调用CreateServiceMesh接口创建一个服务网格实例。
调试
您可以在OpenAPI Explorer中直接运行该接口,免去您计算签名的困扰。运行成功后,OpenAPI Explorer可以自动生成SDK代码示例。
请求参数
名称 | 类型 | 是否必选 | 示例值 | 描述 |
---|---|---|---|---|
Action | String | 是 | CreateServiceMesh |
系统规定参数。取值:CreateServiceMesh。 |
RegionId | String | 是 | cn-hangzhou |
服务网格所在地域ID |
IstioVersion | String | 否 | v1.5.4.1-g5960ec40-aliyun |
Istio版本号 |
VpcId | String | 是 | vpc-xzelac2tw4ic7wz31**** |
专有网络ID |
ApiServerPublicEip | Boolean | 否 | false |
是否使用公网地址暴露API Server,取值:
默认值:false 说明 若不选择则无法通过外网访问集群API Server
|
Tracing | Boolean | 否 | false |
是否启用链路追踪(需要开通 阿里云链路追踪服务),取值:
默认值:false |
Name | String | 否 | mesh1 |
服务网格名称 |
VSwitches | String | 是 | ["vsw-xzegf5dndkbf4m6eg****"] |
虚拟交换机ID |
TraceSampling | Float | 否 | 100 |
链路追踪采样百分比 |
CustomizedZipkin | Boolean | 否 | false |
在导出ASM链路追踪数据时,是否向自建Zipkin导出,取值:
默认值: |
LocalityLoadBalancing | Boolean | 否 | false |
是否启用服务就近访问,取值:
默认值: |
LocalityLBConf | String | 否 | {"failover":[{"from":"cn-hangzhou","to":"cn-shanghai"}]} |
服务就近访问配置 |
Telemetry | Boolean | 否 | false |
开启采集Prometheus监控指标(建议使用阿里云Prometheus监控),取值:
默认值: |
OpenAgentPolicy | Boolean | 否 | false |
是否集成开放策略代理(OPA)插件,取值:
默认值: |
OPALogLevel | String | 否 | info |
OPA代理容器日志级别 |
OPARequestCPU | String | 否 | 1 |
OPA代理容器的CPU资源请求,可以使用Kubernetes标准CPU表示形式。例如1为1核CPU。 |
OPARequestMemory | String | 否 | 512Mi |
OPA代理容器的内存资源请求,可以使用Kubernetes标准内存表示形式。例如1Mi 为1024kb。 |
OPALimitCPU | String | 否 | 2 |
OPA代理容器的CPU资源限制 |
OPALimitMemory | String | 否 | 1024Mi |
OPA代理容器的内存资源限制,可以使用Kubernetes标准内存表示形式。例如1Mi 为1024kb。 |
EnableAudit | Boolean | 否 | false |
是否启用网格审计(需要开通 阿里云日志服务),取值:
默认值: |
AuditProject | String | 否 | mesh-log-xxxx |
网格审计对应的日志项目名称 默认值:mesh-log-{meshId} |
ProxyRequestCPU | String | 否 | 100m |
代理容器的CPU请求资源 |
ProxyRequestMemory | String | 否 | 128Mi |
代理容器的内存请求资源 |
ProxyLimitCPU | String | 否 | 2000m |
代理容器的CPU限制资源 |
ProxyLimitMemory | String | 否 | 1024Mi |
代理容器的内存限制资源 |
IncludeIPRanges | String | 否 | * |
拦截对外访问的地址范围 |
ExcludeIPRanges | String | 否 | 100.100.10*.*** |
排除拦截对外访问的地址范围 |
ExcludeOutboundPorts | String | 否 | 80,81 |
以逗号分隔的出站端口列表 |
ExcludeInboundPorts | String | 否 | 80,81 |
以逗号分隔的入站端口列表 |
OpaEnabled | Boolean | 否 | false |
是否启用OPA,取值:
默认值: |
KialiEnabled | Boolean | 否 | false |
是否启用Kiali(需先开启采集Prometheus 监控指标,当该项更新为false时,本项强制为false),取值:
默认值: |
AccessLogEnabled | Boolean | 否 | false |
是否启用访问日志,取值:
默认值: |
CustomizedPrometheus | Boolean | 否 | false |
是否自定义Prometheus,取值:
默认值: |
PrometheusUrl | String | 否 | http://prometheus:9090 |
自定义Prometheus服务地址 |
RedisFilterEnabled | Boolean | 否 | true |
是否启用Redis Filter能力,取值:
默认值: |
MysqlFilterEnabled | Boolean | 否 | false |
是否启用MysqlFilter,取值:
默认值: |
ThriftFilterEnabled | Boolean | 否 | false |
是否启用ThriftFilter,取值:
默认值: |
WebAssemblyFilterEnabled | Boolean | 否 | false |
是否启用WebAssemblyFilter,取值:
默认值: |
MSEEnabled | Boolean | 否 | false |
是否启用MSE微服务引擎,取值:
默认值: |
DNSProxyingEnabled | Boolean | 否 | false |
是否启用DNS代理能力,取值:
默认值: |
Edition | String | 否 | Pro |
ASM实例版本 |
ConfigSourceEnabled | Boolean | 否 | false |
是否启用外部服务注册中心,取值:
默认值: |
ConfigSourceNacosID | String | 否 | mse-cn-tl326****** |
Nacos注册中心实例ID |
DubboFilterEnabled | Boolean | 否 | false |
是否启用DubboFilter,取值:
默认值: |
FilterGatewayClusterConfig | Boolean | 否 | false |
是否启用Gateway配置过滤,取值:
默认值: |
EnableSDSServer | Boolean | 否 | false |
是否启用SDS服务,取值:
默认值: |
AccessLogServiceEnabled | Boolean | 否 | false |
是否启用Envoy的gRPC日志服务(ALS),取值:
默认值: |
AccessLogServiceHost | String | 否 | 0.0.0.0 |
启用Envoy的gRPC日志服务(ALS)的地址 |
AccessLogServicePort | Integer | 否 | 9999 |
启用Envoy的gRPC日志服务(ALS)的端口 |
GatewayAPIEnabled | Boolean | 否 | false |
是否启用Gateway API,取值:
默认值: |
ControlPlaneLogEnabled | Boolean | 否 | false |
是否启用控制面日志采集,取值:
默认值: |
ControlPlaneLogProject | String | 否 | mesh-log-cf245a429b6ff4b6e97f20797758***** |
控制面日志采集的SLS Project |
AccessLogFormat | String | 否 | {"authority_for":"%REQ(:AUTHORITY)%","bytes_received":"%BYTES_RECEIVED%","bytes_sent":"%BYTES_SENT%","downstream_local_address":"%DOWNSTREAM_LOCAL_ADDRESS%","downstream_remote_address":"%DOWNSTREAM_REMOTE_ADDRESS%","duration":"%DURATION%","istio_policy_status":"%DYNAMIC_METADATA(istio.mixer:status)%","method":"%REQ(:METHOD)%","path":"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","protocol":"%PROTOCOL%","request_id":"%REQ(X-REQUEST-ID)%","requested_server_name":"%REQUESTED_SERVER_NAME%","response_code":"%RESPONSE_CODE%","response_flags":"%RESPONSE_FLAGS%","route_name":"%ROUTE_NAME%","start_time":"%START_TIME%","trace_id":"%REQ(X-B3-TRACEID)%","upstream_cluster":"%UPSTREAM_CLUSTER%","upstream_host":"%UPSTREAM_HOST%","upstream_local_address":"%UPSTREAM_LOCAL_ADDRESS%","upstream_service_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_transport_failure_reason":"%UPSTREAM_TRANSPORT_FAILURE_REASON%","user_agent":"%REQ(USER-AGENT)%","x_forwarded_for":"%REQ(X-FORWARDED-FOR)%"} |
