diff --git a/README.md b/README.md index 677ea20..ca27a24 100644 --- a/README.md +++ b/README.md @@ -41,11 +41,3 @@ You can also locally serve using [Docker](https://docker.com): ```console $ make docker-serve ``` - -## Contributing - -We welcome issues and PRs! For details, see [Contributing](https://github.com/aeraki-mesh/aeraki/blob/master/CONTRIBUTING.md). - -If you submit a PR, Netlify will automatically create a [deploy preview](https://docs.netlify.com/site-deploys/deploy-previews/) so -that you can view your changes. Once merged, Netlify automcatically deploys to -the production site [aeraki.net](https://aeraki.net). diff --git a/content/en/docs/_index.md b/content/en/docs/_index.md index 93ff5ae..6b8c4eb 100644 --- a/content/en/docs/_index.md +++ b/content/en/docs/_index.md @@ -2,10 +2,9 @@ title: Documentation versions linkTitle: Versions simple_list: true -# TODO(chalin): disable breadcrumbs for this page --- -Welcome to the docs for aeraki! The following doc versions are available: +Welcome to the docs for SolarMesh! The following doc versions are available: diff --git a/content/en/docs/v1.12.x/install.md b/content/en/docs/v1.12.x/install.md deleted file mode 100644 index 57555e6..0000000 --- a/content/en/docs/v1.12.x/install.md +++ /dev/null @@ -1,73 +0,0 @@ ---- -title: Install -weight: 1000 -description: Instructions for installing Aeraki. -minGoVers: 1.16 ---- - -## Requirements - -### MetaProtocol and Istio compatiblity - -Before installing Aeraki, please check the supported Istio versions and the corresponding Proxy version: - -| Aeraki | MetaProtocol Proxy | Istio | -| :----: | :----------------: | :----: | -| 1.4.x | 1.4.x | 1.18.x | -| 1.3.x | 1.3.x | 1.16.x | -| 1.2.x | 1.2.x | 1.14.x | -| 1.1.x | 1.1.x | 1.12.x | -| 1.0.x | 1.0.x | 1.10.x | - -### Modify Istio configuration - -Please modify the istio ConfigMap to add the following content. - -- Enable Istio DNS catpure -- Turn on metrics for Aeraki managed protocols - -```Bash -kubectl edit cm istio -n istio-system -``` - -```yaml -apiVersion: v1 -data: - mesh: |- - defaultConfig: - proxyMetadata: - ISTIO_META_DNS_CAPTURE: "true" - proxyStatsMatcher: - inclusionPrefixes: - - thrift - - dubbo - - kafka - - meta_protocol - inclusionRegexps: - - .*dubbo.* - - .*thrift.* - - .*kafka.* - - .*zookeeper.* - - .*meta_protocol.* -``` - -## Install Aeraki - -```bash -git clone https://github.com/aeraki-mesh/aeraki.git -cd aeraki -export AERAKI_TAG=1.3.0 -make install -``` - -## Install AerakiCtl(Optional) - -You can choose to install aerakictl tool for debug purpose. - -```bash -git clone https://github.com/aeraki-mesh/aerakictl.git ~/aerakictl;source ~/aerakictl/aerakictl.sh -``` - -## Use Aeraki in TCM(Tencent Cloud Mesh) - -If you want to use Aeraki with Tencent Cloud Mesh [TCM](https://cloud.tencent.com/product/tcm), please contact [TCM's sales team or business advisors](https://intl.cloud.tencent.com/contact-us). diff --git a/content/en/docs/v1.12.x/install/img.png b/content/en/docs/v1.12.x/install/img.png new file mode 100644 index 0000000..efbf1f5 Binary files /dev/null and b/content/en/docs/v1.12.x/install/img.png differ diff --git a/content/en/docs/v1.12.x/install/img_1.png b/content/en/docs/v1.12.x/install/img_1.png new file mode 100644 index 0000000..343619f Binary files /dev/null and b/content/en/docs/v1.12.x/install/img_1.png differ diff --git a/content/en/docs/v1.12.x/install/index.md b/content/en/docs/v1.12.x/install/index.md new file mode 100644 index 0000000..3c6d839 --- /dev/null +++ b/content/en/docs/v1.12.x/install/index.md @@ -0,0 +1,234 @@ +--- +title: installation +weight: 1000 +description: SolarMesh installation instructions. +--- + +## Preconditions + +### Environment configuration + +Before installing SolarMesh, review the following environmental requirements: + +1. Prepare a Kubernetes environment of version 1.21 and above to ensure that you can access the external network, ensure that images can be pulled