diff --git a/docs/gitbook/install/flagger-install-on-alibaba-servicemesh.md b/docs/gitbook/install/flagger-install-on-alibaba-servicemesh.md index 3142d0062..c6aef1a04 100644 --- a/docs/gitbook/install/flagger-install-on-alibaba-servicemesh.md +++ b/docs/gitbook/install/flagger-install-on-alibaba-servicemesh.md @@ -4,106 +4,19 @@ This guide walks you through setting up Flagger on Alibaba ServiceMesh. ## Prerequisites - Created an ACK([Alibabacloud Container Service for Kubernetes](https://cs.console.aliyun.com)) cluster instance. -- Created an ASM([Alibaba ServiceMesh](https://servicemesh.console.aliyun.com)) instance, and added ACK cluster. +- Create an ASM([Alibaba ServiceMesh](https://servicemesh.console.aliyun.com)) enterprise instance and add ACK cluster. ### Variables declaration - `$ACK_CONFIG`: the kubeconfig file path of ACK, which be treated as`$HOME/.kube/config` in the rest of guide. - `$MESH_CONFIG`: the kubeconfig file path of ASM. -- `$ISTIO_RELEASE`: see https://github.com/istio/istio/releases -- `$FLAGGER_SRC`: see https://github.com/fluxcd/flagger -## Install Prometheus -Install Prometheus: +### Enable Data-plane KubeAPI access in ASM -```bash -kubectl apply -f $ISTIO_RELEASE/samples/addons/prometheus.yaml -``` +In the Alibaba Cloud Service Mesh (ASM) console, on the basic information page, make sure Data-plane KubeAPI access is enabled. When enabled, the Istio resources of the control plane can be managed through the Kubeconfig of the data plane cluster. -it' same with the below cmd: +## Enable Prometheus -```bash -kubectl --kubeconfig "$ACK_CONFIG" apply -f $ISTIO_RELEASE/samples/addons/prometheus.yaml -``` - -Append the below configs to `scrape_configs` in prometheus configmap, to support telemetry: -```yaml -scrape_configs: -# Mixer scrapping. Defaults to Prometheus and mixer on same namespace. -- job_name: 'istio-mesh' - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - istio-system - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: istio-telemetry;prometheus -# Scrape config for envoy stats -- job_name: 'envoy-stats' - metrics_path: /stats/prometheus - kubernetes_sd_configs: - - role: pod - relabel_configs: - - source_labels: [__meta_kubernetes_pod_container_port_name] - action: keep - regex: '.*-envoy-prom' - - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] - action: replace - regex: ([^:]+)(?::\d+)?;(\d+) - replacement: $1:15090 - target_label: __address__ - - action: labeldrop - regex: __meta_kubernetes_pod_label_(.+) - - source_labels: [__meta_kubernetes_namespace] - action: replace - target_label: namespace - - source_labels: [__meta_kubernetes_pod_name] - action: replace - target_label: pod_name -- job_name: 'istio-policy' - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - istio-system - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: istio-policy;http-policy-monitoring -- job_name: 'istio-telemetry' - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - istio-system - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: istio-telemetry;http-monitoring -- job_name: 'pilot' - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - istio-system - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: istiod;http-monitoring - - source_labels: [__meta_kubernetes_service_label_app] - target_label: app -- job_name: 'sidecar-injector' - kubernetes_sd_configs: - - role: endpoints - namespaces: - names: - - istio-system - relabel_configs: - - source_labels: [__meta_kubernetes_service_name, __meta_kubernetes_endpoint_port_name] - action: keep - regex: istio-sidecar-injector;http-monitoring -``` +In the Alibaba Cloud Service Mesh (ASM) console, click Settings to enable the collection of Prometheus monitoring metrics. You can use the self-built Prometheus monitoring, or you can use the Alibaba Cloud ARMS Prometheus monitoring plug-in that has joined the ACK cluster, and use ARMS Prometheus to collect monitoring indicators. ## Install Flagger @@ -111,26 +24,34 @@ Add Flagger Helm repository: ```bash helm repo add flagger https://flagger.app -helm repo update ``` Install Flagger's Canary CRD: -```yaml -kubectl apply -f $FLAGGER_SRC/artifacts/flagger/crd.yaml +```bash +kubectl apply -f https://raw.githubusercontent.com/fluxcd/flagger/v1.21.0/artifacts/flagger/crd.yaml ``` +## Deploy Flagger for Istio -Deploy Flagger for Alibaba ServiceMesh: +### Add data plane cluster to Alibaba Cloud Service Mesh (ASM) + +In the Alibaba Cloud Service Mesh (ASM) console, click Cluster & Workload Management, select the Kubernetes cluster, select the target ACK cluster, and add it to ASM. + +### Prometheus address + +If you are using Alibaba Cloud Container Service for Kubernetes (ACK) ARMS Prometheus monitoring, replace {Region-ID} in the link below with your region ID, such as cn-hangzhou. {ACKID} is the ACK ID of the data plane cluster that you added to Alibaba Cloud Service Mesh (ASM). Visit the following links to query the public and intranet addresses monitored by ACK's ARMS Prometheus: +[https://arms.console.aliyun.com/#/promDetail/{Region-ID}/{ACK-ID}/setting](https://arms.console.aliyun.com/) + +An example of an intranet address is as follows: +[http://{Region-ID}-intranet.arms.aliyuncs.com:9090/api/v1/prometheus/{Prometheus-ID}/{u-id}/{ACK-ID}/{Region-ID}](https://arms.console.aliyun.com/) + +## Deploy Flagger +Replace the value of metricsServer with your Prometheus address. ```bash -cp $MESH_CONFIG kubeconfig -kubectl -n istio-system create secret generic istio-kubeconfig --from-file kubeconfig -kubectl -n istio-system label secret istio-kubeconfig istio/multiCluster=true helm upgrade -i flagger flagger/flagger \ --namespace=istio-system \ --set crd.create=false \ --set meshProvider=istio \ ---set metricsServer=http://prometheus:9090 \ ---set istio.kubeconfig.secretName=istio-kubeconfig \ ---set istio.kubeconfig.key=kubeconfig -``` +--set metricsServer=http://prometheus:9090 +``` \ No newline at end of file