自定义访问日志的格式(需选择启用访问日志,否则自动忽略本项)。本项字符串为JSON格式,且JSON字符串中必须至少包含下述的键值:authority_for、bytes_received、bytes_sent、downstream_local_address、downstream_remote_address、duration、istio_policy_status、method、path、protocol、requested_server_name、response_code、response_flags、route_name、start_time、trace_id、upstream_cluster、upstream_host、upstream_local_address、upstream_service_time、upstream_transport_failure_reason、user_agent、x_forwarded_for |
AccessLogFile | String | 否 | /dev/stdout |
开启和关闭访问日志,取值:
|
AccessLogProject | String | 否 | mesh-log-cf245a429b6ff4b6e97f20797758***** |
访问日志采集的SLS Project |
EnableCRHistory | Boolean | 否 | false |
是否启用ASM的Istio资源历史版本管理功能,取值:
默认值: |
CRAggregationEnabled | Boolean | 否 | false |
是否启用数据面集群Kubernetes API访问Istio资源(需ASM实例v1.9.7.93版本以上),取值:
默认值: |
GlobalRateLimitEnabled | Boolean | 否 | false |
是否开启AHAS流控,取值:
默认值: |
ApiServerLoadBalancerSpec | String | 否 | slb.s1.small |
APIServer 绑定的SLB规格。取值:简约型I(slb.s1.small)、标准型I(slb.s2.small)、标准型II(slb.s2.medium)、高阶型I(slb.s3.small)、高阶型II(slb.s3.medium)、超强型I(slb.s3.large) |
PilotLoadBalancerSpec | String | 否 | slb.s1.small |
APIServer 绑定的SLB规格。取值:简约型I(slb.s1.small)、标准型I(slb.s2.small)、标准型II(slb.s2.medium)、高阶型I(slb.s3.small) 、高阶型II(slb.s3.medium)、超强型I(slb.s3.large) |
ChargeType | String | 否 | PostPaid |
SLB付费类型。取值:
|
Period | Integer | 否 | 3 |
ChargeType为PrePay时生效。表示购买包年包月类型的SLB时,购买的月份。如果为1年,则输入12。 |
AutoRenew | Boolean | 否 | true |
SLB为包年包月类型时,是否自动续费。取值:
|
AutoRenewPeriod | Integer | 否 | 3 |
ChargeType为PrePay时生效。表示购买包年包月类型的SLB时,自动续费的时间。如果为购买时间小于1年,此参数表示自动续费多少个月。如果购买时长超过1年,此参数表示自动续费多少年。 |
ClusterSpec | String | 否 | standard |
服务网格实例规格,取值:
|
MultiBufferEnabled | Boolean | 否 | true |
是否启用基于multibuffer的TLS性能优化。取值:
默认值: |
MultiBufferPollDelay | String | 否 | 30s |
MultiBuffer开启状态同步时间。默认30s。 |
返回数据
名称 | 类型 | 示例值 | 描述 |
---|---|---|---|
RequestId | String | BD65C0AD-D3C6-48D3-8D93-38D2015C**** |
请求ID |
ServiceMeshId | String | c08ba3fd1e6484b0f8cc1ad8fe10d**** |
服务网格ID |
示例
请求示例
http(s)://[Endpoint]/?Action=CreateServiceMesh
&RegionId=cn-hangzhou
&IstioVersion=v1.5.4.1-g5960ec40-aliyun
&VpcId=vpc-xzelac2tw4ic7wz31****
&ApiServerPublicEip=false
&Tracing=false
&Name=mesh1
&VSwitches=["vsw-xzegf5dndkbf4m6eg****"]
&TraceSampling=100.0
&CustomizedZipkin=false
&LocalityLoadBalancing=false
&LocalityLBConf={"failover":[{"from":"cn-hangzhou","to":"cn-shanghai"}]}
&Telemetry=false
&OpenAgentPolicy=false
&OPALogLevel=info
&OPARequestCPU=1
&OPARequestMemory=512Mi
&OPALimitCPU=2
&OPALimitMemory=1024Mi
&EnableAudit=false
&AuditProject=mesh-log-xxxx
&ProxyRequestCPU=100m
&ProxyRequestMemory=128Mi
