Creates an Alibaba Cloud Service Mesh (ASM) instance.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
RegionId String Yes cn-hangzhou

The ID of the region where the ASM instance resides.

VpcId String Yes vpc-xzelac2tw4ic7wz31****

The ID of the virtual private cloud (VPC).

VSwitches String Yes ["vsw-xzegf5dndkbf4m6eg****"]

The ID of the vSwitch.

IstioVersion String No v1.5.4.1-g5960ec40-aliyun

The Istio version of the ASM instance.

Name String No mesh1

The name of the ASM instance.

ApiServerPublicEip Boolean No false

Specifies whether to expose the API server to the Internet. Valid values:

  • true: exposes the API server to the Internet.
  • false: does not expose the API server to the Internet.

Default value: false.

If you do not expose the API server to the Internet, the API server of the clusters cannot be accessed from the Internet.

PilotPublicEip Boolean No false

Specifies whether to expose Istio Pilot to the Internet. Valid values:

  • true: exposes Istio Pilot to the Internet.
  • false: does not expose Istio Pilot to the Internet.

Default value: false.

If you do not expose Istio Pilot to the Internet, only the clusters in the same VPC as the ASM instance can access Istio Pilot of the ASM instance.

Tracing Boolean No false

Specifies whether to enable the tracing feature. To enable this feature, make sure that you have activated Tracing Analysis. Valid values:

  • true: enables the tracing feature.
  • false: does not enable the tracing feature.

Default value: false.

TraceSampling Float No 100

The sampling percentage of tracing.

LocalityLoadBalancing Boolean No false

Specifies whether to route traffic to the nearest instance. Valid values:

  • true: routes traffic to the nearest instance.
  • false: does not route traffic to the nearest instance.

Default value: false.

Telemetry Boolean No false

Specifies whether to enable Prometheus monitoring. We recommend that you use Prometheus Service of Application Real-Time Monitoring Service (ARMS). Valid values:

  • true: enables Prometheus monitoring.
  • false: does not enable Prometheus monitoring.

Default value: false.

EnableAudit Boolean No false

Specifies whether to enable the mesh audit feature. To enable this feature, make sure that you have activated Log Service. Valid values:

  • true: enables the mesh audit feature.
  • false: does not enable the mesh audit feature.

Default value: false.

AuditProject String No mesh-log-xxxx

The name of the Log Service project that is used for mesh audit.

Default value: mesh-log-{ASM instance ID}.

OpenAgentPolicy Boolean No false

Specifies whether to install the Open Policy Agent (OPA) plug-in. Valid values:

  • true: installs the OPA plug-in.
  • false: does not install the OPA plug-in.

Default value: false.

OPARequestCPU String No 1

The number of CPU cores that are requested by OPA.

OPARequestMemory String No 512Mi

The size of the memory that is requested by OPA.

OPALimitCPU String No 2

The maximum number of CPU cores that are available to OPA.

OPALimitMemory String No 1024Mi

The maximum size of the memory that is available to OPA.

OPALogLevel String No info

The log level of OPA.

  • info: collects all information.
  • debug: collects debugging and error information.
  • error: collects only error information.
CustomizedZipkin Boolean No false

Specifies whether to enable a custom Zipkin system. Valid values:

  • true: enables a custom Zipkin system.
  • false: does not enable a custom Zipkin system.

Default value: false.

LocalityLBConf String No null

The configurations for the access to the nearest instance.

ProxyRequestCPU String No 100m

The number of CPU cores that are requested by the proxy container.

ProxyRequestMemory String No 128Mi

The size of the memory that is requested by the proxy container.

ProxyLimitCPU String No 2000m

The maximum number of CPU cores that are available to the proxy container.

ProxyLimitMemory String No 1024Mi

The maximum size of the memory that is available to the proxy container.

IncludeIPRanges String No *

The IP addresses that are denied to access external services.

ExcludeIPRanges String No 100.100.100.100

The IP addresses that are allowed to access external services.

ExcludeOutboundPorts String No 80,81

The outbound ports. Separate multiple port numbers with commas (,).

ExcludeInboundPorts String No 80,81

The inbound ports. Separate multiple port numbers with commas (,).

OpaEnabled Boolean No false

Specifies whether to enable the OPA plug-in. Valid values:

  • true: enables the OPA plug-in.
  • false: does not enable the OPA plug-in.

Default value: false.

KialiEnabled Boolean No false

Specifies whether to enable Kiali. To enable Kiali, make sure that Prometheus monitoring is enabled. If Prometheus monitoring is disabled, the value of this parameter must be false. Valid values:

  • true: enables Kiali.
  • false: does not enable Kiali.

Default value: false.

AccessLogEnabled Boolean No false

Specifies whether to enable access log collection. Valid values:

  • true: enables access log collection.
  • false: does not enable access log collection.

Default value: false.

CustomizedPrometheus Boolean No false

Specifies whether to use a custom Prometheus instance. Valid values:

  • true: uses a custom Prometheus instance.
  • false: does not use a custom Prometheus instance.

