ASMExtensionProvider is a Custom Resource Definition (CRD) that configures telemetry backends for Alibaba Cloud Service Mesh (ASM). Each ASMExtensionProvider resource maps to a backend service such as Zipkin, OpenTelemetry, or an Envoy file-based access logger.
To activate a provider, reference it by name in a Telemetry CRD.
Before you begin
The provider
namemust correspond to a Kubernetes service accessible within the mesh. For external services, register them through a ServiceEntry first.The
servicefield uses the fully qualified domain name (FQDN) format:<service-name>.<namespace>.svc.cluster.local. To reference a service in a different namespace, include the namespace in the FQDN.
Examples
Report traces to Zipkin
apiVersion: istio.alibabacloud.com/v1
kind: ASMExtensionProvider
metadata:
name: zipkin
spec:
zipkin:
port: 8090
service: zipkin.istio-system.svc.cluster.localCustomize the Envoy access log format
Define a custom JSON log format for Envoy proxy access logs and output them to stdout:
apiVersion: istio.alibabacloud.com/v1
kind: ASMExtensionProvider
metadata:
name: envoy
spec:
envoyFileAccessLog:
logFormat:
text: '{"bytes_received":"%BYTES_RECEIVED%","bytes_sent":"%BYTES_SENT%","downstream_local_address":"%DOWNSTREAM_LOCAL_ADDRESS%","downstream_remote_address":"%DOWNSTREAM_REMOTE_ADDRESS%","duration":"%DURATION%","istio_policy_status":"%DYNAMIC_METADATA(istio.mixer:status)%","method":"%REQ(:METHOD)%","path":"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","protocol":"%PROTOCOL%","request_id":"%REQ(X-REQUEST-ID)%","requested_server_name":"%REQUESTED_SERVER_NAME%","response_code":"%RESPONSE_CODE%","response_flags":"%RESPONSE_FLAGS%","route_name":"%ROUTE_NAME%","start_time":"%START_TIME%","trace_id":"%REQ(X-B3-TRACEID)%","upstream_cluster":"%UPSTREAM_CLUSTER%","upstream_host":"%UPSTREAM_HOST%","upstream_local_address":"%UPSTREAM_LOCAL_ADDRESS%","upstream_service_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_response_time":"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_transport_failure_reason":"%UPSTREAM_TRANSPORT_FAILURE_REASON%","user_agent":"%REQ(USER-AGENT)%","x_forwarded_for":"%REQ(X-FORWARDED-FOR)%","authority_for":"%REQ(:AUTHORITY)%"}'
path: /dev/stdoutThe format string uses Envoy command operators such as %RESPONSE_CODE% and %DURATION%. Include only the fields relevant to your use case. The example above is a comprehensive template.
Route traces to different backends per cluster
Use an aggregate provider to send tracing data from specific clusters to designated backends. In the following example, cluster-a reports traces to Zipkin while all other clusters use OpenTelemetry.
Important
The aggregate provider requires ASM version 1.22.6.89 or later.
Step 1: Define the aggregate provider and the individual tracing providers.
apiVersion: istio.alibabacloud.com/v1
kind: ASMExtensionProvider
metadata:
name: aggregate-provider
spec:
aggregate:
defaultProvider:
name: opentelemetry
uniqueProviders:
- clusters:
- id: cluster-a
region: cn-hangzhou
provider:
name: zipkin
---
apiVersion: istio.alibabacloud.com/v1
kind: ASMExtensionProvider
metadata:
name: zipkin
spec:
zipkin:
port: 8090
service: zipkin.istio-system.svc.cluster.local
---
apiVersion: istio.alibabacloud.com/v1
kind: ASMExtensionProvider
metadata:
name: opentelemetry
spec:
opentelemetry:
port: 8090
service: otel.istio-system.svc.cluster.localStep 2: Reference the providers in a Telemetry CRD to activate them.
apiVersion: telemetry.istio.io/v1
kind: Telemetry
metadata:
name: default
namespace: istio-system
spec:
accessLogging:
- disabled: false
providers:
- name: envoy
tracing:
- providers:
- name: zipkinField reference
ASMExtensionProvider
Each ASMExtensionProvider resource contains exactly one provider configuration. Set the field that matches your target backend.
