After you add a cluster to a Service Mesh (ASM) instance, you can use ASM features such as traffic management, fault handling, unified monitoring, and Log Management. These features enhance system reliability and security, help you manage and monitor service interactions, and improve service observability.
Prerequisites
An ACK cluster is created. For more information, see Create an ACK managed cluster.
The cluster that you want to add and the ASM instance must be in the same Virtual Private Cloud (VPC). To add a cluster from a different VPC, connect the VPCs using Cloud Enterprise Network (CEN).
The Gateway API component is installed in the ACK cluster. For more information, see Manage cluster components.
Add a cluster with VPC network connectivity to an ASM instance
Clusters with VPC network connectivity include the following:
The cluster and the ASM instance are in the same VPC.
The cluster and the ASM instance are in different VPCs, but their networks are connected using a method such as CEN.
Procedure
Log on to the ASM console. In the left-side navigation pane, choose .
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose . On the page that appears, click Add.
On the Add Kubernetes Cluster page, select the cluster that you want to add, and then click OK.
If your application runs on a single cluster or on multiple clusters in the same VPC, first click Filter Clusters In The Same VPC As The Mesh. Then, select the target cluster from the list.
Ensure that the proxy containers in the cluster can access the Istio Pilot address that is exposed by the ASM instance. If the ASM instance does not expose a public IP address for Istio Pilot, you must ensure that the address is accessible over the VPC.
In the Important dialog box, click OK.
After you add the cluster, the Status of the ASM instance on the page changes to Updating. After a few moments, click Refresh in the upper-right corner of the page. The time required depends on the number of clusters that you add. The Status of the ASM instance changes to Running. You can view information about the added cluster on the Kubernetes Clusters page.
If a cluster in the ASM instance is no longer needed, you can remove it from the instance. On the Kubernetes Clusters page, select the cluster that you want to remove, click Remove, and then click OK in the Confirm dialog box.
Once removed, the cluster will no longer be managed by this Service Mesh. Proceed with caution.
Add a cluster without network connectivity to an ASM instance
ASM provides three methods to add a cluster without network connectivity to an ASM instance:
Method 1: Use CEN to connect VPCs
Use CEN to connect the VPC where the ASM instance resides to the VPC where the cluster resides. For more information, see Use an Enterprise Edition transit router to enable secure traffic access.
Method 2: Use PrivateLink to connect VPCs
For more information, see Use PrivateLink to connect control plane and data plane clusters across VPCs.
Method 3: Use a public connection to establish network connectivity
Ensure that public network access is enabled for the Kubernetes cluster and that public network access is enabled for the ASM control plane. For more information, see Attach or detach an EIP for an ASM control plane.
After you ensure that the networks are connected, add the cluster to the ASM instance.
References
To add an ACK cluster to an ASM instance using an API, see Add a cluster to a service mesh.
If your application needs a unified public or internal entry point, you can deploy an ASM ingress gateway in the Kubernetes cluster. For more information, see Create an ingress gateway.
To distribute traffic between different versions of a service based on specified ratios, see Manage east-west traffic in a cluster using Waypoint and virtual services.
To visualize service dependencies and traffic flows among applications, services, and their different versions, you can use the ASM Mesh Topology feature.