Service mesh name |
The name of the ASM instance. |
Spec |
The edition of the ASM instance. Valid values: Standard Edition, Enterprise Edition, and Ultimate Edition. For more information about the features of each edition, see the "Instance types"
section of the Instance editions topic.
|
Region |
The region in which the ASM instance resides. |
Payment type |
The billing method of the ASM instance. Valid values: Pay as you go and Subscription. If you set this parameter to Subscription, you must set the following parameters:
Note If you set the Payment type parameter to Subscription, only the internal-facing SLB instances of the Istio control plane and API server
are billed in subscription mode. The EIPs of the ASM instance and API server are still
billed in pay-as-you-go mode.
- Purchase time: the subscription period. Valid values: 1 month, 2 months, 3 months, 6 months, 1
year, 2 years, and 3 years.
- Automatic renewal: specifies whether to enable auto-renewal.
|
Istio Version |
The Istio version. |
VPC |
The VPC of the ASM instance. You can click Create VPC to create a VPC. For more information, see Create and manage a VPC.
|
vSwitch |
The vSwitch of the ASM instance. You can click Create vSwitch to create a vSwitch. For more information, see Work with vSwitches.
|
Istio control plane access |
The SLB instance that is used to control access to the Istio control plane. |
API Server access |
The SLB instance that is used to control access to the API server. You can specify
whether to enable access to the API server by using an EIP.
- If you select Use EIP to expose API Server, an EIP is created and associated with
the internal-facing SLB instance. Then, you can use the kubeconfig file to connect
to and manage the ASM instance over the Internet.
- If you clear Use EIP to expose API Server, no EIP is created. You can use the kubeconfig
file to connect to and manage the ASM instance only in the VPC.
|
Observability |
Specifies whether to enable Tracing Analysis for the ASM instance.
ASM integrates with Tracing Analysis. Tracing Analysis provides a wide range of tools
to help you efficiently identify the performance bottlenecks of distributed applications.
For example, you can use these tools to map traces, display trace topologies, analyze
application dependencies, and count the number of requests. This helps you improve
the efficiency of developing and troubleshooting distributed applications. For more
information about Tracing Analysis, see Use Tracing Analysis to trace applications inside and outside an ASM instance.
Note Before you enable Tracing Analysis, make sure that you have activated Tracing Analysis
in the Tracing Analysis console.
|
Specifies whether to enable Prometheus Service (Prometheus) for the ASM instance.
For more information about Prometheus, see Monitor service meshes based on ARMS Prometheus and Deploy a self-managed Prometheus instance to monitor ASM instances.
|
Specifies whether to enable Kiali for ASM.
Kiali for ASM is a tool that is used to observe ASM instances. This tool provides
a GUI that allows you to view services and configurations. Kiali for ASM is a built-in
tool in ASM instances whose Istio version is 1.7.5.25 or later. For more information,
see Enable Kiali for ASM to observe an ASM instance in the ASM console.
|
Specifies whether to enable collection of access logs. If access logs are collected,
you can use Log Service to view the access logs of ingress gateway services.
For more information about access logs, see Use Log Service to collect logs of ingress gateways on the data plane and Use Log Service to collect access logs of the data plane.
|
Specifies whether to enable collection of control plane logs.
ASM can collect logs of the control plane and generate alerts based on the logs. For
example, ASM can collect logs related to configuration push from the control plane
to the sidecar proxies on the data plane. For more information, see Enable collection of control plane logs and control plane alerting.
|
Mesh Audit |
Specifies whether to enable the mesh audit feature.
You can enable the mesh audit feature to record and trace the operations of users.
This is an important O&M feature that ensures cluster security.
For more information about the mesh audit feature, see Use the KubeAPI operation audit feature in ASM.
|
Resource configuration |
Specifies whether to enable version control for custom Istio resources.
When you update fields in the spec block of an Istio resource, ASM records the resource version before the update. ASM
stores up to five latest versions. For more information about how to roll back an
Istio resource to an earlier version, see Roll back an Istio resource to an earlier version.
|
Specifies whether to allow access to Istio resources by using the Kubernetes API of
clusters on the data plane.
ASM allows you to create, delete, modify, and query Istio resources by using the Kubernetes
API of clusters on the data plane. For more information, see Use the Kubernetes API of clusters on the data plane to access Istio resources.
|
Cluster Domain |
The cluster domain for the ASM instance. Default value: cluster.local. You can add
only Kubernetes clusters that share the same cluster domain with the ASM instance
to the ASM instance.
Note You can set this parameter only if the Istio version of the ASM instance is 1.6.4.5
or later. Otherwise, this parameter is unavailable.
|