You can connect a Kubernetes cluster that is deployed in a data center or on a third-party cloud to a registered Kubernetes cluster and manage applications in the registered Kubernetes cluster by using Service Mesh (ASM). This topic describes how to manage applications in a registered Kubernetes cluster by using ASM.
Prerequisites
ASM is activated. To activate ASM, go to the ASM console. For more information, see What is ASM? and Billing rules.
An external cluster is connected to a registered Kubernetes cluster. For more information, see Create a registered cluster in the ACK console.
The network used by the registered Kubernetes cluster on the data plane can communicate with the virtual private cloud (VPC) in which your ASM instance resides. The bandwidth meets the requirements. This way, the configurations of the cluster in which your ASM instance resides can be synchronized to the sidecar proxies in real time.
After the AMS instance is created, you can go to the Instances Status page in the ASM console to make sure that the synchronization state of all configurations is Configuration synchronized.
Procedure
Create an ASM instance.
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click Create ASM Instance, configure parameters as required, read and agree to Service Agreement, and then click Create Service Mesh.
The following table lists the main configuration items. For more information about the configuration items, see Create an ASM instance.
Configuration item
Description
Region
Select the region in which the registered Kubernetes cluster resides or a region that is nearest to the registered Kubernetes cluster.
VPC
Select the VPC in which the registered Kubernetes cluster resides from the drop-down list.
vSwitch
Select a vSwitch from the drop-down list. If no vSwitches meet your requirements, click Create vSwitch to create one. For more information, see Create and manage a vSwitch.
API Server access
Select or clear Use EIP to expose API Server. An ASM instance runs on Kubernetes runtime. You can use the API server to define a variety of mesh resources, such as virtual services, destination rules, and Istio gateways.
If you select Use EIP to expose API Server, an elastic IP address (EIP) is created and associated with an internal-facing CLB instance. Port 6443 of the API server is exposed. You can use the kubeconfig file of a cluster to connect to and manage the cluster over the Internet to define mesh resources.
If you clear Use EIP to expose API Server, no EIP is created. You can use the kubeconfig file of a cluster to connect to and manage the cluster to define mesh resources only over the VPC in which the cluster resides.
NoteTo use a public endpoint to expose Istio Pilot, submit a ticket.
It takes 2 to 3 minutes to create an ASM instance.
Add the registered Kubernetes cluster to the ASM instance. For more information, see Add a cluster to an ASM instance.
Create an ingress gateway. For more information, see Create an ingress gateway.
The following table lists the main configuration items.
Configuration item
Description
Cluster
Select the registered Kubernetes cluster in which you want to deploy an ingress gateway from the drop-down list.
CLB Instance Type
Different registered Kubernetes clusters may support different types of classic load balancers (CLBs). Select Internet Access or Private Access based on your business requirements. If the registered Kubernetes cluster does not support CLB instances, select Internet Access as CLB Instance Type. After the ingress gateway is created, edit the YAML file of the ingress gateway to specify the service type, such as Nodeport or ClusterIP.
Create a CLB Instance
You can select only Create a CLB Instance.
Port Mapping
The default container port in the ASM console is the same as the service port. If you use a YAML file to create an ingress gateway, we recommend that you keep the container port consistent with the service port.
Deploy applications in the registered Kubernetes cluster. For more information, see Deploy an application in an ASM instance.
Deploy applications in the registered Kubernetes cluster by either running commands on the kubectl client or using the ACK console.
Define Istio resources. For more information, see Use Istio resources to route traffic to different versions of a service.