部署应用示例到包含同VPC多集群的ASM实例
通过服务网格ASM,可以将一个应用的服务组件部署在同VPC的多个集群上。本文以Bookinfo应用为例,介绍如何将该应用部署到包含两个集群的ASM实例。
前提条件
在同一VPC下创建两个ACK集群(本例中m1c1和m1c2),详情请参见创建Kubernetes专有版集群。
创建一个ASM实例(本例中mesh1),详情请参见创建ASM实例。
步骤一:修改集群的安全组名称
将两个集群对应的安全组名称修改为易于辨识的名称,本例中为m1c1-sg和m1c2-sg。
- 登录ECS管理控制台。
- 在左侧导航栏,选择。
- 在页面左侧顶部,选择目标资源所在的地域。
- 在安全组页面中,找到需要修改的安全组,单击操作列的修改。
- 在弹出的对话框中,修改安全组名称和描述。
- 单击确定。
修改后的名称,如下图所示。
步骤二:配置集群的互访联通性
为了使两个集群能够互相访问,需要为彼此添加安全组访问规则。
在m1c1-sg安全组配置界面,添加以m1c2-sg为授权对象的访问规则。详情请参见添加安全组规则。
在m1c2-sg安全组规则配置界面,添加以m1c1-sg为授权对象的访问规则。
步骤三:添加集群到ASM实例并部署集群的入口网关
将两个集群添加到ASM实例后,由于两个集群已实现访问互通,因此只需为一个集群部署入口网关。
将两个集群添加到ASM实例,详情请参见添加集群到ASM实例。
为m1c1集群部署入口网关,详情请参见创建入口网关。
步骤四:部署Bookinfo应用
为了演示ASM跨集群的应用部署能力,Bookinfo应用的不同微服务分别部署在两个集群上。
在m1c2中部署不包含review-v3 deployment的Bookinfo应用,详情请参见部署应用到ASM实例。
说明Review-v3 deployment对应的功能是书评中显示红色星。
对应的YAML文件内容如下所示:
# Details service apiVersion: v1 kind: Service metadata: name: details labels: app: details service: details spec: ports: - port: 9080 name: http selector: app: details --- apiVersion: v1 kind: ServiceAccount metadata: name: bookinfo-details labels: account: details --- apiVersion: apps/v1 kind: Deployment metadata: name: details-v1 labels: app: details version: v1 spec: replicas: 1 selector: matchLabels: app: details version: v1 template: metadata: labels: app: details version: v1 spec: serviceAccountName: bookinfo-details containers: - name: details image: docker.io/istio/examples-bookinfo-details-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 --- # Ratings service apiVersion: v1 kind: Service metadata: name: ratings labels: app: ratings service: ratings spec: ports: - port: 9080 name: http selector: app: ratings --- apiVersion: v1 kind: ServiceAccount metadata: name: bookinfo-ratings labels: account: ratings --- apiVersion: apps/v1 kind: Deployment metadata: name: ratings-v1 labels: app: ratings version: v1 spec: replicas: 1 selector: matchLabels: app: ratings version: v1 template: metadata: labels: app: ratings version: v1 spec: serviceAccountName: bookinfo-ratings containers: - name: ratings image: docker.io/istio/examples-bookinfo-ratings-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 --- # Reviews service apiVersion: v1 kind: Service metadata: name: reviews labels: app: reviews service: reviews spec: ports: - port: 9080 name: http selector: app: reviews --- apiVersion: v1 kind: ServiceAccount metadata: name: bookinfo-reviews labels: account: reviews --- apiVersion: apps/v1 kind: Deployment metadata: name: reviews-v1 labels: app: reviews version: v1 spec: replicas: 1 selector: matchLabels: app: reviews version: v1 template: metadata: labels: app: reviews version: v1 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 --- apiVersion: apps/v1 kind: Deployment metadata: name: reviews-v2 labels: app: reviews version: v2 spec: replicas: 1 selector: matchLabels: app: reviews version: v2 template: metadata: labels: app: reviews version: v2 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v2:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 --- # apiVersion: apps/v1 # kind: Deployment # metadata: # name: reviews-v3 # labels: # app: reviews # version: v3 # spec: # replicas: 1 # selector: # matchLabels: # app: reviews # version: v3 # template: # metadata: # labels: # app: reviews # version: v3 # spec: # serviceAccountName: bookinfo-reviews # containers: # - name: reviews # image: docker.io/istio/examples-bookinfo-reviews-v3:1.15.0 # imagePullPolicy: IfNotPresent # ports: # - containerPort: 9080 --- # Productpage services apiVersion: v1 kind: Service metadata: name: productpage labels: app: productpage service: productpage spec: ports: - port: 9080 name: http selector: app: productpage --- apiVersion: v1 kind: ServiceAccount metadata: name: bookinfo-productpage labels: account: productpage --- apiVersion: apps/v1 kind: Deployment metadata: name: productpage-v1 labels: app: productpage version: v1 spec: replicas: 1 selector: matchLabels: app: productpage version: v1 template: metadata: labels: app: productpage version: v1 spec: serviceAccountName: bookinfo-productpage containers: - name: productpage image: docker.io/istio/examples-bookinfo-productpage-v1:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 ---在m1c1中部署review-v3以及rating service(review依赖的服务)。
对应的YAML文件内容如下所示:
# Reviews service apiVersion: v1 kind: Service metadata: name: reviews labels: app: reviews service: reviews spec: ports: - port: 9080 name: http selector: app: reviews --- apiVersion: v1 kind: ServiceAccount metadata: name: bookinfo-reviews labels: account: reviews --- apiVersion: apps/v1 kind: Deployment metadata: name: reviews-v3 labels: app: reviews version: v3 spec: replicas: 1 selector: matchLabels: app: reviews version: v3 template: metadata: labels: app: reviews version: v3 spec: serviceAccountName: bookinfo-reviews containers: - name: reviews image: docker.io/istio/examples-bookinfo-reviews-v3:1.15.0 imagePullPolicy: IfNotPresent ports: - containerPort: 9080 --- # Ratings service apiVersion: v1 kind: Service metadata: name: ratings labels: app: ratings service: ratings spec: ports: - port: 9080 name: http selector: app: ratings
步骤五:添加虚拟服务和Istio网关
在ASM实例的default命名空间下新建一个虚拟服务,名为bookinfo,详情请参见使用Istio资源实现版本流量路由。
对应的YAML文件内容如下所示:
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: bookinfo spec: hosts: - "*" gateways: - bookinfo-gateway http: - match: - uri: exact: /productpage - uri: prefix: /static - uri: exact: /login - uri: exact: /logout - uri: prefix: /api/v1/products route: - destination: host: productpage port: number: 9080在ASM实例的default命名空间下新建一个Istio网关,名为bookinfo-gateway,详情参见使用Istio资源实现版本流量路由。
对应的YAML文件内容如下所示:
apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: bookinfo-gateway spec: selector: istio: ingressgateway # use istio default controller servers: - port: number: 80 name: http protocol: HTTP hosts: - "*"
访问productpage页面,刷新页面时会轮流显示reviews的3个版本。虽然review-v3和其他服务不在同一个集群中,也可以正常显示。
(可选)步骤六:指定reviews总是用v3版本
通过定义目标规则和虚拟服务,可以定义Bookinfo应用的微服务部署策略。本例中将指定Bookinfo总是使用review v3版本。
在ASM实例的default命名空间下新建一个目标规则,名为reviews。
YAML文件的内容如下所示:
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: reviews spec: host: reviews subsets: - name: v1 labels: version: v1 - name: v2 labels: version: v2 - name: v3 labels: version: v3在ASM实例的default命名空间下新建一个虚拟服务,名为reviews。
对应的YAML文件内容如下所示:
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: reviews spec: hosts: - reviews http: - route: - destination: host: reviews subset: v3
此时访问productpage页面,reviews将始终使用v3版本,即书评中为红色星。