Default value: false.

PrometheusUrl String No http://prometheus:9090

The endpoint of the custom Prometheus instance.

RedisFilterEnabled Boolean No false

Specifies whether to enable Redis Filter. Valid values:

  • true: enables Redis Filter.
  • false: does not enable Redis Filter.

Default value: false.

MysqlFilterEnabled Boolean No false

Specifies whether to enable MySQL Filter. Valid values:

  • true: enables MySQL Filter.
  • false: does not enable MySQL Filter.

Default value: false.

ThriftFilterEnabled Boolean No false

Specifies whether to enable Thrift Filter. Valid values:

  • true: enables Thrift Filter.
  • false: does not enable Thrift Filter.

Default value: false.

WebAssemblyFilterEnabled Boolean No false

Specifies whether to enable WebAssembly Filter. Valid values:

  • true: enables WebAssembly Filter.
  • false: does not enable WebAssembly Filter.

Default value: false.

MSEEnabled Boolean No false

Specifies whether to enable Microservice Engine (MSE). Valid values:

  • true: enables MSE.
  • false: does not enable MSE.

Default value: false.

DNSProxyingEnabled Boolean No false

Specifies whether to enable DNS Proxying. Valid values:

  • true: enables DNS Proxying.
  • false: does not enable DNS Proxying.

Default value: false.

Edition String No Pro

The edition of the ASM instance. Valid values:

  • Default: Standard Edition.
  • Pro: Professional Edition.

Default value: Default.

ConfigSourceEnabled Boolean No false

Specifies whether to enable a service registry. Valid values:

  • true: enables a service registry.
  • false: does not enable a service registry.

Default value: false.

ConfigSourceNacosID String No mse-cn-tl326******

The instance ID of the Nacos registry.

DubboFilterEnabled Boolean No false

Specifies whether to enable Dubbo Filter. Valid values:

  • true: enables Dubbo Filter.
  • false: does not enable Dubbo Filter.

Default value: false.

FilterGatewayClusterConfig Boolean No false

Specifies whether to enable gateway configuration filtering. Valid values:

  • true: enables gateway configuration filtering.
  • false: does not enable gateway configuration filtering.

Default value: false.

EnableSDSServer Boolean No false

Specifies whether to enable Secret Discovery Service (SDS). Valid values:

  • true: enables SDS.
  • false: does not enable SDS.

Default value: false.

AccessLogServiceEnabled Boolean No false

Specifies whether to enable gRPC Access Log Service (ALS). Valid values:

  • true: enables gRPC ALS.
  • false: does not enable gRPC ALS.

Default value: false.

AccessLogServiceHost String No 0.0.0.0

The endpoint of gRPC ALS.

AccessLogServicePort Integer No 9999

The port of gRPC ALS.

GatewayAPIEnabled Boolean No false

Specifies whether to enable Gateway API. Valid values:

  • true: enables Gateway API.
  • false: does not enable Gateway API.

Default value: false

ControlPlaneLogEnabled Boolean No false

Specifies whether to collect the logs of the control plane. Valid values:

  • true: collects the logs of the control plane.
  • false: does not collect the logs of the control plane.

Default value: false

ControlPlaneLogProject String No mesh-log-c78d60f98fa43403ab6e0701b26******

The name of the log project for the control plane.

AccessLogFormat String No null

The custom format of access logs. To set this parameter, you must enable access log collection. Otherwise, you cannot set this parameter. The value must be a JSON string and contain the following key values: authority_for, bytes_received, bytes_sent, downstream_local_address, downstream_remote_address, duration, istio_policy_status, method, path, protocol, requested_server_name, response_code, response_flags, route_name, start_time, trace_id, upstream_cluster, upstream_host, upstream_local_address, upstream_service_time, upstream_transport_failure_reason, user_agent, and x_forwarded_for.

Response parameters

Parameter Type Example Description
RequestId String BD65C0AD-D3C6-48D3-8D93-38D2015C****

The ID of the request.

ServiceMeshId String c08ba3fd1e6484b0f8cc1ad8fe10d****

The ID of the ASM instance.

Examples

Sample requests

http(s)://[Endpoint]/?Action=CreateServiceMesh
&RegionId=cn-hangzhou
&VpcId=vpc-xzelac2tw4ic7wz31****
&VSwitches=["vsw-xzegf5dndkbf4m6eg****"]
&<Common request parameters>

Sample success responses

XML format

<RequestId>BD65C0AD-D3C6-48D3-8D93-38D2015C****</RequestId>
<ServiceMeshId>c08ba3fd1e6484b0f8cc1ad8fe10d****</ServiceMeshId>

JSON format

{
    "RequestId": "BD65C0AD-D3C6-48D3-8D93-38D2015C****",
    "ServiceMeshId": "c08ba3fd1e6484b0f8cc1ad8fe10d****"
}

Error codes

HttpCode Error code Error message Description
404 ERR404 Not found The requested resource does not exist.

For a list of error codes, visit the API Error Center.