Skip to content

Using App Mesh

Install App Mesh

Check Installation Instructions

curl -L -o pre_upgrade_check.sh https://raw.githubusercontent.com/aws/eks-charts/master/stable/appmesh-controller/upgrade/pre_upgrade_check.sh
sh ./pre_upgrade_check.sh

Install the CRD

kubectl apply -k "https://github.com/aws/eks-charts/stable/appmesh-controller/crds?ref=master"

Create the Namespace

kubectl create ns appmesh-system

Create the Service Account

CLUSTER_NAME="<cluster name>"
ROLE_NAME="<role name>"
PROJECT_NAME="<project name>"
REGION="<region code>"

eksctl create iamserviceaccount \
    --cluster $CLUSTER_NAME \
    --namespace appmesh-system \
    --name appmesh-controller \
    --attach-policy-arn arn:aws:iam::aws:policy/AWSCloudMapFullAccess,arn:aws:iam::aws:policy/AWSAppMeshFullAccess \
    --role-name $ROLE_NAME \
    --tags project=$PROJECT_NAME \
    --region $REGION \
    --override-existing-serviceaccounts \
    --approve

$CLUSTER_NAME="<cluster name>"
$ROLE_NAME="<role name>"
$PROJECT_NAME="<project name>"
$REGION="<region code>"

eksctl create iamserviceaccount `
    --cluster $CLUSTER_NAME `
    --namespace appmesh-system `
    --name appmesh-controller `
    --attach-policy-arn arn:aws:iam::aws:policy/AWSCloudMapFullAccess,arn:aws:iam::aws:policy/AWSAppMeshFullAccess `
    --role-name $ROLE_NAME `
    --tags project=$PROJECT_NAME `
    --region $REGION `
    --override-existing-serviceaccounts `
    --approve

Deploy using helm

REGION="<region code>"

helm repo add eks https://aws.github.io/eks-charts
helm upgrade -i appmesh-controller eks/appmesh-controller \
    --namespace appmesh-system \
    --set region=$REGION \
    --set serviceAccount.create=false \
    --set serviceAccount.name=appmesh-controller

REGION="<region code>"

helm repo add eks https://aws.github.io/eks-charts
helm upgrade -i appmesh-controller eks/appmesh-controller \
    --namespace appmesh-system \
    --set region=$REGION \
    --set serviceAccount.create=false \
    --set serviceAccount.name=appmesh-controller \
    --set image.tag=v1.11.0-linux_arm64

Note

Do you want to tracing, use these options.

--set tracing.enabled=true \
--set tracing.provider=x-ray

$REGION="<region code>"

helm repo add eks https://aws.github.io/eks-charts
helm upgrade -i appmesh-controller eks/appmesh-controller `
    --namespace appmesh-system `
    --set region=$REGION `
    --set serviceAccount.create=false `
    --set serviceAccount.name=appmesh-controller

$REGION="<region code>"

helm repo add eks https://aws.github.io/eks-charts
helm upgrade -i appmesh-controller eks/appmesh-controller `
    --namespace appmesh-system `
    --set region=$REGION `
    --set serviceAccount.create=false `
    --set serviceAccount.name=appmesh-controller `
    --set image.tag=v1.11.0-linux_arm64

Note

Do you want to tracing, use these options.

--set tracing.enabled=true `
--set tracing.provider=x-ray

AWS Documentation

Deploy App Mesh Resources

App Mesh Namespace

Namespace manifest resource

namespace.yaml
1
2
3
4
5
6
7
apiVersion: v1
kind: Namespace
metadata:
  name: my-apps
  labels:
    mesh: my-mesh
    appmesh.k8s.aws/sidecarInjectorWebhook: enabled

Deploy namespace resource

kubectl apply -f namespace.yaml

App Mesh service mesh

Mesh manifest

mesh.yaml
1
2
3
4
5
6
7
8
apiVersion: appmesh.k8s.aws/v1beta2
kind: Mesh
metadata:
  name: my-mesh
spec:
  namespaceSelector:
    matchLabels:
      mesh: my-mesh

Deploy mesh resource

kubectl apply -f mesh.yaml

Show kubernetes mesh resource

kubectl describe mesh my-mesh

Show service mesh

aws appmesh describe-mesh --mesh-name my-mesh --region region-code

App Mesh virtual node

Virtual node manifest

virtual-node.yaml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
apiVersion: appmesh.k8s.aws/v1beta2
kind: VirtualNode
metadata:
  name: my-service-a
  namespace: my-apps
spec:
  podSelector:
    matchLabels:
      app: my-app-1
  listeners:
    - portMapping:
        port: 80
        protocol: http
  serviceDiscovery:
    dns:
      hostname: my-service-a.my-apps.svc.cluster.local

See spec

aws appmesh create-virtual-node --generate-cli-skeleton yaml-input

Deploy virtual node resource

kubectl apply -f virtual-node.yaml

Show kubernetes virtual node resource

kubectl describe virtualnode my-service-a -n my-apps

Show virtual node

aws appmesh describe-virtual-node --mesh-name my-mesh --virtual-node-name my-service-a_my-apps

App Mesh virtual router

Virtual router manifest

virtual-router.yaml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
apiVersion: appmesh.k8s.aws/v1beta2
kind: VirtualRouter
metadata:
  namespace: my-apps
  name: my-service-a-virtual-router
spec:
  listeners:
    - portMapping:
        port: 80
        protocol: http
  routes:
    - name: my-service-a-route
      httpRoute:
        match:
          prefix: /
        action:
          weightedTargets:
            - virtualNodeRef:
                name: my-service-a
              weight: 1

See virtual router spec

aws appmesh create-virtual-router --generate-cli-skeleton yaml-input

See router spec

aws appmesh create-route --generate-cli-skeleton yaml-input

Deploy virtual router resource

kubectl apply -f virtual-router.yaml

Show kubernetes virtual router resource

kubectl describe virtualrouter my-service-a-virtual-router -n my-apps

Show virtual router

aws appmesh describe-virtual-router --virtual-router-name my-service-a-virtual-router_my-apps --mesh-name my-mesh

Show router

aws appmesh describe-route \
    --route-name my-service-a-route \
    --virtual-router-name my-service-a-virtual-router_my-apps \
    --mesh-name my-mesh

App Mesh virtual service

Virtual router manifest

virtual-service.yaml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
apiVersion: appmesh.k8s.aws/v1beta2
kind: VirtualService
metadata:
  name: my-service-a
  namespace: my-apps
spec:
  awsName: my-service-a.my-apps.svc.cluster.local
  provider:
    virtualRouter:
      virtualRouterRef:
        name: my-service-a-virtual-router

See virtual service spec

aws appmesh create-virtual-service --generate-cli-skeleton yaml-input

Depyloy virtual service resource

kubectl apply -f virtual-service.yaml

Show kubernetes virtual service resource

kubectl describe virtualservice my-service-a -n my-apps