normally, and that there are certain computing resources to run more applications. +2. Prepare kubectl and helm tools + +### Download the installation package + +The installation package includes command line tools and helm charts packages. +```shell +# download +wget http://release.solarmesh.cn/solar/v1.12/solar-v1.12.1-linux-amd64.tar.gz +# Unzip +tar -xvf solar-v1.12.1-linux-amd64.tar.gz +# empower +export PATH=$PATH:$PWD/solar/bin/ +chmod +x $PWD/solar/bin/solarctl +``` + +Confirm version: +```shell +$ solarctl version +solarctl version: v1.12.1 +``` + +## Install SolarMesh + +### 1. Install SolarMesh dashboard +```bash +solarctl install solar-mesh +``` + +Check component status: +```shell +$ kubectl get po -A -w +NAMESPACE NAME READY STATUS RESTARTS AGE +service-mesh solar-controller-58fc49b759-hpdwd 2/2 Running 0 102s +service-mesh solar-controller-58fc49b759-kwtf5 2/2 Running 0 103s +solar-operator solar-operator-596d9b48dc-knr7w 1/1 Running 0 32s +``` + +Configure login account: admin/admin +```shell +kubectl create secret generic admin --from-literal=username=admin --from-literal=password=admin -n service-mesh +kubectl label secret admin app=solar-controller -n service-mesh +``` + +### 2. Install SolarMesh backend + +#### 1. Controller +```shell +export ISTIOD_REMOTE_EP=$(kubectl get nodes|awk '{print $1}' |awk 'NR==2'|xargs -n 1 kubectl get nodes -o jsonpath='{.status.addresses[0].address}') +solarctl operator init --external-ip $ISTIOD_REMOTE_EP --eastwest-external-ip $ISTIOD_REMOTE_EP +``` + +#### 2. Backend service +```shell +kubectl apply -f - < 8080/TCP 28m +``` +access: + +![](img.png) + +#### 5. Verification function + +Use solarctl to install the bookinfo sample project into the test namespace. + +```shell +solarctl install bookinfo -n demo + +$ kubectl get po -n demo +NAME READY STATUS RESTARTS AGE +details-v1-8d56bfc84-qj7n9 1/1 Running 0 9m42s +productpage-v1-7cbccd8fc4-b84qc 1/1 Running 0 9m42s +ratings-v1-585fc5fbdd-x2nkk 1/1 Running 0 9m42s +reviews-v1-dbbb74b84-ktn7j 1/1 Running 0 9m42s +reviews-v2-75c48c6c58-bjts2 1/1 Running 0 9m42s +reviews-v3-68cd99b996-5n29d 1/1 Running 0 9m42s +``` + +Enter the Namespaces page of SolarMesh and turn on the automatic access switch. + +Visit the productpage of bookinfo and view the solarmesh traffic view to prove that SolarMesh has been installed successfully. + +![](img_1.png) + +## High availability and horizontal expansion + +### Improve usability + +By default, SolarMesh installs two copies of the solar-controller and networking-agent components, which can generally meet higher load requests. + +Generally speaking, the more replicas a component service has, the higher the corresponding available fault tolerance. If you have high availability requirements, you can continue to increase the number of replicas to enhance fault tolerance. + +### Highly available deployment +If you are proficient in the installation and configuration of istio multi-cluster and need solar-controller to support multi-cluster level high availability, our solar-controller can be deployed in istio multi-cluster form. This is our final form of SolarMesh high-availability deployment. + +In order to successfully deploy high availability, you need to follow the instructions below. + +1. First, you must prepare an istio multi-cluster. The deployment mode is [multi-primary](https://istio.io/latest/docs/setup/install/multicluster/multi-primary/) . + +2. Execute the installation of the SolarMesh management cluster in the two clusters deployed by Istio (assumed to be named cluster1 and cluster2). + +3. Configure Istio's Gateway and VirtualService resources in the cluster1 and cluster2 clusters deployed by Istio so that traffic can access the solar-controller component through the domain name configured on the gateway. When you access SolarMesh later, you will use the domain name you configured now. + +The following configuration of cluster1: You must ensure that your