All Products
Search
Document Center

Alibaba Cloud Service Mesh:Manage applications in ACK edge clusters

更新時間:Aug 30, 2024

You can add Container Service for Kubernetes (ACK) edge clusters to Service Mesh (ASM) to efficiently and centrally manage and monitor multiple applications. You can use the traffic management and observability management features of ASM to guarantee high reliability and security of edge computing environments. This helps you improve O&M efficiency, guarantee service stability, and enhance service observability.

Prerequisites

Procedure

  1. Create an ASM instance.

    1. Log on to the ASM console. In the left-side navigation pane, choose Service Mesh > Mesh Management.

    2. On the Mesh Management page, click Create ASM Instance.

    3. On the Create Service Mesh page, configure the related parameters, read and agree to Service Agreement, and then click Create Service Mesh.

      The following table describes some of the parameters. For more information, see the parameter description in the Create an ASM instance topic.

      Parameter

      Description

      Region

      The region in which you want to create the ASM instance. We recommend that you select a region that is close to the region where the ACK edge cluster resides.

      Istio Version

      The Istio version of the ASM instance, which must be 1.14 or later.

      VPC

      Select the virtual private cloud (VPC) in which the ACK edge cluster resides from the drop-down list. A Classic Load Balancer (CLB) instance is associated with Istio Pilot on the control plane. The VPC of the data plane must be connected to the VPC in which the CLB instance resides. For more information, see Cloud Enterprise Network.

      vSwitch

      Select a vSwitch from the drop-down list. You can also click Create vSwitch to create a vSwitch. For more information, see Create and manage a vSwitch.

      API Server access

      An ASM instance runs on Kubernetes runtime. You can use the API server to define a variety of mesh resources, such as virtual services, destination rules, and Istio gateways. You can select a CLB instance specification for the API server from the drop-down list, and select or clear Use EIP to expose API Server. An internal-facing CLB instance will be created by using the specification you select.

      • If you select Use EIP to expose API Server, an elastic IP address (EIP) is created and associated with the internal-facing CLB instance. Port 6443 of the API server is exposed. You can use the kubeconfig file of a cluster to connect to and manage the cluster over the Internet to define mesh resources.

      • If you clear Use EIP to expose API Server, no EIP is created. You can use the kubeconfig file of a cluster to connect to and manage the cluster to define mesh resources only over the VPC in which the cluster resides.

      Note

      It takes 2 to 3 minutes to create an ASM instance.

  2. Add the ACK edge cluster to the ASM instance.

    1. On the Mesh Management page, find the ASM instance that you want to configure. Click the name of the ASM instance or click Manage in the Actions column.

    2. On the details page of the ASM instance, choose Cluster & Workload Management > Kubernetes Clusters in the left-side navigation pane. On the page that appears, click Add.

    3. On the Add Kubernetes Cluster page, select Filter out Kubernetes clusters that are in the same VPC as the ASM instance, select the ACK edge cluster that you want to add, and then click OK.

      Note

      After you perform the operation to add a cluster to an ASM instance, the status of the ASM instance changes to Updating. Wait a few seconds and click the 刷新 icon in the upper-right corner. If the cluster is added to the ASM instance, the status of the ASM instance becomes Running. The wait time varies based on the network condition of the ACK edge cluster to be added. You can view information about the added cluster on the Kubernetes Clusters page.

  3. Create an ASM ingress gateway.

    1. On the details page of the ASM instance, choose ASM Gateways > Ingress Gateway in the left-side navigation pane.

    2. On the Ingress Gateway page, click Create, configure the parameters as needed, and then click Create.

      The following table describes some of the parameters. For more information about configuration items, see the parameter description in the Create an ingress gateway topic.

      Parameter

      Description

      Cluster

      Select the ACK edge cluster in which you want to deploy an ingress gateway from the drop-down list.

      CLB Instance Type

      Select Internet Access or Private Access. Select Create a CLB Instance or Use Existing CLB Instance.

      Port Mapping

      • Specify the ports that services need to expose. The port you specify in this section is corresponding to the port field in the service YAML file. When you define port mappings in YAML files of the services, we recommend that you set the targetPort field to the same value as the port field in each mapping.

      • ASM provides two default ports that are commonly used by Istio. You can keep or delete the default ports and add new ports as needed.

      After the ingress gateway is created, you can log on to the ACK edge cluster to view details.

  4. Deploy applications in the ACK edge cluster.

    1. Enable automatic sidecar proxy injection. For more information, see Manage global namespaces and Configure sidecar proxy injection policies.

    2. Deploy applications in the ACK edge cluster by running commands on the kubectl client or by using the ACK console. For more information, see Deploy an application in an ACK cluster that is added to an ASM instance.

  5. (Optional) Define Istio resources. For more information, see Use Istio resources to route traffic to different versions of a service.

References

  • You can deploy an ASM ingress gateway in a Kubernetes cluster to act as a single entry point for access to your applications over the Internet or an internal network. For more information, see Create an ingress gateway.

  • ASM allows you to route traffic to different versions of a service based on the specified ratio. This feature is applicable to many scenarios such as canary release and A/B testing. For more information, see Use Istio resources to route traffic to different versions of a service.

  • The Mesh Topology feature of ASM allows you to view the call relationships and traffic flows among apps, services, and application versions. For more information, see Enable Mesh Topology to improve observability.