You can enable Microservices Governance of Microservices Engine (MSE) for microservice applications, such as Spring Cloud and Dubbo applications, that are deployed in a Container Service for Kubernetes cluster or Container Compute Service cluster. This way, you can use a series of service governance capabilities that are provided by MSE to govern the microservice applications. This helps improve the stability and development efficiency of online microservice applications. This topic describes how to enable Microservices Governance of MSE for microservice applications that are deployed in an ACK or ACS cluster.
Prerequisites
An ACK managed cluster or an ACK serverless cluster is created. For more information, see Create an ACK managed cluster or Create an ACK Serverless cluster.
Microservices Governance is activated. If you do not activate it, go to the product page.
The ACK or ACS cluster and Microservices Governance of MSE are deployed in the same region.
If your project uses both the open source Sentinel component and the com.alibaba.cloud.sentinel.feign.SentinelFeignAutoConfiguration class, you may fail to enable Microservices Governance for the applications.
To mount the MSE Java agent, you must make sure that the Java virtual machine (JVM) heap memory is greater than 256 MB.
Procedure
Recommendations on selecting a method to enable MSE Microservices Governance:
If MSE Microservices Governance needs to be enabled for all or most of applications in a namespace, we recommend that you follow the instructions in Scenario 1: Enable MSE Microservices Governance for applications in an ACK or ACS cluster namespace. For applications for which you do not need to enable MSE Microservices Governance, add the label
spec.template.labels.msePilotAutoEnable: "off"for these applications.If MSE Microservices Governance needs to be enabled for a small number of applications in a namespace, we recommend that you follow the instructions in Scenario 2: Enable MSE Microservices Governance for a single application.
Scenario 1: Enable Microservices Governance for all applications in an ACK or ACS cluster namespace
After Microservices Governance is enabled for a namespace, Microservices Governance is automatically enabled for newly created applications and redeployed applications in the namespace as well as the pods in the namespace. Manual operations are not required. For more information about how to create an application, see Create a stateless application by using a Deployment.
Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Microservices Governance > Application Governance.
On the Application list page, click ACK Application Access.
In the ACK Application Access dialog box, configure the parameters and click OK.
Parameter
Description
Cluster type
Select ACK Cluster, ACK Serverless Cluster, or ACS Cluster.
NoteIf you do not grant ACK the permissions to call MSE, you need to click the link to perform authorization.
Cluster Name/ID
Select the Cluster Name/ID for which you want to enable Microservices Governance. You can use keywords to search for cluster names or IDs.
ack-onepilot
Display the status of the ack-onepilot component. For information about the ack-onepilot component and how to update the ack-onepilot component, see ack-onepilot and Install and update the Microservices Governance component.
If the ack-onepilot component is not installed, click Click Install on the right of ack-onepilot. After the installation is complete, the status of the ack-onepilot component is displayed as Installed.
If you perform the operation as a RAM user and a message is displayed, indicating that you have no permissions to perform the operation, you can log on to the ACK console, and click the name of the cluster. On the page that appears, choose Operations > Add-ons. On the Add-ons page, search for ack-onepilot and click Install on the resource card.
NoteIn this step, the ack-onepilot component is involved. You can log on to the ACK console, and click the name of the cluster. On the page that appears, choose Operations > Add-ons to view the component details.
After the ack-onepilot component is installed, the agent is automatically injected. In this case, the startup time of the application may be increased by up to 10s.
When you enable Microservices Governance for a cluster namespace, if the desired cluster is not in the following regions, you must make sure that the cluster can access the Internet and connect to acm.aliyun.com:8080: China (Qingdao), China (Hangzhou), China (Beijing), China (Shanghai), China East 2 Finance, China (Shenzhen), China (Hong Kong), Singapore, Germany (Frankfurt), Australia (Sydney), US (Silicon Valley), and US (Virginia).
Access Type
Select Namespace Access.
ACK Cluster Namespace
Select an ACK Cluster Namespace.
Microservices Governance Namespace
Select a Microservices Governance Namespace.
Notes:
After you enable Microservices Governance for applications in the ACK or ACS cluster, the deployment names of the applications are used as the display names. If you want to use custom application names, you can modify YAML configurations of the deployed applications to rename the applications.
spec: template: metadata: labels: mseNamespace: default # The name of the MSE microservice namespace where your application resides. If you do not specify this parameter, the microservice namespace default is used. msePilotCreateAppName: "your-deployment-name" # Replace your-deployment-name with the name of your application.If you want to disable Microservices Governance for an application, add the
msePilotAutoEnableparameter to the YAML file of the deployed application and set this parameter tooff.spec: template: metadata: labels: msePilotAutoEnable: "off" # The off value must be enclosed in double quotation marks (") or single quotation marks (').
Scenario 2: Enable Microservices Governance for a single application
If Microservices Governance needs to be enabled only for a small number of applications in your namespace, you can separately enable MSE Microservices Governance for each of these applications.
Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Microservices Governance > Application Governance.
On the Application list page, click ACK Application Access.
In the ACK Application Access dialog box, configure the parameters and click OK.
Parameter
Description
Cluster type
Select ACK Cluster, ACK Serverless Cluster, or ACS Cluster.
NoteIf you do not grant ACK the permissions to call MSE, you need to click the link to perform authorization.
Cluster Name/ID
Select the Cluster Name/ID for which you want to enable Microservices Governance. You can use keywords to search for cluster names or IDs.
ack-onepilot
Display the status of the ack-onepilot component. For information about the ack-onepilot component and how to update the ack-onepilot component, see ack-onepilot and Install and update the Microservices Governance component.
If the ack-onepilot component is not installed, click Click Install on the right of ack-onepilot. After the installation is complete, the status of the ack-onepilot component is displayed as Installed.
If you perform the operation as a RAM user and a message is displayed, indicating that you have no permissions to perform the operation, you can log on to the ACK console, and click the name of the cluster. On the page that appears, choose Operations > Add-ons. On the Add-ons page, search for ack-onepilot and click Install on the resource card.
NoteIn this step, the ack-onepilot component is involved. You can log on to the ACK console, and click the name of the cluster. On the page that appears, choose Operations > Add-ons to view the component details.
After the ack-onepilot component is installed, the agent is automatically injected. In this case, the startup time of the application may be increased by up to 10s.
Access Type
Select Single Application Access.
Access Procedure
Perform the following steps:
Step 1: Go to the ACK console, and click the cluster name. In the left-side navigation pane of the page that appears, choose Workloads > Deployments. Then, select the namespace to which the application belongs.
Step 2: Click the name of the application. On the page that appears, click View in YAML.
Step 3: Edit labels in the following format and click Update.
spec: template: metadata: labels: # The on value indicates that Microservices Governance is enabled. The on value must be enclosed in double quotation marks ("). msePilotAutoEnable: "on" # The MSE microservice namespace where your application resides. If the namespace that you specify does not exist, a namespace with the specified name is automatically created. mseNamespace: 202401 # The actual name of the application for which Microservices Governance is enabled. The name must be enclosed in double quotation marks ("). msePilotCreateAppName: "your-deployment-name"
Verify the result
After you perform the preceding steps and restart the applications, Microservices Governance is enabled for the applications that are deployed in the Container Service for Kubernetes or Container Compute Service cluster.
Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Microservices Governance > Application Governance.
Select the specified microservice namespace to view the applications for which Microservices Governance is enabled.
What to do next
After MSE Microservices Governance is enabled for your applications, you can use the features provided by MSE Microservices Governance, such as end-to-end canary release, graceful start and shutdown, and configuration of throttling rules. For more information, see Get started with Microservices Governance in 15 minutes (for Java applications).