| Field | Type | Required | Description |
|---|---|---|---|
zipkin | ZipkinTracingProvider | No | Zipkin tracing backend. See ZipkinTracingProvider. |
lightstep | LightstepTracingProvider | No | Lightstep tracing backend. See LightstepTracingProvider. |
datadog | DatadogTracingProvider | No | Datadog tracing backend. See DatadogTracingProvider. |
stackdriver | StackdriverProvider | No | Stackdriver tracing backend. See StackdriverProvider. |
opencensus | OpenCensusAgentTracingProvider | No | OpenCensus tracing backend. See OpenCensusAgentTracingProvider. |
skywalking | SkywalkingTracingProvider | No | Skywalking tracing backend. See SkywalkingTracingProvider. |
opentelemetry | OpenTelemetryProvider | No | OpenTelemetry tracing backend. See OpenTelemetryProvider. |
envoyFileAccesslog | EnvoyFileAccessLogProvider | No | Envoy file-based access log provider. See EnvoyFileAccessLogProvider. |
aggregate | AggregateProvider | No | Routes telemetry to different providers based on cluster identity. See AggregateProvider. |
ZipkinTracingProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the Zipkin service. Example: zipkin.istio-system.svc.cluster.local. |
path | string | Yes | API endpoint path for the Zipkin service. |
port | uint32 | No | Port of the Zipkin service. |
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
LightstepTracingProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the Lightstep service. |
port | uint32 | Yes | Port of the Lightstep service. |
accesstoken | string | No | Access token for authenticating with Lightstep. |
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
DatadogTracingProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the Datadog agent service. |
port | uint32 | Yes | Port of the Datadog agent service. |
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
StackdriverProvider
| Field | Type | Required | Description |
|---|---|---|---|
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
logging | StackdriverProvider_Logging | No | Logging configuration for Stackdriver. See StackdriverProvider_Logging. |
OpenCensusAgentTracingProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the OpenCensus agent service. |
port | uint32 | Yes | Port of the OpenCensus agent service. |
context | []string | No | Trace context propagation headers. Default: ["W3C_TRACE_CONTEXT"]. |
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
SkywalkingTracingProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the Skywalking service. |
port | uint32 | Yes | Port of the Skywalking service. |
OpenTelemetryProvider
| Field | Type | Required | Description |
|---|---|---|---|
service | string | Yes | FQDN of the OpenTelemetry collector service. |
port | uint32 | Yes | Port of the OpenTelemetry collector service. |
maxTagLength | uint32 | No | Maximum character length per tag. Default: 256. |
grpc | OpenTelemetryProvider_GrpcService | No | gRPC transport configuration. See OpenTelemetryProvider_GrpcService. |
http | OpenTelemetryProvider_HttpService | No | HTTP transport configuration. If omitted, gRPC is used by default. See OpenTelemetryProvider_HttpService. |
EnvoyFileAccessLogProvider
| Field | Type | Required | Description |
|---|---|---|---|
path | string | No | File path for log output. Example: /dev/stdout. |
logFormat | EnvoyFileAccessLogProvider_LogFormat | No | Log output format. Supports text or labels (JSON). See EnvoyFileAccessLogProvider_LogFormat. |
AggregateProvider
| Field | Type | Required | Description |
|---|---|---|---|
defaultProvider | ProviderRef | Yes | The provider used for clusters that do not match any entry in uniqueProviders. |
uniqueProviders | []UniqueProvider | No | Per-cluster provider assignments. See UniqueProvider. |
UniqueProvider
| Field | Type | Required | Description |
|---|---|---|---|
provider | ProviderRef | No | The provider to use for the specified clusters. See ProviderRef. |
clusters | []ClusterRef | No | The clusters assigned to this provider. See ClusterRef. |
StackdriverProvider_Logging
| Field | Type | Required | Description |
|---|---|---|---|
labels | map[string]string | No | Label names and expressions included in log entries. Example: path: request.url_path. |
OpenTelemetryProvider_HttpService
| Field | Type | Required | Description |
|---|---|---|---|
path | string | Yes | API endpoint path of the collector service. |
timeout | string | No | Timeout for HTTP requests. |
headers | []HeaderValue | No | Custom HTTP headers appended to each request. See HeaderValue. |
OpenTelemetryProvider_GrpcService
| Field | Type | Required | Description |
|---|---|---|---|
timeout | string | No | Timeout for gRPC requests. |
initialMetaData | []HeaderValue | No | Custom metadata headers appended to each gRPC request. See HeaderValue. |
HeaderValue
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Header name. |
value | string | Yes | Header value. |
EnvoyFileAccessLogProvider_LogFormat
Specify the log format as either plain text or structured JSON. Use Envoy command operators to reference request and response attributes.
| Field | Type | Required | Description |
|---|---|---|---|
text | string | No | Plain text log format. Example: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%". |
labels | map[string]string | No | JSON-structured log format. Example: status: "%RESPONSE_CODE%", message: "%LOCAL_REPLY_BODY%". |
ProviderRef
| Field | Type | Required | Description |
|---|---|---|---|
name | string | No | Name of the ASMExtensionProvider resource to reference. |
ClusterRef
| Field | Type | Required | Description |
|---|---|---|---|
id | string | Yes | Cluster ID. |
name | string | No | Cluster name. |
region | string | No | Region where the cluster is deployed. |