All Products
Search
Document Center

Alibaba Cloud Service Mesh:Use ASM to manage applications in ECI-based pods running on virtual nodes of ACK clusters

Last Updated:Oct 26, 2023

Container Service for Kubernetes (ACK) provides various serverless containers based on virtual nodes and Elastic Container Instance (ECI). For example, virtual nodes can be deployed in ACK clusters to enable seamless integration between Kubernetes and ECI. You can create ECI-based pods as needed to avoid the planning of cluster capacity. This topic describes how to use Service Mesh (ASM) to manage applications in ECI-based pods that run on the virtual nodes of ACK clusters.

Prerequisites

Step 1: Enable automatic sidecar proxy injection for a namespace

After you enable automatic sidecar injection for a namespace in the ASM console, an Envoy proxy is automatically injected as a sidecar into each pod that is created in the namespace. These Envoy proxies comprise the data plane of the ASM instance.

In this example, automatic sidecar proxy injection is enabled for the default namespace and the vk namespace. For more information, see Manage global namespaces.

Step 2: Create ECI-based pods for an application

Note

After an application is deployed in a pod that runs on an elastic container instance, ASM can manage the application on the data plane by using sidecars.

Method 1: Use a pod label to create ECI-based pods

Add the alibabacloud.com/eci=true label to the application pod that you want to create. This way, the pod is scheduled to an elastic container instance that serves as a virtual node.

  1. Run the following command to check whether the istio-injection=enabled label is added to the default namespace:

    kubectl get ns default --show-labels

    Expected output:

    NAME      STATUS   AGE   LABELS
    default   Active   16d   istio-injection=enabled,kubernetes.io/metadata.name=default,provider=asm
  2. Run the following command to deploy the NGINX application:

    kubectl run nginx -n default --image nginx -l alibabacloud.com/eci=true

    Expected output:

    pod/nginx created
  3. Run the following command to view the information about the pod that runs on the virtual node:

    kubectl get pod -n default -o wide|grep virtual-kubelet

    Expected output:

    nginx                             2/2     Running            0              8m49s    192.168.XXX.XXX   virtual-kubelet-cn-beijing-i   <none>           <none>

Method 2: Use a namespace label to create ECI-based pods

Add the alibabacloud.com/eci=true label to the namespace to which the application pod that you want to create belongs. This way, the pod is scheduled to an elastic container instance that servers as a virtual node.

  1. Run the following command to check whether the istio-injection=enabled label is added to the vk namespace:

    kubectl get ns vk --show-labels

    Expected output:

    NAME   STATUS   AGE   LABELS
    vk     Active   96m   istio-injection=enabled,kubernetes.io/metadata.name=vk,provider=asm
  2. Run the following command to add a label to the vk namespace:

    kubectl label namespace vk alibabacloud.com/eci=true

    Expected output:

    namespace/vk labeled
  3. Run the following command to deploy the NGINX application:

    kubectl -n vk run nginx --image nginx

    Expected output:

    pod/nginx created
  4. Run the following command to view the information about the pod that runs on the virtual node:

    kubectl -n vk get pod -o wide|grep virtual-kubelet

    Expected output:

    nginx   2/2     Running   0          38s   192.168.XXX.XXX   virtual-kubelet-cn-beijing-i   <none>           <none>