&ProxyLimitCPU=2000m
&ProxyLimitMemory=1024Mi
&IncludeIPRanges=*
&ExcludeIPRanges=100.100.100.100
&ExcludeOutboundPorts=80,81
&ExcludeInboundPorts=80,81
&OpaEnabled=false
&KialiEnabled=false
&AccessLogEnabled=false
&CustomizedPrometheus=false
&PrometheusUrl=http://prometheus:9090
&RedisFilterEnabled=true
&MysqlFilterEnabled=false
&ThriftFilterEnabled=false
&WebAssemblyFilterEnabled=false
&MSEEnabled=false
&DNSProxyingEnabled=false
&Edition=Pro
&ConfigSourceEnabled=false
&ConfigSourceNacosID=mse-cn-tl326******
&DubboFilterEnabled=false
&FilterGatewayClusterConfig=false
&EnableSDSServer=false
&AccessLogServiceEnabled=false
&AccessLogServiceHost=0.0.0.0
&AccessLogServicePort=9999
&GatewayAPIEnabled=false
&ControlPlaneLogEnabled=false
&ControlPlaneLogProject=mesh-log-cf245a429b6ff4b6e97f20797758*****
&AccessLogFormat={"authority_for":"%REQ(:AUTHORITY)%","bytes_received":"%BYTES_RECEIVED%","bytes_sent":"%BYTES_SENT%","downstream_local_address":"%DOWNSTREAM_LOCAL_ADDRESS%","downstream_remote_address":"%DOWNSTREAM_REMOTE_ADDRESS%","duration":"%DURATION%","istio_policy_status":"%DYNAMIC_METADATA(istio.mixer:status)%","method":"%REQ(:METHOD)%","path":"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","protocol":"%PROTOCOL%","request_id":"%REQ(X-REQUEST-ID)%","requested_server_name":"%REQUESTED_SERVER_NAME%","response_code":"%RESPONSE_CODE%","response_flags":"%RESPONSE_FLAGS%","route_name":"%ROUTE_NAME%","start_time":"%START_TIME%","trace_id":"%REQ(X-B3-TRACEID)%","upstream_cluster":"%UPSTREAM_CLUSTER%","upstream_host":"%UPSTREAM_HOST%","upstream_local_address":"%UPSTREAM_LOCAL_ADDRESS%","upstream_service_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_transport_failure_reason":"%UPSTREAM_TRANSPORT_FAILURE_REASON%","user_agent":"%REQ(USER-AGENT)%","x_forwarded_for":"%REQ(X-FORWARDED-FOR)%"}
&AccessLogFile=/dev/stdout
&AccessLogProject=mesh-log-cf245a429b6ff4b6e97f20797758*****
&EnableCRHistory=false
&CRAggregationEnabled=false
&公共请求参数
正常返回示例
XML
格式
HTTP/1.1 200 OK
Content-Type:application/xml
<CreateServiceMeshResponse>
<RequestId>BD65C0AD-D3C6-48D3-8D93-38D2015C****</RequestId>
<ServiceMeshId>c08ba3fd1e6484b0f8cc1ad8fe10d****</ServiceMeshId>
</CreateServiceMeshResponse>
JSON
格式
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "BD65C0AD-D3C6-48D3-8D93-38D2015C****",
"ServiceMeshId" : "c08ba3fd1e6484b0f8cc1ad8fe10d****"
}
错误码
HttpCode | 错误码 | 错误信息 | 描述 |
---|---|---|---|
404 | ERR404 | Not found | 不存在 |
访问错误中心查看更多错误码。