| object | | |
RequestId | string | | 11fd0027-c27e-41bb-a565-75583054**** |
ServiceMesh | object | The information about the ASM instance. | |
Endpoints | object | The endpoints of the ASM instance. | |
IntranetPilotEndpoint | string | The endpoint that is used to access Istio Pilot from the internal network. | 192.168.**.**:15011 |
PublicPilotEndpoint | string | The endpoint that is used to expose Istio Pilot to the Internet. | 182.92.**.**:15011 |
IntranetApiServerEndpoint | string | The endpoint that is used to access the API server from the internal network. | https://192.168.**.**:6443 |
PublicApiServerEndpoint | string | The endpoint that is used to access the API server over the Internet. | https://123.56.**.**:6443 |
ServiceMeshInfo | object | The basic information about the ASM instance. | |
Profile | string | The edition of the ASM instance. Valid values:
Default : Standard Edition
Pro : Enterprise Edition and Ultimate Edition
| Default |
CreationTime | string | The time when the ASM instance was created. | 2020-04-21T09:42:20+08:00 |
UpdateTime | string | The time when the ASM instance was last modified. | 2020-06-03T14:48:54+08:00 |
ErrorMessage | string | The returned error message. | error |
Version | string | The version of the ASM instance. | v1.7.4.0-gfb34ba99-aliyun |
State | string | The state of the ASM instance. | running |
ServiceMeshId | string | | c08ba3fd1e6484b0f8cc1ad8fe10d**** |
Name | string | The name of the ASM instance. | mesh1 |
RegionId | string | The ID of the region in which the ASM instance resides. | cn-beijing |
Spec | object | The specifications of the ASM instance. | |
Network | object | The network configurations of the ASM instance. | |
VpcId | string | The ID of the virtual private cloud (VPC). | vpc-2zew0rajjkmxy2369**** |
SecurityGroupId | string | | sg-2ze384sxttxbctnj**** |
VSwitches | array | The virtual switches (vSwitches). | |
| string | | vsw-2ze66z3ntvsej0mdo**** |
LoadBalancer | object | The information about load balancing. | |
PilotPublicEip | boolean | Indicates whether Istio Pilot is exposed to the Internet. Valid values:
| true |
PilotPublicLoadbalancerId | string | The ID of the Classic Load Balancer (CLB) instance that is used when Istio Pilot is exposed to the Internet. | lb-2zesa8qs8kbkj9jkl**** |
ApiServerLoadbalancerId | string | The ID of the CLB instance that is used when the API server is exposed to the Internet. | lb-2zekaak10uxds44vx**** |
ApiServerPublicEip | boolean | Indicates whether the API server is exposed to the Internet. Valid values:
| true |
MeshConfig | object | The configurations of the ASM instance. | |
OPA | object | The information about the Open Policy Agent (OPA) plug-in. | |
RequestMemory | string | The size of the memory that is requested by OPA. | 1024Mi |
LogLevel | string | The level of the logs to be generated for OPA. | info |
Enabled | boolean | Indicates whether the OPA plug-in is installed. Valid values:
| true |
LimitMemory | string | The maximum size of the memory that is available to the OPA proxy container. | 512Mi |
RequestCPU | string | The number of CPU cores that are requested by the OPA proxy container. | 2 |
LimitCPU | string | The maximum number of CPU cores that are available to the OPA proxy container. | 1 |
Prometheus | object | The configurations of Prometheus monitoring. | |
UseExternal | boolean | Indicates whether a custom Prometheus instance is used. Valid values:
| false |
ExternalUrl | string | The endpoint of Prometheus monitoring. If you use a custom Prometheus instance, this parameter is populated by the system. | http://prometheus:9090 |
AccessLog | object | The configurations of access log collection. | |
Enabled | boolean | Indicates whether access log collection is enabled. Valid values:
| true |
Project | string | The name of the Simple Log Service project that stores access logs. | k8s-log-b7b05d08670e41ca8c8fc0b7718f***** |
Pilot | object | The Pilot configurations. | |
Http10Enabled | boolean | Indicates whether HTTP/1.0 is supported. Valid values:
| false |
TraceSampling | float | The sampling percentage of tracing analysis. | 100 |
Feature | object | The configurations of Pilot features. | |
FilterGatewayClusterConfig | boolean | Indicates whether gateway configuration filtering is enabled. Valid values:
| false |
EnableSDSServer | boolean | Indicates whether Secret Discovery Service (SDS) is enabled. Valid values:
| false |
ConfigSource | object | The configurations of communication between external services and services in the mesh. | |
Enabled | boolean | Indicates whether communication is allowed between external services and services in the mesh. Valid values:
| false |
