Preparations for implementing L7 routing capabilities - Alibaba Cloud Service Mesh

Layer 7 routing supports multiple capabilities, such as URI path matching and request header matching. This topic describes the preparations for implementing capabilities related to Layer 7 routing.

Prerequisites

Create an ASM Enterprise instance and select Enable Ambient Mesh Mode. For more information, see Create an ASM instance.
Create a Kubernetes cluster that meets the requirements for Kubernetes clusters and configurations. For more information, see Create an ACK dedicated cluster (no longer available for new users) or Create an ACK managed cluster.
Add a cluster to the ASM instance.
You have downloaded the ASM debugging tool, istioctl, based on your operating system and platform. For more information, see Istio.

Step 1: Set the data plane mode to Ambient Mesh

Set the data plane mode of the global namespace named default to Ambient Mesh.

Log on to the ASM console. In the left-side navigation pane, choose Service Mesh > Mesh Management.
On the Mesh Management page, click the name of the ASM instance. In the left-side navigation pane, choose ASM Instance > Global Namespace.
On the Global Namespace page, find the default namespace and click Switch to Ambient Mesh Mode in the Dataplane Mode column. In the Submit message, click OK.

Step 2: Enable Waypoint for the default namespace

In Ambient mode, Layer 7 features depend on Waypoint. This step enables Waypoint for all services in the default namespace.

Create a Gateway resource. ASM creates a Waypoint proxy based on this resource.

kubectl apply -f - <<EOF
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: waypoint
spec:
  gatewayClassName: istio-waypoint
  listeners:
  - name: mesh
    port: 15008
    protocol: HBONE
EOF

Enable Waypoint for all services in the default namespace.

kubectl label namespace default istio.io/use-waypoint=waypoint --overwrite

Step 3: Deploy services in the data plane cluster

Deploy the helloworld, sleep, HTTPBin, NGINX, or mocka services as needed.

Deploy the helloworld service

Use the following content to create a helloworld-application.yaml file.

Expand to view the helloworld-application.yaml file

apiVersion: v1
kind: Service
metadata:
  name: helloworld
  labels:
    app: helloworld
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: helloworld
  labels:
    account: helloworld
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloworld-v1
  labels: 
    apps: helloworld
    version: v1
spec:
  replicas: 1
  selector:
    matchLabels:
      app: helloworld
      version: v1
  template:
    metadata:
      labels:
        app: helloworld
        version: v1
    spec:
      serviceAccount: helloworld
      serviceAccountName: helloworld
      containers:
      - name: helloworld
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-helloworld-v1:1.0
        imagePullPolicy: IfNotPresent 
        ports:
        - containerPort: 5000
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloworld-v2
  labels: 
    apps: helloworld
    version: v2
spec:
  replicas: 1
  selector:
    matchLabels:
      app: helloworld
      version: v2
  template:
    metadata:
      labels:
        app: helloworld
        version: v2
    spec:
      serviceAccount: helloworld
      serviceAccountName: helloworld
      containers:
      - name: helloworld
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-helloworld-v2:1.0
        imagePullPolicy: IfNotPresent 
        ports:
        - containerPort: 5000
---
apiVersion: v1
kind: Service
metadata:
  name: helloworld-v1
  labels:
    app: helloworld-v1
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
    version: v1
---
apiVersion: v1
kind: Service
metadata:
  name: helloworld-v2
  labels:
    app: helloworld-v2
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
    version: v2

Deploy the helloworld application.

kubectl apply -f helloworld-application.yaml

Deploy the sleep service

Create a sleep-application.yaml file.

Expand to view the sleep-application.yaml file

apiVersion: v1
kind: ServiceAccount
metadata:
  name: sleep
---
apiVersion: v1
kind: Service
metadata:
  name: sleep
  labels:
    app: sleep
    service: sleep
spec:
  ports:
  - port: 80
    name: http
  selector:
    app: sleep
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: sleep
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sleep
  template:
    metadata:
      labels:
        app: sleep
    spec:
      terminationGracePeriodSeconds: 0
      serviceAccountName: sleep
      containers:
      - name: sleep
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/curl:asm-sleep
        command: ["/bin/sleep", "3650d"]
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /etc/sleep/tls
          name: secret-volume
      volumes:
      - name: secret-volume
        secret:
          secretName: sleep-secret
          optional: true

Deploy the sleep application.
```
kubectl apply -f sleep-application.yaml
```

Deploy the HTTPBin service

Create an httpbin-application.yaml file.

Expand to view the httpbin-application.yaml file

apiVersion: v1
kind: ServiceAccount
metadata:
  name: httpbin
---
apiVersion: v1
kind: Service
metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpbin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/httpbin:0.1.0
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80

Deploy the httpbin application.

kubectl apply -f httpbin-application.yaml

Deploy the NGINX service

You can create an NGINX application.

Expand to view the nginx.yaml file

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  ports:
    - name: http
      port: 8000
      protocol: TCP
      targetPort: 80
  selector:
    app: nginx
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      serviceAccountName: nginx
      containers:
        - image: 'registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/nginx:1.28.0'
          imagePullPolicy: IfNotPresent
          name: nginx
          ports:
            - containerPort: 80
              protocol: TCP
          resources:
            limits:
              cpu: 500m
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File

Deploy the nginx application.
```
kubectl apply -f nginx.yaml
```

Deploy the mocka service

Create a mocka-application.yaml file.

Expand to view the mocka-application.yaml file

apiVersion: v1
kind: ServiceAccount
metadata:
  name: mocka
  namespace: default
---
apiVersion: v1
kind: Service
metadata:
  name: mocka
  labels:
    app: mocka
    service: mocka
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mocka-v1
  labels:
    app: mocka
    version: v1
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mocka
      version: v1
      ASM_TRAFFIC_TAG: v1
  template:
    metadata:
      labels:
        app: mocka
        version: v1
        ASM_TRAFFIC_TAG: v1
    spec:
      serviceAccountName: mocka
      containers:
      - name: default
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/asm-gobin:1.0.0
        imagePullPolicy: IfNotPresent
        env:
        - name: version
          value: v1
        - name: app
          value: mocka
        ports:
        - containerPort: 8000
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mocka-v2
  labels:
    app: mocka
    version: v2
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mocka
      version: v2
      ASM_TRAFFIC_TAG: v2
  template:
    metadata:
      labels:
        app: mocka
        version: v2
        ASM_TRAFFIC_TAG: v2
    spec:
      serviceAccountName: mocka
      containers:
      - name: default
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/asm-gobin:1.0.0
        imagePullPolicy: IfNotPresent
        env:
        - name: version
          value: v2
        - name: app
          value: mocka
        ports:
        - containerPort: 8000
---
apiVersion: v1
kind: Service
metadata:
  name: mocka-v1
  labels:
    app: mocka
    service: mocka
    version: v1
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
    version: v1
---
apiVersion: v1
kind: Service
metadata:
  name: mocka-v2
  labels:
    app: mocka
    service: mocka
    version: v2
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
    version: v2

Deploy the mocka application.
```
kubectl apply -f mocka-application.yaml
```