#Installing Alauda Service Mesh

Installing Alauda Service Mesh consists four major parts:

• Installing the Alauda Service Mesh v2 Operator
• Deploying the Istio CNI plugin
• Deploying the Istio control plane
• Customizing Istio configuration

#Deploying Istio with the Alauda Service Mesh v2 Operator

To deploy Istio using Alauda Service Mesh v2 Operator, Istio resource is required to be created. The Operator then creates an IstioRevision resources, representing a distinct revision of the Istio control plane. The Istio control plane is subsequently deployed based on these IstioRevision resources.

If the update strategy of the Istio resource is set to RevisionBased, the Operator may create additional IstioRevision resources to manage control plane upgrades.

#Installing the Alauda Service Mesh v2 Operator

Prerequisites

• The Alauda Service Mesh v2 must be uploaded.
• You are logged in to the Alauda Container Platform web console as cluster-admin.
• The Alauda Container Platform Networking for Multus plugin must be installed.

Procedure

1. In the Alauda Container Platform web console, navigate to Administrator.
2. Select Marketplace > OperatorHub.
3. Search for the Alauda Service Mesh v2.
4. Locate the Alauda Service Mesh v2, and click to select it.
5. Click Install.
6. On the Install Alauda Service Mesh v2 dialogue, perform the following steps:
   1. Select an Channel
      • Choose the stable channel to install the latest stable version of the Alauda Service Mesh v2 Operator. It is the default channel for installing the Operator.
      • To install a specific version of the Alauda Service Mesh v2 Operator, choose the corresponding stable-<version> channel. For example, to install the Alauda Service Mesh v2 Operator version 2.0.x, use the stable-2.0 channel.
7. Click Install and Confirm to install the Operator.

Verification

Verify that the Operator installation status is reported as Succeeded in the Installation Info section.

#Custom Resource Definitions Installed by the Operator

The Operator installs the following categories of Custom Resource Definitions (CRDs):

• Sail Operator CRDs: These CRDs belong to the sailoperator.io API group and define custom resources for managing Istio components, including Istio, IstioRevision, IstioCNI, and ZTunnel. Refer to the Sail Operator API reference for details.

• Istio CRDs: These CRDs manage mesh configuration, service discovery, traffic routing, and observability. They belong to the istio.io API groups such as networking.istio.io, security.istio.io, and telemetry.istio.io. See the Istio documentation for configuration guidance.

#Deploying Istio Components

Both Istio and IstioCNI custom resources must be created to deploy the control plane and the Istio CNI plugin.

It's required to create these Istio and IstioCNI resources in separate namespaces.

#Creating the namespace for Istio

kubectl create namespace istio-system
kubectl label namespace istio-system cpaas.io/project=cpaas-system

#Creating the Istio Resource via Web Console

Create the Istio resource that will contain the YAML configuration for your Istio deployment. The Alauda Service Mesh v2 Operator leverages this resource's configuration to deploy the Istio Control Plane.

Prerequisites

• The Alauda Service Mesh v2 Operator must be installed.
• You are logged in to the Alauda Container Platform web console as cluster-admin.
• The Alauda Container Platform Networking for Multus plugin must be installed.

Procedure

1. In the Alauda Container Platform web console, navigate to Administrator.
2. Select Marketplace > OperatorHub.
3. Search for the Alauda Service Mesh v2.
4. Locate the Alauda Service Mesh v2, and click to select it.
5. Click All Instances tab.
6. Click Create.
7. Locate and Select Istio and then click Create.
8. Select the istio-system from the Namespace drop down.
9. Click Create.

Verification

Wait until the .status.state field of the Istio resource to be Healthy.

#Creating the namespace for IstioCNI

kubectl create namespace istio-cni

#Creating the IstioCNI resource using web console

Create an Istio Container Network Interface (CNI) resource, which contains the configuration file for the Istio CNI plugin. The Alauda Service Mesh v2 Operator uses this resource's configuration to deploy the CNI pod.

Prerequisites

• You are logged in to the Alauda Container Platform web console as cluster-admin.
• The Alauda Service Mesh v2 Operator must be installed.
• The Alauda Container Platform Networking for Multus plugin must be installed.

Procedure

1. In the Alauda Container Platform web console, navigate to Administrator.
2. Select Marketplace > OperatorHub.
3. Search for the Alauda Service Mesh v2.
4. Locate the Alauda Service Mesh v2, and click to select it.
5. Click All Instances tab.
6. Click Create.
7. Locate and Select IstioCNI and then click Create.
8. Select the istio-cni from the Namespace drop down.
9. Click YAML tab.
10. Add the following YAML snippet to the YAML code editor:

    apiVersion: sailoperator.io/v1
    kind: IstioCNI
    spec:
      # Applying the following contents to the yaml code editor:
      values:
        cni:
          cniConfDir: /etc/cni/multus/net.d # /etc/cni/net.d in ACP 4.0
          excludeNamespaces:
            - istio-cni
            - kube-system
11. Click Create.

Verification

Wait until the .status.state field of the IstioCNI resource to be Healthy.

#Customizing Istio configuration

The values field of the Istio custom resource definition, which was created when the control plane was deployed, can be used to customize Istio configuration using Istio's Helm configuration values.

Procedure

1. In the Alauda Container Platform web console, navigate to Administrator.
2. Select Marketplace > OperatorHub.
3. Search for the Alauda Service Mesh v2.
4. Locate the Alauda Service Mesh v2, and click to select it.
5. Click All Instances tab.
6. Click the Istio instance, named default.
7. Click YAML to view the Istio configuration.
8. Click Actions > Update to make modifications to the Istio configuration.

For a complete list of available configuration for the values field, refer to sail-operator's documentation.