You can use ArgoCD to release and update applications in Alibaba Cloud Service Mesh (ASM), which simplifies O&M costs. The developer submits the application definition (Deployment and Service) and traffic management (VirtualService, Gateway, and DestinationRule) written in YAML to the Git repository. ArgoCD monitors the current status of resources (such as Deployment, Service, and VirtualService) of applications in the cluster. It compares with the expected orchestration of resources in the Git repository based on the content in the Git repository. It can automatically/manually synchronize and deploy applications when the Git repository changes.
If you have installed ArgoCD, skip this step. Please refer to the homepage for the installation and deployment of ArgoCD.
Alibaba Cloud Container Service (ACK) application center has the built-in ArgoCD feature. You can avoid manually installing ArgoCD. The ACK application center allows you to check the status of applications. You can use Git repositories and Helm charts to deploy application versions to Kubernetes clusters. You can roll back and publish application versions.
Note: Alibaba Cloud Service Mesh (ASM) is a control plane that is compatible with managing Istio. An ArgoCD-managed ASM control plane and data plane (Kubernetes Container Service ACK) are not in the same Kubernetes cluster environment. We need to enable Data Plane KubeAPI Access in ASM. Then, ArgoCD can access Istio resources in the ASM cluster (just like accessing resources in the ACK cluster).
In managed mode, ASM and the Container Service ACK managed by ArgoCD are not in the same cluster environment. You need to enable the data plane KubeAPI access capability of ASM to enable ArgoCD to access the Istio resources in the ASM cluster (just like accessing the resources in the ACK cluster). You can enable this capability in the ASM console, as shown in the following figure:
In Alibaba Cloud Service Mesh → ASM Gateways → Create
Create an ASM Gateway and provide ports 80 and 443:
If ArgoCD and the ACK cluster managed by ASM are not in the same cluster, you must add the ACK cluster to ArgoCD.
You can add ACK clusters o ArgoCD using the Kubernetes secret as an external cluster. The tlsClientConfig can be obtained from the ACK KubeConfig file:
caData=certificate authority data
certData=client certificate data
keyData=client key data
Now, Istio resources can be defined as Kubernetes inventory. They are pushed to the Git repository used to deploy application Kubernetes orchestration.
Let's take Istio book-info as an example. The address of the Git repository is available here.
Fork this repository to your local first
Select argocd-asm for the branch and set Path to argo-cd/bookinfo:
This figure shows the creation after completion:
Click bookinfo to view the status of the created resource:
You can view the created resources in the ASM console, as shown in the following VirtualService:
You can click the bookinfo name to view the specific YAML file:
You can also view the created resources in the ACK console, as shown in the following figure:
Obtain the address of the ASM gateway from the ASM console and enter the http://{ASM-Gateway-IP}/productpage in the browser for access:
There are three versions of Istio book-info reviews, but we have not specified a version yet. The data display on the right will be different every time you refresh. We can specify through the GitOps process.
After configuring traffic rules, the v1 version reviews are displayed normally. Only when the logon username is jason, the v2 version is displayed. Change the copy of the Deployment reviews-v1 to 2. Add the following content to the argo-cd/bookinfo/istio-route.yaml file of Git repository. Change the number of reviews-v1 Deployment replicas in argo-cd/bookinfo/bookinfo.yaml to 2.
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: jason
route:
- destination:
host: reviews
subset: v2
- route:
- destination:
host: reviews
subset: v1
---
$ git add *
$ git commit -m "reviews-v1"
reviews-v1
2 files changed, 22 insertions(+), 22 deletions(-)
$ git push If automatic synchronization is enabled, ArgoCD automatically synchronizes Git configurations to the cluster. If not, you can manually click the Sync button. As shown below, since the file has changed, the Argo console will automatically prompt the OutOfSync status. Click the Sync button to complete the synchronization.
After synchronization, you can view the resources created in the ASM console, as shown in the following figure:
You can click the reviews name to view the specific YAML content:
You can also view the updated resources in the ACK console. The number of Deployment reviews-v1 replicas is updated to 2:
According to the routing rules, the access http://{ASM-Gateway-IP}/productpage is fixed to the review-v1 version when you are not logged on.
The number of reviews-v1 replicas also takes effect to 2. If we log in with jason as the user name (any password), we will see the v2 version.
Use ArgoCD in practice (combined with the latest features of Alibaba Cloud Service Mesh (ASM)) to manage Resource Orchestration Service (ROS) in GitOps mode, which simplifies O&M management costs.
The Seamless Transition from Traditional Microservice Frameworks to ASM
165 posts | 12 followers
FollowAlibaba Cloud Native - November 3, 2022
Alibaba Cloud Native - October 9, 2022
Alibaba Cloud Native - October 9, 2022
Xi Ning Wang(王夕宁) - July 21, 2023
Xi Ning Wang(王夕宁) - July 1, 2021
Alibaba Container Service - September 14, 2022
165 posts | 12 followers
Follow
Alibaba Cloud Service Mesh
Alibaba Cloud Service Mesh (ASM) is a fully managed service mesh platform that is compatible with Istio.
Learn More
Managed Service for Grafana
Managed Service for Grafana displays a large amount of data in real time to provide an overview of business and O&M monitoring.
Learn More
Bastionhost
A unified, efficient, and secure platform that provides cloud-based O&M, access control, and operation audit.
Learn More
DevOps Solution
Accelerate software development and delivery by integrating DevOps with the cloud
Learn MoreMore Posts by Alibaba Cloud Native