Community

Blog Events Webinars Tutorials Forum
  1. Blog
  2. Events
  3. Webinars
  4. Tutorials
  5. Forum
Create Account
×
Community Blog Deploy a ASM Serverless Gateway to Support Elastic Business Scenarios

Deploy a ASM Serverless Gateway to Support Elastic Business Scenarios

This article provides an overview of deploying an ASM Serverless Gateway, and how to use it to support elastic business scenarios.

By Xining Wang

The Alibaba Cloud Service Mesh (ASM) serverless gateway is built on virtual nodes and Elastic Container Instance. It applies to scenarios that require elastic resources and do not require node maintenance.

Terms

  • Elastic Container Instance (ECI) is a serverless elastic computing service. This container service provided by Alibaba Cloudeliminates the need for O&M and offers strong isolation and fast startup for container runtime environments. Elastic Container Instance allows you to focus on container applications without the need to purchase and manage underlying Elastic Compute Service (ECS) servers or maintain the underlying infrastructure. You can create ECI instances based on your business requirements and pay only for the resources configured for containers, based on quantity and seconds.
  • A virtual node significantly reduces computing costs and improves elastic computing efficiency in scenarios with fluctuating computing loads.
  • A taint allows a node to repel a specific set of pods. By default, all virtual nodes in an ACK cluster are added with the virtual-kubelet.io/provider=alibabacloud:NoSchedule taint. This prevents accidental usage of elastic container instances.
  • Toleration is applied to pods, allowing them to be scheduled on nodes with corresponding taints. To enable pods in an ACK cluster to use elastic container instances, configure the following tolerations to tolerate the virtual-kubelet.io/provider=alibabacloud:NoSchedule taint.
    tolerations:
    - key: virtual-kubelet.io/provider
      operator: Equal
      value: alibabacloud
      effect: NoSchedule
  • Taints and tolerations work together to prevent the system from scheduling pods on inappropriate nodes. A node can have one or more taints. If a pod does not tolerate a specific taint, a node with the corresponding taint will not accept the pod. If a pod tolerates a specific taint, it can be scheduled on a node with the corresponding taint, but it is not mandatory.
  • NodeAffinity rules can be either required or preferred. If no preferred or soft rules are met, the pods will be scheduled on other nodes.

Prerequisites

• If you create an ASM gateway in a Serverless Kubernetes (ASK) cluster in the ASM console, the pods run on elastic container instances, and you do not need to perform the operations described in this article.

• The following procedure applies to an ACK cluster (an ACK standard cluster, an ACK Pro cluster, or an ACK dedicated cluster). You must deploy the ack-virtual-node component. For more information, see Deploy ack-virtual-node component.

Procedures

Step 1: Add a Label to the Desired Node

Run kubectl get nodes to obtain the names of the nodes in the specific cluster. Select a node to which you want to add a label and execute the kubectl label nodes = command to add the label to the desired node.

For example,

kubectl label nodes node1 mykey4pod=asmgateway

Step 2: Add a Taint to the Node

Run kubectl taint to add a taint to the node. For example,

kubectl taint nodes node1 mykey=myvalue:NoSchedule

This command adds a taint to node 1. The key is mykey, the value is myvalue, and the effect is NoSchedule. This way, only pods that tolerate the taint can be scheduled to node 1.

Step 3: Set Node Affinity and Tolerations for the ASM Gateway

Configure the nodeAffinity parameters of the ASM gateway so that the pods of the ASM gateway are scheduled to the corresponding nodes.

Configure the tolerations parameters to match the taint created in Step 2. As such, the pods of the ASM gateway can be scheduled to node 1.

Procedures:

  1. Log on to the ASM console. In the left-side navigation pane, choose 8Service Mesh > Mesh Management.
  2. On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose ASM Gateways > Ingress Gateway.
  3. On the Ingress Gateway page, find the gateway that you want to set and click YAML on the right.
  4. In the Edit dialog box, add the following content to the spec field and click OK.
affinity:
 nodeAffinity:
   preferredDuringSchedulingIgnoredDuringExecution:
     - preference:
         matchExpressions:
           - key: type
             operator: In
             values:
               - virtual-kubelet
       weight: 20
     - preference:
         matchExpressions:
           - key: mykey4pod
             operator: In
             values:
               - asmgateway
       weight: 80
   requiredDuringSchedulingIgnoredDuringExecution:
     nodeSelectorTerms:
       - matchExpressions:
           - key: mykey4pod
             operator: In
             values:
               - asmgateway
       - matchExpressions:
           - key: type
             operator: In
             values:
               - virtual-kubelet
tolerations:
 - effect: NoSchedule
   key: virtual-kubelet.io/provider
   operator: Equal
   value: alibabacloud
 - effect: NoSchedule
   key: mykey
   operator: Equal
   value: myvalue

Notes

  • The preferredDuringSchedulingIgnoredDuringExecution parameter is associated with two matchExpressions fields. When using the configuration with a weight of 20, pods are scheduled to use elastic container instances. When using the configuration with a weight of 80, pods are scheduled to ECS nodes with the specified label. Additionally, the weight values are relative, and a configuration with a higher value is preferred.
  • The requiredDuringSchedulingIgnoredDuringExecution parameter is associated with two matchExpressions fields. One indicates that pods are scheduled to ECS nodes with the specified label, and the other indicates that pods are scheduled to use elastic container instances.
  • The configurations in the example above indicate that the pods tolerate the virtual-kubelet.io/provider=alibabacloud:NoSchedule taint and can use elastic container instances.
Computing Serverless Tutorials cloud native Service Mesh ACK ASM ASM Gateway
0 1 0
Share on

Read previous post:

Schedule the Pods of an ASM Gateway to a Specified Node

Xi Ning Wang(王夕宁)

56 posts | 8 followers

You may also like

Comments

Xi Ning Wang(王夕宁)

56 posts | 8 followers

Related Products

More Posts by Xi Ning Wang(王夕宁)

See All