domain name is accessible + +```shell +apiVersion: networking.istio.io/v1alpha3 +Kind: Gateway +metadata: + name: gw + namespace: service-mesh +spec: + selector: + istio: ingressgateway + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "web1.solarmesh.cn" + +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: vs + namespace: service-mesh +spec: + hosts: + - "*" + gateways: + -gw + http: + - route: + -destination: + host: solar-controller + port: + number: 8080 +``` + +4. Test. You visit web1.solarmesh.cn and then view the logs of the pods corresponding to the solar-controllers in the two clusters. When you see that the logs are generated by polling, it means that the SolarMesh management cluster has been successfully deployed with high availability. + +5. Install SolarMesh’s backend service + +6. Complete cluster initialization and register cluster kubeConfig to solarmesh. Note that you need to execute the command to register the business cluster in both cluster1 and cluster2 installed by Istio. + +7. Others. In the high-availability deployment mode, the wildcard policy in the SolarMesh function is not yet highly available. You need to configure the corresponding policy in both Istio cluster1 and cluster2. + + +## learn more + +Click on the link below to learn more about SolarMesh related features: + +- [Canary Release](/docs/v1.12.x/tutorials/canary/) +- [Local rateLimit](/docs/v1.12.x/tutorials/ratelimit/) +- [Black and White List](/docs/v1.12.x/tutorials/ap/) +- [Traffic Plugin](/docs/v1.12.x/tutorials/mirror/) +- [Fault Injection](/docs/v1.12.x/tutorials/fault/) +- [Traffic Mirror](/docs/v1.12.x/tutorials/mirror/) + diff --git a/content/en/docs/v1.12.x/quickstart.md b/content/en/docs/v1.12.x/quickstart.md index d67b334..f3c0158 100644 --- a/content/en/docs/v1.12.x/quickstart.md +++ b/content/en/docs/v1.12.x/quickstart.md @@ -1,37 +1,38 @@ --- -title: Quick start +title: Quick Start weight: 900 description: Get SolarMesh up in less than 5 minutes! --- -The cornerstone of SolarMesh is the service mesh theory, which is a tool for solving kubernetes network problems. SolarMesh's underlying architecture is powered by istio, a highly configurable and powerful open source service grid platform that is currently the most popular service grid implementation in the industry. +SolarMesh servicemesh is an efficient visual microservice governance platform based on Istio and container technology, +providing application life cycle management, comprehensive traffic management and non-intrusive service governance solutions. +The cornerstone of SolarMesh is the service mesh theory, and the underlying architecture is based on kubernetes and istio +(istio is a highly configurable and powerful servicemesh implementation solution). -## basic concept +### What is ServiceMesh? -### What is Service Mesh? +ServiceMesh, also translated as "service mesh", serves as the infrastructure layer for communication between services. A servicemesh is a dedicated infrastructure layer that handles communication between services. It is responsible for reliably delivering requests through complex service topologies that encompass modern cloud-native applications. In practice, service meshes are typically implemented through a set of lightweight network proxies that are deployed alongside the application without being aware of the application itself. -Service Mesh, also translated as "service grid", serves as the infrastructure layer for communication between services. A service mesh is a dedicated infrastructure layer that handles communication between services. It is responsible for reliably delivering requests through complex service topologies that encompass modern cloud-native applications. In practice, service meshes are typically implemented through a set of lightweight network proxies that are deployed alongside the application without being aware of the application itself. - -Service Mesh is usually used to describe the