AI 助理
备案控制台
官方文档
输入文档关键字查找
首页 应用实时监控服务 应用监控 实践教程 Java 应用 为使用Istio的服务挂载Java探针

为使用Istio的服务挂载Java探针

更新时间:
产品详情
我的收藏

ack-onepilot组件需要在应用启动前通过init-containerJava应用提前准备ARMS探针,在同时使用ack-onepilotIstio时,由于Istio环境中网络配置与普通集群中有差异,请按照本文升级ack-onepilot组件或对低版本ack-onepilot进行一些额外的配置。

步骤一:安装ack-onepilot组件

重要

  • ack-onepilot升级至最新版本(3.0.19及以上版本)可自动修改istio-proxy拦截配置,此时无需执行步骤二。升级操作,请参见管理组件

  • 如果您想关闭ack-onepilot自动修改istio-proxy拦截配置的能力,可以将ack-onepilot升级到4.1.2及以上版本,同时设置为false,步骤如下:

    1. 登录容器服务管理控制台,在左侧导航栏选择集群列表

    2. 集群列表页面,单击目标集群名称,然后在左侧导航栏,选择工作负载 > 无状态

    3. 无状态页面单击ack-onepilot组件(一般在ack-onepilot命名空间下,名称为ack-onepilot-ack-onepilot)。

    4. ack-onepilot-ack-onepilot页面右上角单击编辑,然后设置ARMS_ISTIO_AUTO_INJECT_ENABLE环境变量为false。

步骤二:修改istio-proxy拦截配置

  1. 将以下VIP网段通过英文半角逗号(,)分隔的方式配置到PodAnnotation上。

    展开查看istio-proxy不拦截的网段

    Region

    Region ID

    VPC网络Endpoint

    VIP网段

    华东1(杭州)

    oss-cn-hangzhou

    oss-cn-hangzhou-internal.aliyuncs.com

    • 100.118.28.0/24

    • 100.114.102.0/24

    • 100.98.170.0/24

    • 100.118.31.0/24

    华东2(上海)

    oss-cn-shanghai

    oss-cn-shanghai-internal.aliyuncs.com

    • 100.98.35.0/24

    • 100.98.110.0/24

    • 100.98.169.0/24

    • 100.118.102.0/24

    华北1(青岛)

    oss-cn-qingdao

    oss-cn-qingdao-internal.aliyuncs.com

    • 100.115.173.0/24

    • 100.99.113.0/24

    • 100.99.114.0/24

    • 100.99.115.0/24

    华北2(北京)

    oss-cn-beijing

    oss-cn-beijing-internal.aliyuncs.com

    • 100.118.58.0/24

    • 100.118.167.0/24

    • 100.118.170.0/24

    • 100.118.171.0/24

    • 100.118.172.0/24

    • 100.118.173.0/24

    华北 3(张家口)

    oss-cn-zhangjiakou

    oss-cn-zhangjiakou-internal.aliyuncs.com

    • 100.118.90.0/24

    • 100.98.159.0/24

    • 100.114.0.0/24

    • 100.114.1.0/24

    华北5(呼和浩特)

    oss-cn-huhehaote

    oss-cn-huhehaote-internal.aliyuncs.com

    • 100.118.195.0/24

    • 100.99.110.0/24

    • 100.99.111.0/24

    • 100.99.112.0/24

    华北6(乌兰察布)

    oss-cn-wulanchabu

    oss-cn-wulanchabu-internal.aliyuncs.com

    • 100.114.11.0/24

    • 100.114.12.0/24

    • 100.114.100.0/24

    • 100.118.214.0/24

    华南1(深圳)

    oss-cn-shenzhen

    oss-cn-shenzhen-internal.aliyuncs.com

    • 100.118.78.0/24

    • 100.118.203.0/24

    • 100.118.204.0/24

    • 100.118.217.0/24

    华南2(河源)

    oss-cn-heyuan

    oss-cn-heyuan-internal.aliyuncs.com

    • 100.98.83.0/24

    • 100.118.174.0/24

    华南3(广州)

    oss-cn-guangzhou

    oss-cn-guangzhou-internal.aliyuncs.com

    • 100.115.33.0/24

    • 100.114.101.0/24

    西南1(成都)

