Step 1: Verify connectivity between the two clusters
By default, two clusters in the same VPC can access each other if they use advanced security groups. If they use basic security groups or if access fails, add security group rules to allow access between them. For more information, see Manage security group rules.
Step 2: Add the clusters to the ASM instance and create a Serverless ingress gateway
Add the two clusters to the ASM instance and then create a Serverless ingress gateway.
Add the two clusters to the ASM instance. For more information, see Add clusters to an ASM instance.
Use the following YAML content to create a Serverless ingress gateway. For more information, see Create an ingress gateway service.
Expand to view the YAML for the Serverless ingress gateway
apiVersion: istio.alibabacloud.com/v1beta1
kind: IstioGateway
metadata:
annotations:
asm.alibabacloud.com/managed-by-asm: 'true'
name: ingressgateway
namespace: istio-system
spec:
gatewayType: ingress
dnsPolicy: ClusterFirst
externalTrafficPolicy: Local
hostNetwork: false
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
replicaCount: 1
resources:
limits:
cpu: '2'
memory: 2G
requests:
cpu: 200m
memory: 256Mi
rollingMaxSurge: 100%
rollingMaxUnavailable: 25%
runAsRoot: true
serviceType: LoadBalancer
Step 3: Deploy the Bookinfo application
To demonstrate the cross-cluster application deployment feature of ASM, the microservices of the Bookinfo application are deployed on two separate clusters.
Use the following content to create a file named bookinfo-m1c2.yaml in the m1c2 cluster.
Note The `reviews-v3` deployment displays red stars in the book review section.
Expand to view the YAML for the Bookinfo application
# Details service
apiVersion: v1
kind: Service
metadata:
name: details
labels:
app: details
service: details
spec:
ports:
- port: 9080
name: http
selector:
app: details
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-details
labels:
account: details
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: details-v1
labels:
app: details
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: details
version: v1
template:
metadata:
labels:
app: details
version: v1
spec:
serviceAccountName: bookinfo-details
containers:
- name: details
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-details-v1:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Ratings service
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
service: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-ratings
labels:
account: ratings
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ratings-v1
labels:
app: ratings
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: ratings
version: v1
template:
metadata:
labels:
app: ratings
version: v1
spec:
serviceAccountName: bookinfo-ratings
containers:
- name: ratings
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-ratings-v1:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Reviews service
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
service: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-reviews
labels:
account: reviews
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v1
labels:
app: reviews
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v1
template:
metadata:
labels:
app: reviews
version: v1
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-reviews-v1:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v2
labels:
app: reviews
version: v2
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v2
template:
metadata:
labels:
app: reviews
version: v2
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-reviews-v2:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Productpage services
apiVersion: v1
kind: Service
metadata:
name: productpage
labels:
app: productpage
service: productpage
spec:
ports:
- port: 9080
name: http
selector:
app: productpage
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-productpage
labels:
account: productpage
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: productpage-v1
labels:
app: productpage
version: v1
spec:
replicas: 1
selector:
matchLabels:
app: productpage
version: v1
template:
metadata:
labels:
app: productpage
version: v1
spec:
serviceAccountName: bookinfo-productpage
containers:
- name: productpage
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-productpage-v1:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
Run the following command to deploy the Bookinfo application without the `reviews-v3` deployment in the m1c2 cluster.
kubectl apply -f bookinfo-m1c2.yaml
Use the following content to create a file named bookinfo-m1c1.yaml in the m1c1 cluster.
Expand to view the YAML content
# Reviews service
apiVersion: v1
kind: Service
metadata:
name: reviews
labels:
app: reviews
service: reviews
spec:
ports:
- port: 9080
name: http
selector:
app: reviews
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: bookinfo-reviews
labels:
account: reviews
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reviews-v3
labels:
app: reviews
version: v3
spec:
replicas: 1
selector:
matchLabels:
app: reviews
version: v3
template:
metadata:
labels:
app: reviews
version: v3
spec:
serviceAccountName: bookinfo-reviews
containers:
- name: reviews
image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-bookinfo-reviews-v3:1.19.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9080
---
# Ratings service
apiVersion: v1
kind: Service
metadata:
name: ratings
labels:
app: ratings
service: ratings
spec:
ports:
- port: 9080
name: http
selector:
app: ratings
Run the following command to deploy the `reviews-v3` deployment and the `ratings` service in the m1c1 cluster.
kubectl apply -f bookinfo-m1c1.yaml
Step 4: Add a virtual service and a gateway rule
In the `default` namespace of the ASM instance, create a virtual service named `bookinfo`. For more information, see Manage virtual services.
Expand to view the YAML for the virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- "*"
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
In the `default` namespace of the ASM instance, create a gateway rule named `bookinfo-gateway`. For more information, see Manage gateway rules.
Expand to view the YAML for the gateway rule
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: bookinfo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
In the address bar of your browser, enter http://{IP address of the Serverless ingress gateway}/productpage and refresh the page multiple times.
The page displays three versions of the reviews service, with traffic distributed almost evenly among them. The `reviews-v3` service is displayed correctly even though it is not in the same cluster as the other services.
(Optional) Step 5: Configure the reviews service to always use v3
You can define deployment policies for the Bookinfo microservices by creating destination rules and virtual services. In this example, the Bookinfo application is configured to always use the v3 version of the reviews service.
In the `default` namespace of the ASM instance, create a destination rule named `reviews`. For more information, see Manage virtual services.
Expand to view the YAML for the destination rule
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v3
labels:
version: v3
In the `default` namespace of the ASM instance, create a virtual service named `reviews`. For more information, see Manage virtual services.
Expand to view the YAML for the virtual service
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v3
In the address bar of your browser, enter http://{IP address of the Serverless ingress gateway}/productpage and refresh the page multiple times.
The page always displays the v3 version of the reviews service, which shows red stars in the book review section.