microservice network of applications and the interaction between applications. It is an infrastructure layer. As the size and complexity of programs increase, service meshes become increasingly difficult to understand and manage. Its requirements include service discovery, load balancing, fault recovery, indicator collection, monitoring, and more complex operation and maintenance requirements, such as A/B testing, canary release, current limiting, access control, and end-to-end authentication. +ServiceMesh is usually used to describe the microservice network of applications and the interaction between applications. It is an infrastructure layer. As the size and complexity of programs increase, service meshes become increasingly difficult to understand and manage. Its requirements include service discovery, load balancing, fault recovery, indicator collection, monitoring, and more complex operation and maintenance requirements, such as A/B testing, canary release, current limiting, access control, and end-to-end authentication. If you explain what a service mesh is in one sentence, you can compare it to TCP/IP between applications or microservices, which is responsible for network calls, current limiting, circuit breaking, and monitoring between services. When writing applications, you generally do not need to care about the TCP/IP layer (such as RESTful applications through the HTTP protocol). When using a service grid, you do not need to care about the functions between services that are originally implemented through applications and frameworks, such as Spring Cloud and OSS. , now it’s just a matter of handing it over to the service mesh. -### Characteristics of service mesh +### Characteristics of ServiceMesh -The service mesh has the following characteristics: +The servicemesh has the following characteristics: * Middle layer for inter-application communication *Lightweight network proxy *Application-agnostic * Decouple application retries, timeouts, monitoring, tracing and service discovery -### What does the service mesh bring us? +### What does the ServiceMesh bring us? From the perspective of the general trend of cloud native, the core point of cloud native lies in abstraction. Just as virtual machines were once abstracted from physical machines, the essence of cloud-native applications is to abstract all infrastructure from the independent applications themselves to form middleware-level tools, such as networks. The entire abstraction of the network layer allows us to carry out standardized and unified management, thereby deriving the means of solving problems at the network layer. This abstraction at the network level eliminates the need for us to resort to SDK means (such as Spring Cloud) to solve problems due to network insufficiency. For problems arising from stability (timeouts, retries, etc.), the SDK has a certain binding relationship with the language. In today's era of microservices where multiple languages coexist, the capabilities provided by the SDK are slightly insufficient. -The emergence of service mesh is to solve this problem, abstract the Kubernetes network, and provide language-independent enhancement methods. It is the middleware to solve Kubernetes network problems. +The emergence of servicemesh is to solve this problem, abstract the Kubernetes network, and provide language-independent enhancement methods. It is the middleware to solve Kubernetes network problems. ## Quick experience @@ -41,9 +42,9 @@ Click [>>Online demo experience address>>](http://demo.solarmesh.cn/) to use it Click on the link below to learn more about SolarMesh related features: -- [Canary Release](/zh/docs/v1.12.x/tutorials/canary/) -- [Local rateLimit](/zh/docs/v1.12.x/tutorials/ratelimit/) -- [Black and White List](/zh/docs/v1.12.x/tutorials/ap/) -- [Traffic Plugin](/zh/docs/v1.12.x/tutorials/mirror/) -- [Fault Injection](/zh/docs/v1.12.x/tutorials/fault/) -- [Traffic Mirror](/zh/docs/v1.12.x/tutorials/mirror/) +- [Canary Release](/docs/v1.12.x/tutorials/canary/) +- [Local rateLimit](/docs/v1.12.x/tutorials/ratelimit/) +- [Black and White List](/docs/v1.12.x/tutorials/ap/) +- [Traffic Plugin](/docs/v1.12.x/tutorials/mirror/) +- [Fault Injection](/docs/v1.12.x/tutorials/fault/) +- [Traffic Mirror](/docs/v1.12.x/tutorials/mirror/) diff --git a/content/en/docs/v1.12.x/reference/alert/index.md b/content/en/docs/v1.12.x/reference/alert/index.md index 9687d46..f7e25cb 100644 --- a/content/en/docs/v1.12.x/reference/alert/index.md +++ b/content/en/docs/v1.12.x/reference/alert/index.md @@ -20,8 +20,8 @@ After successful installation, the grafana server will be installed in the clust ```bash kubectl get deploy -n service-mesh -NAME READY UP-TO-DATE AVAILABLE AGE -grafana 1/1 1 1 13h +NAME READY UP-TO-DATE AVAILABLE AGE +grafana 1/1 1 1 13h ``` ### Extension diff --git a/content/en/docs/v1.12.x/reference/istio-install/index.md b/content/en/docs/v1.12.x/reference/istio-install/index.md index 2a84b49..c245dc3 100644 --- a/content/en/docs/v1.12.x/reference/istio-install/index.md +++ b/content/en/docs/v1.12.x/reference/istio-install/index.md @@ -131,11 +131,11 @@ EOF ```shell $ kubectl get po -n istio-system -NAME READY STATUS RESTARTS AGE -istio-egressgateway-76766bdd95-s7vrb 1/1 Running 0 25s -istio-ingressgateway-bdf95b49b-xtc8r 1/1 Running 0 25s -istiod-7c79849787-g74gn 1/1 Running 0 54s +NAME READY STATUS RESTARTS AGE +istio-egressgateway-76766bdd95-s7vrb 1/1 Running 0 25s +istio-ingressgateway-bdf95b49b-xtc8r 1/1 Running 0 25s +istiod-7c79849787-g74gn 1/1 Running 0 54s $ kubectl get po -n istio-operator -NAME READY STATUS RESTARTS AGE -istio-operator-6b78df4f7c-gpmn8 1/1 Running 0 2m29s +NAME READY STATUS RESTARTS AGE +istio-operator-6b78df4f7c-gpmn8 1/1 Running 0 2m29s ``` diff --git a/content/en/docs/v1.12.x/reference/tracing/index.md b/content/en/docs/v1.12.x/reference/tracing/index.md index e4626a0..bf5c969 100644 --- a/content/en/docs/v1.12.x/reference/tracing/index.md +++ b/content/en/docs/v1.12.x/reference/tracing/index.md @@ -29,8 +29,8 @@ After successful installation, the jaeger server will be installed in the cluste ```bash $ kubectl get svc -n service-mesh -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -jaeger ClusterIP 10.96.74.5 5775/UDP,6831/UDP,6832/UDP,5778/TCP,16686/TCP,14268/TCP,14250/TCP,9411/TCP 65s +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +jaeger ClusterIP 10.96.74.5 5775/UDP,6831/UDP,6832/UDP,5778/TCP,16686/TCP,14268/TCP,14250/TCP,9411/TCP 65s ``` |Port|Protocol|Component|Function| diff --git a/content/en/docs/v1.12.x/reference/wasm/index.md b/content/en/docs/v1.12.x/reference/wasm/index.md index 039e234..1bc5b6f 100644 --- a/content/en/docs/v1.12.x/reference/wasm/index.md +++ b/content/en/docs/v1.12.x/reference/wasm/index.md @@ -113,16 +113,15 @@ tinygo build -o filter.wasm -target=wasi -wasm-abi=generic . ```bash $ kubectl get po -n demo -NAME READY STATUS RESTARTS AGE -details-v1-5588477696-2sw7b 2/2 Running 0 8d -productpage-v1-5bd6875444-j75dp 2/2 Running 0 8d -ratings-v1-c9d5c65fc-l65mq 2/2 Running 0 8d -reviews-v2-c789c7bdc-tsg7q 2/2 Running 0 8d -reviews-v3-78944b866f-96nbw 2/2 Running 0 8d +NAME READY STATUS RESTARTS AGE +details-v1-5588477696-2sw7b 2/2 Running 0 8d +productpage-v1-5bd6875444-j75dp 2/2 Running 0 8d +ratings-v1-c9d5c65fc-l65mq 2/2 Running 0 8d +reviews-v2-c789c7bdc-tsg7q 2/2 Running 0 8d +reviews-v3-78944b866f-96nbw 2/2 Running 0 8d ``` - 5. Create envoyfilter ```yaml diff --git a/content/en/docs/v1.12.x/tutorials/ap/index.md b/content/en/docs/v1.12.x/tutorials/ap/index.md index 9211774..01314ec 100644 --- a/content/en/docs/v1.12.x/tutorials/ap/index.md +++ b/content/en/docs/v1.12.x/tutorials/ap/index.md @@ -15,15 +15,15 @@ Integrating authentication and authorization from application code into SolarMes - Deploy sleep service to facilitate testing ```sh -$ kubectl get po -n test -wide -NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES -details-v1-65b994c875-kgbp2 2/2 Running 0 9d 10.36.0.9 49-node1 -productpage-v1-8bf7687-nxb5t 2/2 Running 0 9d 10.36.0.14 49-node1 -ratings-v1-bcdd8c995-vfqj9 2/2 Running 0 9d 10.36.0.16 49-node1 -reviews-v1-5f4866bd47-sxr6b 2/2 Running 0 9d 10.36.0.17 49-node1 -reviews-v2-7b66cff677-kjl4v 2/2 Running 0 9d 10.44.0.7 46-node2 -reviews-v3-6dddcfbb87-94zkd 2/2 Running 0 9d 10.44.0.9 46-node2 -sleep-5c88f5b48d-tlmb5 2/2 Running 0 9d 10.36.0.18 49-node1 +$ kubectl get po -n test -owide +NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES +details-v1-65b994c875-kgbp2 2/2 Running 0 9d 10.36.0.9 49-node1 +productpage-v1-8bf7687-nxb5t 2/2 Running 0 9d 10.36.0.14 49-node1 +ratings-v1-bcdd8c995-vfqj9 2/2 Running 0 9d 10.36.0.16 49-node1 +reviews-v1-5f4866bd47-sxr6b 2/2 Running 0 9d 10.36.0.17 49-node1 +reviews-v2-7b66cff677-kjl4v 2/2 Running 0 9d 10.44.0.7 46-node2 +reviews-v3-6dddcfbb87-94zkd 2/2 Running 0 9d 10.44.0.9 46-node2 +sleep-5c88f5b48d-tlmb5 2/2 Running 0 9d 10.36.0.18 49-node1 ``` Let us first remember that the IP of sleep-5c88f5b48d-tlmb5 is ``10.36.0.18``. Later, we will set that only this IP cannot access our productpage-v1-8bf7687-nxb5t, simulating a blacklist scenario. diff --git a/content/en/docs/v1.12.x/tutorials/inject/index.md b/content/en/docs/v1.12.x/tutorials/inject/index.md index 61f3965..d028196 100644 --- a/content/en/docs/v1.12.x/tutorials/inject/index.md +++ b/content/en/docs/v1.12.x/tutorials/inject/index.md @@ -71,13 +71,13 @@ You can see it after turning on the sidecar switch --> READY 2/2 ```bash kubectl get po -n demo -NAMESPACE NAME READY STATUS RESTARTS AGE -demo details-v1-687cc78964-tpk2t 2/2 Running 0 14d -demo productpage-v1-8488bbdbfd-wddv5 2/2 Running 0 14d -demo ratings-v1-8ddf6c6c-xtx8d 2/2 Running 0 14d -demo reviews-v1-f965c5c7c-tfx58 2/2 Running 0 14d -demo reviews-v2-86b699c6bf-k6vft 2/2 Running 0 14d -demo reviews-v3-85b6d84958-7xwc4 2/2 Running 0 14d +NAMESPACE NAME READY STATUS RESTARTS AGE +demo details-v1-687cc78964-tpk2t 2/2 Running 0 14d +demo productpage-v1-8488bbdbfd-wddv5 2/2 Running 0 14d +demo ratings-v1-8ddf6c6c-xtx8d 2/2 Running 0 14d +demo reviews-v1-f965c5c7c-tfx58 2/2 Running 0 14d +demo reviews-v2-86b699c6bf-k6vft 2/2 Running 0 14d +demo reviews-v3-85b6d84958-7xwc4 2/2 Running 0 14d ``` --- diff --git a/content/en/docs/v1.12.x/tutorials/ratelimit/index.md b/content/en/docs/v1.12.x/tutorials/ratelimit/index.md index 6a8e543..9246458 100644 --- a/content/en/docs/v1.12.x/tutorials/ratelimit/index.md +++ b/content/en/docs/v1.12.x/tutorials/ratelimit/index.md @@ -26,7 +26,7 @@ We configure the traffic limiting policy for the productpage. After submission, when we visit productpage, we will find that errors occur from time to time. -![](img_2.png)(../../images/local-ratelimit-02.png) +![](img_2.png) When we access it through curl, the result will be clearer: diff --git a/content/zh/docs/_index.md b/content/zh/docs/_index.md index 6b8c4eb..c03f524 100644 --- a/content/zh/docs/_index.md +++ b/content/zh/docs/_index.md @@ -1,10 +1,10 @@ --- -title: Documentation versions +title: 文档版本 linkTitle: Versions simple_list: true --- -Welcome to the docs for SolarMesh! The following doc versions are available: +欢迎使用SolarMesh文档! 以下是可用的文档版本: diff --git a/content/zh/docs/v1.12.x/install.md b/content/zh/docs/v1.12.x/install.md deleted file mode 100644 index 8777149..0000000 --- a/content/zh/docs/v1.12.x/install.md +++ /dev/null @@ -1,80 +0,0 @@ ---- -title: 安装 -weight: 1000 -description: Instructions for installing Aeraki. -minGoVers: 1.16 ---- - -## 前置条件 - -### Aeraki 和 MetaProtocol 以及 Istio 的版本兼容性 - -在安装 Aeraki 之前,请先根据下面的版本兼容矩阵检查 Aeraki 对应 Istio 和 MetaProtocol Proxy 版本: - -| Aeraki | MetaProtocol Proxy | Istio | -|:------------:|:----------------:|:------------:| -| 1.4.x | 1.4.x | 1.18.x | -| 1.3.x | 1.3.x | 1.16.x | -| 1.2.x | 1.2.x | 1.14.x | -| 1.1.x | 1.1.x | 1.12.x | -| 1.0.x | 1.0.x | 1.10.x | - -### 检查下面的 Istio 选项 - -请修改 istio ConfigMap,加入下面的内容: - -* 启用 Istio DNS 代理 -* 打开 Aeraki 管理的协议的 Metrics 收集 - -```Bash -kubectl edit cm istio -n istio-system -``` - -```yaml -apiVersion: v1 -data: - mesh: |- - defaultConfig: - proxyMetadata: - ISTIO_META_DNS_CAPTURE: "true" - proxyStatsMatcher: - inclusionPrefixes: - - thrift - - dubbo - - kafka - - meta_protocol - inclusionRegexps: - - .