    oss-cn-chengdu

    oss-cn-chengdu-internal.aliyuncs.com

    • 100.115.155.0/24

    • 100.99.107.0/24

    • 100.99.108.0/24

    • 100.99.109.0/24

    中国香港

    oss-cn-hongkong

    oss-cn-hongkong-internal.aliyuncs.com

    • 100.115.61.0/24

    • 100.99.103.0/24

    • 100.99.104.0/24

    • 100.99.106.0/24

    日本(东京)

    oss-ap-northeast-1

    oss-ap-northeast-1-internal.aliyuncs.com

    • 100.114.211.0/24

    • 100.114.114.0/25

    新加坡

    oss-ap-southeast-1

    oss-ap-southeast-1-internal.aliyuncs.com

    • 100.118.219.0/24

    • 100.99.213.0/24

    • 100.99.116.0/24

    • 100.99.117.0/24

    马来西亚(吉隆坡)

    oss-ap-southeast-3

    oss-ap-southeast-3-internal.aliyuncs.com

    • 100.118.165.0/24

    • 100.99.125.0/24

    • 100.99.130.0/24

    • 100.99.131.0/24

    印度尼西亚(雅加达)

    oss-ap-southeast-5

    oss-ap-southeast-5-internal.aliyuncs.com

    100.114.98.0/24

    德国(法兰克福)

    oss-eu-central-1

    oss-eu-central-1-internal.aliyuncs.com

    100.115.154.0/24

    英国(伦敦)

    oss-eu-west-1

    oss-eu-west-1-internal.aliyuncs.com

    100.114.114.128/25

    美国(硅谷)

    oss-us-west-1

    oss-us-west-1-internal.aliyuncs.com

    100.115.107.0/24

    美国(弗吉尼亚)

    oss-us-east-1

    oss-us-east-1-internal.aliyuncs.com

    • 100.115.60.0/24

    • 100.99.100.0/24

    • 100.99.101.0/24

    • 100.99.102.0/24

    以杭州地域为例:

      traffic.sidecar.istio.io/excludeOutboundIPRanges: "100.118.28.0/24,100.114.102.0/24,100.98.170.0/24,100.118.31.0/24"

  2. 修改应用的YAML文件,将以下annotations添加到spec.template.metadata层级下。

    image

    展开查看完成的YAML示例

    apiVersion: v1
kind: Namespace
metadata:
  name: arms-demo
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo
  namespace: arms-demo
  labels:
    app: arms-springboot-demo
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo
  template:
    metadata:
      annotations:
          traffic.sidecar.istio.io/excludeOutboundIPRanges: "100.118.28.0/24,100.114.102.0/24,100.98.170.0/24,100.118.31.0/24"
      labels:
        app: arms-springboot-demo
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo"
        one-agent.jdk.version: "OpenJDK18"
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo
          env:
            - name: SELF_INVOKE_SWITCH
              value: "true"
            - name: COMPONENT_HOST
              value: "arms-demo-component"
            - name: COMPONENT_PORT
              value: "6666"
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo-subcomponent
  namespace: arms-demo
  labels:
    app: arms-springboot-demo-subcomponent
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo-subcomponent
  template:
    metadata:
      labels:
        app: arms-springboot-demo-subcomponent
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo-subcomponent"
        one-agent.jdk.version: "OpenJDK18"
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo-subcomponent
          env:
            - name: SELF_INVOKE_SWITCH
              value: "false"
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: arms-demo-component
  name: arms-demo-component
  namespace: arms-demo
spec:
  ports:
    # the port that this service should serve on
    - name: arms-demo-component-svc
      port: 6666
      targetPort: 8888
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: arms-springboot-demo-subcomponent
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-demo-mysql
  namespace: arms-demo
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
          name: mysql
          ports:
            - containerPort: 3306
              name: mysql
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: mysql
  name: arms-demo-mysql
  namespace: arms-demo
spec:
  ports:
    # the port that this service should serve on
    - name: arms-mysql-svc
      port: 3306
      targetPort: 3306
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: mysql
---

上一篇:使用ARMS探针自动采集Crash日志下一篇:通过Nginx正向代理接入ARMS