Open in app

Sign in

Write

Sign in

Google Cloud Anthos Series: Anthos Service Mesh

Google Cloud Anthos Series: Part-4

Anchit Nishant
Google Cloud - Community
4 min readFeb 15, 2022

--

Welcome to Part-4 of the ‘Google Cloud Anthos series’. You can find the complete series Here.

These are the deployment options for containerised workloads while using Anthos Service Mesh.

  • In-cluster control plane : With In-Cluster deployment, the Istiod is installed in your own cluster.
  • Managed Anthos Service Mesh : With managed Anthos Service Mesh, Google handles upgrades, scaling, and security for you minimizing manual user maintenance.

For this deployment we will use In-cluster deployment with the same Online Boutique application we have used in our “Google Cloud Devops Series” here.

Set the PROJECT_ID environment variable and ensure the Google Kubernetes Engine and Cloud Operations APIs are enabled.

PROJECT_ID="<your-project-id>"
gcloud services enable container.googleapis.com --project ${PROJECT_ID}
gcloud services enable monitoring.googleapis.com \
    cloudtrace.googleapis.com \
    clouddebugger.googleapis.com \
    cloudprofiler.googleapis.com \
    --project ${PROJECT_ID}

Clone the Online Boutique repository.

git clone https://github.com/GoogleCloudPlatform/microservices-demo.git
cd microservices-demo

Create 3 GKE clusters in three different regions.

ZONE1=us-central1-b
ZONE2=europe-west1-b
ZONE3=asia-south1-bgcloud container clusters create us-gke-cluster \
    --project=${PROJECT_ID} --zone=${ZONE1} \
    --machine-type=e2-standard-2 --num-nodes=4 \
    --scopes=cloud-platform \
    --workload-pool=${PROJECT_ID}.svc.id.googgcloud container clusters create eu-gke-cluster \
    --project=${PROJECT_ID} --zone=${ZONE2} \
    --machine-type=e2-standard-2 --num-nodes=4 \
    --scopes=cloud-platform \
    --workload-pool=${PROJECT_ID}.svc.id.googgcloud container clusters create asia-gke-cluster \
    --project=${PROJECT_ID} --zone=${ZONE3} \
    --machine-type=e2-standard-2 --num-nodes=4 \
    --scopes=cloud-platform \
    --workload-pool=${PROJECT_ID}.svc.id.goog

Install Anthos Service Mesh in each of these clusters.

curl https://storage.googleapis.com/csm-artifacts/asm/asmcli > asmclichmod +x asmcli./asmcli install \
  --project_id $PROJECT_ID \
  --cluster_name us-gke-cluster \
  --cluster_location $ZONE1 \
  --enable_all \
  --ca mesh_ca./asmcli install \
  --project_id $PROJECT_ID \
  --cluster_name eu-gke-cluster \
  --cluster_location $ZONE2 \
  --enable_all \
  --ca mesh_ca./asmcli install \
  --project_id $PROJECT_ID \
  --cluster_name asia-gke-cluster \
  --cluster_location $ZONE3 \
  --enable_all \
  --ca mesh_ca

There is an optional flag - -fleet_id. Fleets (formerly known as environs) are a Google Cloud concept for logically organizing clusters and other resources, letting you use and manage multi-cluster capabilities and apply consistent policies across your systems. In our case since all the clusters are in same project we do not need to specify the fleet-id.

When the installation is finished, check that the control plane pods are running.

The revision label comes afterrev= , create environment variable for rev label value.

kubectl -n istio-system get pods -l app=istiod --show-labelsREV=[rev-label]

Enable sidecar injection for all the clusters by changing kubectl context using kubectx command.

kubectx gke_${PROJECT_ID}_${ZONE1}_us-gke-clusterkubectl label namespace default istio.io/rev=${REV} istio-injection- --overwritekubectx gke_${PROJECT_ID}_${ZONE2}_eu-gke-clusterkubectl label namespace default istio.io/rev=${REV} istio-injection- --overwritekubectx gke_${PROJECT_ID}_${ZONE3}_asia-gke-clusterkubectl label namespace default istio.io/rev=${REV} istio-injection- --overwrite

You can safely ignore the “not found” errors.

Deploy the application to the clusters.

kubectx gke_${PROJECT_ID}_${ZONE1}_us-gke-cluster
kubectl apply -f ./release/kubernetes-manifests.yamlkubectx gke_${PROJECT_ID}_${ZONE2}_eu-gke-cluster
kubectl apply -f ./release/kubernetes-manifests.yamlkubectx gke_${PROJECT_ID}_${ZONE3}_asia-gke-cluster
kubectl apply -f ./release/kubernetes-manifests.yaml

Wait for the pods to be ready and check there would be two containers in every pod.

kubectx gke_${PROJECT_ID}_${ZONE1}_us-gke-cluster
kubectl get pods

Evaluate service performance using the Anthos Service Mesh dashboard

  1. In the Console, go to Navigation menu > Anthos > Dashboard.
  2. Click Service Mesh.

3. You should be able to view service wise dashboard and get a Topology Metrics.

You can explore the dashboard with different services.

4. Use the Topology view to better visualize your mesh

Coming up..

In this blog we discussed Anthos Service Mesh. In upcoming blogs we will continue the Samajik’s journey with other Anthos features.

Contributors:

Shijimol A K
,
Pushkar Kothavade
,
Dhandus

Google Cloud Platform
Anthos Service Mesh
Anthos
Istio
Kubernetes

--

--

Anchit Nishant
Google Cloud - Community

Written by Anchit Nishant

65 Followers
Writer for

Customer Engineer at Google Cloud

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams