You can connect Spring Cloud service applications to Alibaba Cloud Service Mesh (ASM) so that you can use cloud-native service governance capabilities to manage Spring Cloud services without modifying the service code. This topic describes how to use ASM to manage Spring Cloud services.
Prerequisites
- An ASM instance of Enterprise Edition or Ultimate Edition is created. For more information, see Create an ASM instance.
- An ACK managed cluster is created. For more information, see Create an ACK managed cluster.
- The cluster is added to the ASM instance. For more information, see Add a cluster to an ASM instance.
Background information
Spring Cloud is a standard with different implementations, such as Spring Cloud Netflix, Spring Cloud Alibaba, and Spring Cloud Consul. For ASM, the core difference among Spring Cloud implementations lies in the service registries. The following table describes whether ASM supports migration between Spring Cloud implementations.
Spring Cloud implementation | Service registry | Whether migration is supported without code modification |
---|---|---|
Spring Cloud Alibaba | Microservice Engine (MSE) Nacos (an Alibaba Cloud service) | Yes |
Spring Cloud Alibaba | Self-managed Nacos | Yes |
Spring Cloud Netflix | Eureka | Supported. The version of the ASM instance must be 1.13.4.53 or later. |
Spring Cloud Consul | Consul | Supported. The version of the ASM instance must be 1.13.4.53 or later. |
Spring Cloud Zookeeper | Zookeeper | Supported. The version of the ASM instance must be 1.13.4.53 or later. |
Demo introduction
In this example, Spring Cloud with the Nacos registry is used. You can download the demo sample code from the nacos-examples directory on GitHub.
Spring Cloud services include a consumer service and a provider service. The provider service has two versions: V1 and V2. Both versions of the provider service are registered with the Nacos registry. The consumer service obtains the endpoints of the two versions of the provider service from the Nacos registry and sends requests to the endpoints in a load balancing manner. The consumer service exposes port 8080 and provides an echo interface. After the requests are forwarded to the provider service, the provider service returns corresponding responses, and then the consumer service delivers the responses. Different versions of the provider service return different responses.
- The provider service of V1 responds to an echo request with the following information:
Hello Nacos Discovery From v1xxx
. - The provider service of V2 responds to an echo request with the following information:
Hello Nacos Discovery From v2xxx
.
The 
xxx
string in a response indicates the specific parameter in the corresponding echo request. For example, if the /echo/world request is sent to the provider service of V1, the Hello Nacos Discovery From v1world
response is returned. 
If the consumer and provider services are not deployed in ASM instances, that is, sidecar injection is not enabled for the service pods, you can access the services but you cannot manage the services by using Istio resources.
Step 1: Enable support for Spring Cloud on the ASM control plane
Method 1: Applicable to all Spring Cloud implementations and registries
Note The version of the ASM instance must be 1.13.4.32 or later.
- Use kubectl to connect to the ASM instance. For more information, see Use kubectl to connect to an ASM instance.
- Create an Envoy filter in the Alibaba Cloud Container Service for Kubernetes (ACK) cluster that is added to the ASM instance. Use the Envoy filter to enable
com.aliyun.reverse_dns filter
for the service.
Method 2: Applicable to only Nacos registries
- Use kubectl to connect to the ASM instance. For more information. see Use kubectl to connect to an ASM instance.
- Create a service entry.
- Create an Envoy filter.
Step 2: Deploy Spring Cloud services in an ACK cluster
Note
- Make sure that an Envoy filter is created before you create deployments so as to intercept the registration process. If specific deployments are created before you create the Envoy filter, you must enable rolling update for the deployments.
- For Spring Cloud services, you must create Kubernetes service resources and provide a cluster IP address.
- Use kubectl to connect to the ACK cluster. For more information, see Connect to ACK clusters by using kubectl.
- Run the following command to deploy Spring Cloud services:
export NACOS_ADDRESS=xxxx # Replace xxxx with the endpoint of the MSE Nacos registry or a self-managed Nacos registry. We recommend that you use a virtual private cloud (VPC) endpoint. wget https://alibabacloudservicemesh.oss-cn-beijing.aliyuncs.com/asm-labs/springcloud/demo.yaml -O demo.yaml sed -e "s/NACOS_SERVER_CLUSTERIP/$NACOS_ADDRESS/g" demo.yaml |kubectl apply -f -
- Run the following command to check the Spring Cloud services:
kubectl get pods
Expected output:
consumer-bdd464654-jn8q7 2/2 Running 0 25h provider-v1-66bc67fb6d-46pgl 2/2 Running 0 25h provider-v2-76568c45f6-85z87 2/2 Running 0 25h
Step 3: Create an Istio gateway and a virtual service
- Use kubectl to connect to the ASM instance. For more information, see Use kubectl to connect to an ASM instance.
- Create an Istio gateway.
- Create a virtual service.
Step 4: Check whether ASM can manage the Spring Cloud services
- Query the IP address of the ingress gateway.
- Log on to the ASM console. In the left-side navigation pane, choose .
- On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose .
- On the Ingress Gateway page, view the IP address of the ingress gateway in the Kubernetes Service column.
- Run the following command to initiate requests from the ingress gateway to the Spring Cloud consumer service:
curl <IP address of the ingress gateway>/echo/world
Expected output:
The output shows that traffic is routed to V1 and V2 of the provider service in polling mode by default.Hello Nacos Discovery From v1world Hello Nacos Discovery From v2world Hello Nacos Discovery From v1world Hello Nacos Discovery From v2world
- Create a destination rule and a virtual service.
- Run the following command to initiate requests to the Spring Cloud consumer service:
curl <IP address of the ingress gateway>/echo/hello
Expected output:
The output shows thatHello Nacos Discovery From v1hello Hello Nacos Discovery From v1hello
/echo/hello
requests are routed to the provider service of V1 and other requests are routed to the provider service of V2. This indicates that Spring Cloud traffic is taken over by Istio and Custom Resource Definitions (CRDs) provided by Istio can be used to configure routing rules. In this case, ASM can manage the Spring Cloud services.
FAQ
What do I do if the Spring Cloud services that I deployed do not take effect?
- Check whether traffic blocking is enabled for the port or IP address of Nacos.
- If you use reverse DNS lookup, you must block the IP address of the pod.
- If you use Lua scripts, you must block the Nacos server IP address and cluster IP address.
- Make sure that an Envoy filter is created before you create deployments so as to intercept the registration process. If specific deployments are created before you create the Envoy filter, you must enable rolling update for the deployments.
- Check whether you have created Kubernetes service resources and provided a cluster IP address for the Spring Cloud services.
- Make sure that the client SDK of Nacos is of a version earlier than 2.0. The client SDK of V2.0 or later uses gRPC to connect to the server, which is beyond the application scope of the solution provided in this topic.
- Check the sidecar version of the services. If the sidecar image version is earlier than 1.13.4.32, you may have updated only the control plane of the ASM instance but not updated the data plane. In this case, enable rolling update for the deployments of the services.