*dubbo.* - - .*thrift.* - - .*kafka.* - - .*zookeeper.* - - .*meta_protocol.* -``` - -## 安装 Aeraki - -```bash -git clone https://github.com/aeraki-mesh/aeraki.git -cd aeraki -export AERAKI_TAG=1.3.0 -make install -``` - -## 安装 AerakiCtl(可选) - -You can choose to optionally install aerakictl tool for debug purpose. - -```bash -git clone https://github.com/aeraki-mesh/aerakictl.git ~/aerakictl;source ~/aerakictl/aerakictl.sh -``` -## 高可用和水平扩展 - -Aeraki 内主要包括两类组件: -* 控制器:用于 Watch Istio 资源并维护 Aeraki 内部系统状态,此类组件为有状态组件,Aeraki 通过选主实现高可用 -* MetaProtocol RDS 服务器:根据 MetaRouter CRD 资源生成 MetaProtocol 动态路由,并通过 MetaRDS 下发给数据面的 Proxy,Aeraki 支持多实例水平扩展,以对 RDS 服务器的压力进行负载均衡。 - -对于生产环境,请根据集群规模和数据面边车数量调整对应的 Aeraki 实例,可以通过 K8s HPA 进行动态扩展。 - -## 在 TCM 中使用 Aeraki - -腾讯云服务网格 [TCM](https://cloud.tencent.com/product/tcm) 支持集成 Aeraki。如果希望在 TCM 使用 Aeraki 的协议扩展能力,请联系[腾讯云售前架构师](https://cloud.tencent.com/act/event/connect-service?from=intro_tcm#/)进行咨询。 diff --git a/content/zh/docs/v1.12.x/install/img.png b/content/zh/docs/v1.12.x/install/img.png new file mode 100644 index 0000000..efbf1f5 Binary files /dev/null and b/content/zh/docs/v1.12.x/install/img.png differ diff --git a/content/zh/docs/v1.12.x/install/img_1.png b/content/zh/docs/v1.12.x/install/img_1.png new file mode 100644 index 0000000..343619f Binary files /dev/null and b/content/zh/docs/v1.12.x/install/img_1.png differ diff --git a/content/zh/docs/v1.12.x/install/index.md b/content/zh/docs/v1.12.x/install/index.md new file mode 100644 index 0000000..df1c32b --- /dev/null +++ b/content/zh/docs/v1.12.x/install/index.md @@ -0,0 +1,231 @@ +--- +title: 安装 +weight: 1000 +description: SolarMesh安装说明. +--- + +## 前置条件 + +### 环境配置 + +在安装 SolarMesh 之前,请先查看以下环境要求: + +1. 准备一个1.21 及以上版本Kubernetes环境,确保可以访问外网、确保可以正常拉取镜像、确保有一定的计算资源,可以跑较多的应用。 +2. 准备 kubectl、helm工具 + +### 下载安装包 + +安装包中包含命令行工具和helm charts包。 +```shell +# 下载 +wget http://release.solarmesh.cn/solar/v1.12/solar-v1.12.1-linux-amd64.tar.gz +# 解压 +tar -xvf solar-v1.12.1-linux-amd64.tar.gz +# 赋权 +export PATH=$PATH:$PWD/solar/bin/ +chmod +x $PWD/solar/bin/solarctl +``` + +确认版本: +```shell +$ solarctl version +solarctl version: v1.12.1 +``` + +## 安装 SolarMesh + +### 1. 安装SolarMesh dashboard +```bash +solarctl install solar-mesh +``` + +检查组件状态: +```shell +$ kubectl get po -A -w +NAMESPACE NAME READY STATUS RESTARTS AGE +service-mesh solar-controller-58fc49b759-hpdwd 2/2 Running 0 102s +service-mesh solar-controller-58fc49b759-kwtf5 2/2 Running 0 103s +solar-operator solar-operator-596d9b48dc-knr7w 1/1 Running 0 32s +``` + +配置登录账号:admin/admin +```shell +kubectl create secret generic admin --from-literal=username=admin --from-literal=password=admin -n service-mesh +kubectl label secret admin app=solar-controller -n service-mesh +``` + +### 2. 安装SolarMesh backend + +#### 1. 控制器 +```shell +export ISTIOD_REMOTE_EP=$(kubectl get nodes|awk '{print $1}' |awk 'NR==2'|xargs -n 1 kubectl get nodes -o jsonpath='{.status.addresses[0].address}') +solarctl operator init --external-ip $ISTIOD_REMOTE_EP --eastwest-external-ip $ISTIOD_REMOTE_EP +``` + +#### 2. 后端服务 +```shell +kubectl apply -f - < 8080/TCP 28m +``` +访问: + +![](img.png) + +#### 5. 验证功能 + +使用 solarctl 安装 bookinfo示例项目到测试用的namespace当中 + +```shell +solarctl install bookinfo -n demo + +$ kubectl get po -n demo +NAME READY STATUS RESTARTS AGE +details-v1-8d56bfc84-qj7n9 1/1 Running 0 9m42s +productpage-v1-7cbccd8fc4-b84qc 1/1 Running 0 9m42s +ratings-v1-585fc5fbdd-x2nkk 1/1 Running 0 9m42s +reviews-v1-dbbb74b84-ktn7j 1/1 Running 0 9m42s +reviews-v2-75c48c6c58-bjts2 1/1 Running 0 9m42s +reviews-v3-68cd99b996-5n29d 1/1 Running 0 9m42s +``` + +进入SolarMesh的Namespaces页面,打开自动接入的开关。 + +访问bookinfo的 productpage页面,查看 solarmesh 流量视图,证明SolarMesh现在已经安装成功了。 + +![](img_1.png) + +## 高可用和水平扩展 + +### 提高可用性 + +默认SolarMesh 安装的 solar-controller 与 networking-agent 组件都是2个副本,在一般情况下已经能满足较高负载的请求。 + +一般情况下,组件服务所拥有副本数越多,所对应的可用容错能力也就越高。如果你对可用性要求很高,可以继续提高副本数以增强容错能力。 + +### 高可用部署 +如果您熟练使用istio多集群的安装与配置,并需要solar-controller 支持多集群级别的高可用,我们的solar-controller 可以部署在istio多集群形态中,这是我们最终形态的SolarMesh高可用部署。 + +为了成功部署高可用,你需要参照以下的说明。 + +1. 首先你得准备一个istio的多集群,部署的模式为 [multi-primary](https://istio.io/latest/docs/setup/install/multicluster/multi-primary/) . + +2. 在Istio部署的两个集群(假设名为 cluster1、cluster2)中分别执行 SolarMesh的管理集群 的安装。 + +3. 在Istio部署的cluster1、cluster2集群中配置 Istio 的 Gateway 与 VirtualService 资源,使流量可以通过网关配置的域名访问到 solar-controller 组件。后续你访问SolarMesh就使用你现在配置的域名。 + +如下cluster1的配置:你得保证你的域名是可访问的 + +```shell +apiVersion: networking.istio.io/v1alpha3 +kind: Gateway +metadata: + name: gw + namespace: service-mesh +spec: + selector: + istio: ingressgateway + servers: + - port: + number: 80 + name: http + protocol: HTTP + hosts: + - "web1.solarmesh.cn" + +--- +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: vs + namespace: service-mesh +spec: + hosts: + - "*" + gateways: + - gw + http: + - route: + - destination: + host: solar-controller + port: + number: 8080 +``` + +4. 测试。你访问 web1.solarmesh.cn ,然后查看 两个集群中的 solar-controller 对应的 pod 的日志。当你看到 日志是轮询产生的时候,说明 SolarMesh的管理集群 已经高可用部署成功了。 + +5. 安装SolarMesh的后端服务 + +6. 完成集群初始化,注册集群kubeConfig到solarmesh。注意,你需要在Istio安装的cluster1、cluster2中都执行注册业务集群的命令。 + +7. 其他。高可用部署 部署的模式下,目前 SolarMesh功能中通配策略 现在还无法高可用 ,你需要在Istio的cluster1、cluster2中都配置相应的策略。 + +## 了解更多 + +点击下面的链接,了解更多 SolarMesh 的相关功能: + +- [灰度发布](/zh/docs/v1.12.x/tutorials/canary/) +- [本地限流](/zh/docs/v1.12.x/tutorials/ratelimit/) +- [黑白名单](/zh/docs/v1.12.x/tutorials/ap/) +- [流量插件](/zh/docs/v1.12.x/tutorials/mirror/) +- [故障注入](/zh/docs/v1.12.x/tutorials/fault/) diff --git a/content/zh/docs/v1.12.x/quickstart.md b/content/zh/docs/v1.12.x/quickstart.md index 66d509a..410a15a 100644 --- a/content/zh/docs/v1.12.x/quickstart.md +++ b/content/zh/docs/v1.12.x/quickstart.md @@ -1,20 +1,21 @@ --- title: 快速开始 weight: 900 -description: Get SolarMesh up in less than 5 minutes! +description: 5分钟快速了解体验SolarMesh! --- -SolarMesh的基石是服务网格理论,是解决kubernetes网络问题的工具。 SolarMesh的底层架构由istio提供支持,istio是一种高度可配置且功能强大的开源服务网格平台,是目前行业最流行的服务网格实现方案。 +SolarMesh 服务网格是一个高效可视化微服务治理平台,基于 Istio 及容器技术,提供应用生命周期管理、全面流量管理和非侵入式的服务治理解决方案。 +SolarMesh的基石是服务网格理论,底层架构基于kubernetes、istio(istio是一种高度可配置且功能强大的服务网格实现方案)实现。 ## 基本概念 -### 什么是服务网格(Service Mesh)? +### 什么是服务网格ServiceMesh? -Service Mesh 又译作 “服务网格”,作为服务间通信的基础设施层。服务网格是处理服务间通信的专用基础设施层。它负责通过包含现代云原生应用程序的复杂服务拓扑来可靠地传递请求。实际上,服务网格通常通过一组轻量级网络代理来实现,这些代理与应用程序一起部署,而不需要感知应用程序本身。 +ServiceMesh 又译作 “服务网格”,作为服务间通信的基础设施层。服务网格是处理服务间通信的专用基础设施层。它负责通过包含现代云原生应用程序的复杂服务拓扑来可靠地传递请求。实际上,服务网格通常通过一组轻量级网络代理来实现,这些代理与应用程序一起部署,而不需要感知应用程序本身。 -服务网格(Service Mesh)通常用于描述应用程序的微服务网络以及应用之间的交互,是一个基础架构层。随着程序规模、程序复杂性的增长,服务网格越来越难以理解和管理。它的需求包括服务发现、负载均衡、故障恢复、指标收集、监控以及更加复杂的运维需求,例如 A/B 测试、金丝雀发布、限流、访问控制和端到端认证等。 +服务网格(ServiceMesh)通常用于描述应用程序的微服务网络以及应用之间的交互,是一个基础架构层。随着程序规模、程序复杂性的增长,服务网格越来越难以理解和管理。它的需求包括服务发现、负载均衡、故障恢复、指标收集、监控以及更加复杂的运维需求,例如 A/B 测试、金丝雀发布、限流、访问控制和端到端认证等。 -如果用一句话来解释什么是服务网格,可以将它比作是应用程序或者微服务间的 TCP/IP,负责服务之间的网络调用、限流、熔断和监控。对于编写应用程序来说一般无须关心 TCP/IP 这一层(比如通过 HTTP 协议的 RESTful 应用),使用服务网格无须关心服务之间原本是通过应用程序、框架实现的功能,比如 Spring Cloud、OSS,现在只要交给服务网格就可以了。 +如果用一句话来解释什么是服务网格,可以将它比作是应用程序或者微服务间的 TCP/IP,负责服务之间的网络调用、限流、熔断和监控。对于编写应用程序来说一般无须关心 TCP/IP 这一层(比如通过 HTTP 协议的 RESTful 应用),使用服务网格无须关心服务之间原本是通过应用程序、框架实现的功能,比如 SpringCloud、OSS,现在只要交给服务网格就可以了。 ### 服务网格的特点 diff --git a/content/zh/docs/v1.12.x/tutorials/ratelimit/index.md b/content/zh/docs/v1.12.x/tutorials/ratelimit/index.md index b97988a..9b1bd7c 100644 --- a/content/zh/docs/v1.12.x/tutorials/ratelimit/index.md +++ b/content/zh/docs/v1.12.x/tutorials/ratelimit/index.md @@ -26,7 +26,7 @@ keywords: [ratelimit] 提交后,我们访问 productpage ,会发现它时不时就会出现错误。 -![](img_2.png)(../../images/local-ratelimit-02.png) +![](img_2.png) 我们通过 curl 访问,结果会更清晰: