto-instrumentation.
Create an instrumentation.yaml file that contains the following content:
apiVersion: opentelemetry.io/v1alpha1 kind: Instrumentation metadata: name: demo-instrumentation spec: propagators: - baggage sampler: type: parentbased_traceidratio argument: "1"
Run the following command to declare auto-instrumentation in the default namespace:
kubectl apply -f instrumentation.yaml
NoteFor the OpenTelemetry framework, deploying the OpenTelemetry Collector to collect observability data is one of the best practices. The steps for deploying the OpenTelemetry Collector are not described here. For more information about how to collect ASM tracing data to Managed Service for OpenTelemetry, see Collect ASM tracing data to Managed Service for OpenTelemetry.