實現L7路由相關能力的準備工作 - Alibaba Cloud Service Mesh

L7路由支援多種能力，例如URI路徑匹配、要求標頭匹配等。本文介紹實現L7路由相關能力的準備工作。

前提條件

已建立ASM企業版執行個體，並選中啟用Ambient Mesh模式。具體操作，請參見建立ASM執行個體。
已建立Kubernetes叢集，且滿足Kubernetes叢集及配置要求。關於建立叢集的具體操作，請參見建立ACK專有叢集（已停止建立）或建立ACK託管叢集。
已添加叢集到ASM執行個體。
已按照實際作業系統及平台，下載Istioctl服務網格調試工具。詳細資料，請參見Istio。

步驟一：將資料面模式設定為Ambient

將全域命名空間default的資料面模式設定為Ambient。

登入ASM控制台，在左側導覽列，選擇服務網格 > 網格管理。
在網格管理頁面，單擊目標執行個體名稱，然後在左側導覽列，選擇網格執行個體 > 全域命名空間。
在全域命名空間頁面的資料面模式列，單擊default命名空間對應的切換為Ambient Mesh模式，在確認對話方塊，單擊確定。

步驟二：為default命名空間啟用Waypoint

Ambient模式下L7功能依賴Waypoint。本步驟為default命名空間下所有的服務啟用Waypoint。

建立Gateway資源，ASM會根據該資源建立一個Waypoint代理。

kubectl apply -f - <<EOF
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: waypoint
spec:
  gatewayClassName: istio-waypoint
  listeners:
  - name: mesh
    port: 15008
    protocol: HBONE
EOF

為default命名空間下所有的服務啟用Waypoint。

kubectl label namespace default istio.io/use-waypoint=waypoint --overwrite

步驟三：在資料面叢集中部署服務

請結合實際情境，按需部署helloworld、sleep、httpbin、nginx或mocka服務。

部署helloworld服務

使用以下內容，建立helloworld-application.yaml。

展開查看helloworld-application.yaml

apiVersion: v1
kind: Service
metadata:
  name: helloworld
  labels:
    app: helloworld
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: helloworld
  labels:
    account: helloworld
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloworld-v1
  labels: 
    apps: helloworld
    version: v1
spec:
  replicas: 1
  selector:
    matchLabels:
      app: helloworld
      version: v1
  template:
    metadata:
      labels:
        app: helloworld
        version: v1
    spec:
      serviceAccount: helloworld
      serviceAccountName: helloworld
      containers:
      - name: helloworld
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-helloworld-v1:1.0
        imagePullPolicy: IfNotPresent 
        ports:
        - containerPort: 5000
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: helloworld-v2
  labels: 
    apps: helloworld
    version: v2
spec:
  replicas: 1
  selector:
    matchLabels:
      app: helloworld
      version: v2
  template:
    metadata:
      labels:
        app: helloworld
        version: v2
    spec:
      serviceAccount: helloworld
      serviceAccountName: helloworld
      containers:
      - name: helloworld
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/examples-helloworld-v2:1.0
        imagePullPolicy: IfNotPresent 
        ports:
        - containerPort: 5000
---
apiVersion: v1
kind: Service
metadata:
  name: helloworld-v1
  labels:
    app: helloworld-v1
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
    version: v1
---
apiVersion: v1
kind: Service
metadata:
  name: helloworld-v2
  labels:
    app: helloworld-v2
spec:
  ports:
  - port: 5000
    name: http
  selector:
    app: helloworld
    version: v2

部署helloworld應用。

kubectl apply -f helloworld-application.yaml

部署sleep服務

建立sleep-application.yaml。

展開查看sleep-application.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: sleep
---
apiVersion: v1
kind: Service
metadata:
  name: sleep
  labels:
    app: sleep
    service: sleep
spec:
  ports:
  - port: 80
    name: http
  selector:
    app: sleep
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: sleep
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sleep
  template:
    metadata:
      labels:
        app: sleep
    spec:
      terminationGracePeriodSeconds: 0
      serviceAccountName: sleep
      containers:
      - name: sleep
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/curl:asm-sleep
        command: ["/bin/sleep", "3650d"]
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /etc/sleep/tls
          name: secret-volume
      volumes:
      - name: secret-volume
        secret:
          secretName: sleep-secret
          optional: true

部署sleep應用。
```
kubectl apply -f sleep-application.yaml
```

部署httpbin服務

建立httpbin-application.yaml。

展開查看httpbin-application.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: httpbin
---
apiVersion: v1
kind: Service
metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpbin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/httpbin:0.1.0
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80

部署httpbin應用。

kubectl apply -f httpbin-application.yaml

部署nginx服務

建立nginx應用。

展開查看nginx.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nginx
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  ports:
    - name: http
      port: 8000
      protocol: TCP
      targetPort: 80
  selector:
    app: nginx
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      serviceAccountName: nginx
      containers:
        - image: 'registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/nginx:1.28.0'
          imagePullPolicy: IfNotPresent
          name: nginx
          ports:
            - containerPort: 80
              protocol: TCP
          resources:
            limits:
              cpu: 500m
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File

部署nginx應用。
```
kubectl apply -f nginx.yaml
```

部署mocka服務

建立mocka-application.yaml。

展開查看mocka-application.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: mocka
  namespace: default
---
apiVersion: v1
kind: Service
metadata:
  name: mocka
  labels:
    app: mocka
    service: mocka
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mocka-v1
  labels:
    app: mocka
    version: v1
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mocka
      version: v1
      ASM_TRAFFIC_TAG: v1
  template:
    metadata:
      labels:
        app: mocka
        version: v1
        ASM_TRAFFIC_TAG: v1
    spec:
      serviceAccountName: mocka
      containers:
      - name: default
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/asm-gobin:1.0.0
        imagePullPolicy: IfNotPresent
        env:
        - name: version
          value: v1
        - name: app
          value: mocka
        ports:
        - containerPort: 8000
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mocka-v2
  labels:
    app: mocka
    version: v2
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mocka
      version: v2
      ASM_TRAFFIC_TAG: v2
  template:
    metadata:
      labels:
        app: mocka
        version: v2
        ASM_TRAFFIC_TAG: v2
    spec:
      serviceAccountName: mocka
      containers:
      - name: default
        image: registry-cn-hangzhou.ack.aliyuncs.com/ack-demo/asm-gobin:1.0.0
        imagePullPolicy: IfNotPresent
        env:
        - name: version
          value: v2
        - name: app
          value: mocka
        ports:
        - containerPort: 8000
---
apiVersion: v1
kind: Service
metadata:
  name: mocka-v1
  labels:
    app: mocka
    service: mocka
    version: v1
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
    version: v1
---
apiVersion: v1
kind: Service
metadata:
  name: mocka-v2
  labels:
    app: mocka
    service: mocka
    version: v2
spec:
  ports:
  - port: 8000
    name: http
  selector:
    app: mocka
    version: v2

部署mocka應用。
```
kubectl apply -f mocka-application.yaml
```