NacosID | string | The ID of the Nacos instance that provides external service information. | mse-cn-tl326****** |
MSE | object | The configurations of Microservices Engine (MSE). | |
Enabled | boolean | Indicates whether MSE is enabled. Valid values:
| false |
CustomizedZipkin | boolean | Indicates whether a custom Zipkin system is used. Valid values:
| false |
SidecarInjector | object | The configurations of the sidecar injector. | |
EnableNamespacesByDefault | boolean | Indicates whether automatic sidecar proxy injection is enabled for all namespaces. Valid values:
| false |
RequestMemory | string | The size of the memory that is requested by the pod where the sidecar injector resides. | 512Mi |
LimitMemory | string | The maximum size of the memory that is available to the pod where the sidecar injector resides. | 2048Mi |
RequestCPU | string | The number of CPU cores that are requested by the pod where the sidecar injector resides. | 1000m |
AutoInjectionPolicyEnabled | boolean | Indicates whether automatic sidecar proxy injection can be enabled by using pod annotations. Valid values:
| true |
LimitCPU | string | The maximum number of CPU cores that are available to the pod where the sidecar injector resides. | 4000m |
InitCNIConfiguration | object | The configurations of Container Network Interface (CNI). | |
ExcludeNamespaces | string | The namespaces to exclude. The CNI plug-in ignores pods in the excluded namespaces. | kube-system,istio-system |
Enabled | boolean | Indicates whether the CNI plug-in is enabled. Valid values:
| false |
SidecarInjectorWebhookAsYaml | string | | {"injectedAnnotations":{"test/istio-init":"runtime/default2","test/istio-proxy":"runtime/default"},"replicaCount":2,"nodeSelector":{"beta.kubernetes.io/os":"linux"}} |
SidecarInjectorNum | integer | The number of component replicas that are used for sidecar proxy injection. Default value: 1 . | 1 |
IncludeIPRanges | string | The IP ranges in CIDR form to redirect to the sidecar proxies in the ASM instance. | 192.168.0.0/16 |
ExcludeIPRanges | string | The IP ranges in CIDR form to be excluded from redirection to sidecar proxies in the ASM instance. | 172.16.0.0 |
ExcludeOutboundPorts | string | The outbound ports to be excluded from redirection to sidecar proxies in the ASM instance. | 80,81 |
ExcludeInboundPorts | string | The inbound ports to be excluded from redirection to sidecar proxies in the ASM instance. | 80,81 |
Telemetry | boolean | | true |
Edition | object | The information about the edition. | |
Name | string | | Pro |
IstiodImageTag | string | The version of the Istiod image. | v1.9.7.1-3-gb3f1ab3c9c-pro-aliyun |
ProxyImageTag | string | The version of the Istio Proxy image. | v1.9.7.1-3-gb3f1ab3c9c-pro-aliyun |
ProtocolSupport | object | The configurations of protocol support. | |
MysqlFilterEnabled | boolean | Indicates whether MySQL Filter is enabled. Valid values:
| false |
RedisFilterEnabled | boolean | Indicates whether Redis Filter is enabled. Valid values:
| false |
ThriftFilterEnabled | boolean | Indicates whether Thrift Filter is enabled. Valid values:
| false |
DubboFilterEnabled | boolean | Indicates whether Dubbo Filter is enabled. Valid values:
| false |
OutboundTrafficPolicy | string | The outbound traffic policy. Valid values:
ALLOW_ANY : Outbound traffic to all external services is allowed.
REGISTRY_ONLY : Outbound traffic is allowed to only external services that are defined in the service registry of the ASM instance.
| ALLOW_ANY |
Kiali | object | The configurations of mesh topology. | |
Enabled | boolean | Indicates whether mesh topology is enabled. Mesh topology can be enabled only when Prometheus monitoring is enabled. If Prometheus monitoring is disabled, you must set this parameter to false .`` Valid values:
| false |
Url | string | The endpoint of the mesh topology service. | http://1.2.**.**:20001 |
Tracing | boolean | | true |
WebAssemblyFilterDeployment | object | The configurations of WebAssembly Filter. | |
Enabled | boolean | Indicates whether WebAssembly Filter is enabled. Valid values:
| false |
EnableLocalityLB | boolean | Indicates whether the feature that routes traffic to the nearest instance is enabled. Valid values:
| true |
Audit | object | The information about mesh audit. | |
Enabled | boolean | Indicates whether mesh audit is enabled. Valid values:
| true |
Project | string | The name of the Simple Log Service project that is used for mesh audit. | audit-project |
AuditProjectStatus | string | Indicates whether an audit project exists in the ASM instance. Valid values:
audit_project_exist : An audit project exists.
audit_project_not_exist : No audit project exists.
| audit_project_not_exist |
Proxy | object | The proxy configurations. | |
RequestMemory | string | The size of the memory that is requested. | 128Mi |
ClusterDomain | string | | cluster.domain |
LimitMemory | string | The maximum size of the memory. | 1024Mi |
RequestCPU | string | The number of CPU cores that are requested. | 100m |
EnableDNSProxying | boolean | Indicates whether the Domain Name System (DNS) proxy feature is enabled. Valid values:
| false |
LimitCPU | string | The maximum number of CPU cores. | 2000m |
AccessLogServiceEnabled | boolean | Indicates whether gRPC Access Log Service (ALS) for Envoy is enabled. Valid values:
| false |
AccessLogServiceHost | string | The endpoint of gRPC ALS for Envoy. | 0.0.0.0 |
AccessLogServicePort | integer | The port of gRPC ALS for Envoy. | 9999 |
AccessLogFormat | string | The format of the access logs of sidecar proxies. | {"authority_for":"%REQ(:AUTHORITY)%","bytes_received":"%BYTES_RECEIVED%","bytes_sent":"%BYTES_SENT%","downstream_local_address":"%DOWNSTREAM_LOCAL_ADDRESS%","downstream_remote_address":"%DOWNSTREAM_REMOTE_ADDRESS%","duration":"%DURATION%","istio_policy_status":"%DYNAMIC_METADATA(istio.mixer:status)%","method":"%REQ(:METHOD)%","path":"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","protocol":"%PROTOCOL%","request_id":"%REQ(X-REQUEST-ID)%","requested_server_name":"%REQUESTED_SERVER_NAME%","response_code":"%RESPONSE_CODE%","response_flags":"%RESPONSE_FLAGS%","route_name":"%ROUTE_NAME%","start_time":"%START_TIME%","trace_id":"%REQ(X-B3-TRACEID)%","upstream_cluster":"%UPSTREAM_CLUSTER%","upstream_host":"%UPSTREAM_HOST%","upstream_local_address":"%UPSTREAM_LOCAL_ADDRESS%","upstream_service_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_transport_failure_reason":"%UPSTREAM_TRANSPORT_FAILURE_REASON%","user_agent":"%REQ(USER-AGENT)%","x_forwarded_for":"%REQ(X-FORWARDED-FOR)%"} |
AccessLogFile | string | The path to the file that stores the access logs of sidecar proxies. | /dev/stdout |
K8sNewAPIsSupport | object | The information about the Kubernetes API. | |
GatewayAPIEnabled | boolean | Indicates whether Gateway API is enabled. Valid values:
| false |
LocalityLB | object | The configurations of cross-region load balancing. | |
Enabled | boolean | Indicates whether cross-region load balancing is enabled. Valid values:
| false |
Failover | object | The configurations of cross-region failover.
Note
Either Failover or Distribute can be set. If you set Failover , you cannot set Distribute .
| {"failover":[{"from":"cn-hangzhou","to":"cn-shanghai"}]} |
Distribute | object | The configurations of cross-region traffic distribution.
Note
Either Failover or Distribute can be set. If you set Distribute , you cannot set Failover.
| [{"from":"cn-shanghai","to":{"cn-hangzhou/*":50,"cn-shanghai/*":25,"cn-zhangjiakou/*":25}},{"from":"cn-hangzhou","to":{"cn-hangzhou/*":50,"cn-shanghai/*":25,"cn-zhangjiakou/*":25}}] |
ControlPlaneLogInfo | object | The configurations of control-plane log collection. | |
Enabled | boolean | Indicates whether the collection of control plane logs is enabled. Valid values:
| false |
Project | string | The name of the Simple Log Service project that stores control plane logs. | mesh-log-cbeb85a09161b4a26ab73e0ac**** |
LogTTL | integer | The time to live (TTL) of the collected control-plane logs. Unit: day. | 30 |
command | array | The executed commands. The value is a string that consists of JSON arrays. | |
| string | | sleep 3s |
command | array | The executed commands. The value is a string that consists of JSON arrays. | |
| string | | sleep 3s |
Clusters | array | | |
| string | | ["caf089e56daba4c51a8906fe43ea1****","c80f45444b3da447da60a911390c2****"] |
ClusterSpec | string | The specification of the ASM instance. Valid values:
standard : Standard Edition
enterprise : Enterprise Edition
ultimate : Ultimate Edition
| standard |
OwnerType | string | The Alibaba Cloud service for which the ASM instance is created. Valid values:
ackone : The ASM instance is created for Alibaba Cloud Distributed Cloud Container Platform (ACK One).
- An empty value indicates that the ASM instance is created by the user.
| ackone |
OwnerId | string | The ID of the Alibaba Cloud service instance for which the ASM instance is created. | cc3e96f249d124eb38b72718ec5***** |