Welcome to the Anypoint Service Mesh AWS tutorial. In this tutorial, we will walk you through the process of installing Anypoint Service Mesh on AWS. You will deploy a demo application and secure using Anypoint Service Mesh. To log issues, click here to go to the Github repository issue submission form. In order to successfully install Anypoint Service Mesh on AWS, you will need to create an AWS Cloud Platform account and also have an Anypoint Platform Account. Click the button below to sign up for an Anypoint Platform account or log into your existing account.
Already have an account? Sign in.
Amazon EKS uses IAM to provide authentication to your Kubernetes cluster through the AWS IAM Authenticator for Kubernetes. You can configure the stock kubectl client to work with Amazon EKS by installing the AWS IAM Authenticator for Kubernetes and modifying your kubectl configuration file to use it for authentication. The next steps will take you through the process.
Follow the steps in this document.
Follow the steps in this document.
Configure Kubectl to be able to connect to your AWS EKS Cluster.
Follow the following guide to get eksctl installed.
From any browser, navigate to the AWS Cloud Console and select the Elastic Kubernetes Service.
Next, click on Create Cluster and enter a name for the cluster and select the appropriate Cluster Service Role.
Click Create. Wait for the cluster to be created.
Click on the compute tab in your newly created EKS Cluster. Select Add Node Group
Complete the Name field, and select the appropriate Node IAM Role for your node group.
Next, select your SSH key pair and click Next.
Expand the Instance type and select m5.xlarge, then click Next.
Scroll to the bottom and click Create and wait for the Node Group to be created.
Open up a terminal and type aws configure. Complete the AWS Access Key ID and the AWS Secret Access Key. Make sure you specify the correct default region name and leave the default output format to None.
Make sure you are setting the correct context and update your AWS kube config.
Next running the following command to verify that your cluster is running.
To install Istio we will be using the Istio CLI. For completed instructions Istio Docs. Use the following command to download Istio CLI into your directory of choice. In this example I am using directory /Users/dennis.foley/ASM
Change into newly downloaded directory then add the current directory to your path variables.
To install Istio we will be using the Istio CLI. From the istio directory run the following command. At the prompt Proceed? (y/N) enter y
Verify that Istio has been installed. You should now see the istio-system namespace.
For our demo application will be using the Mythical Retail shopping cart application. This web-based UI will call several services to complete the order. First, clone the demo application git repository onto your local machine.
Change to the ServiceMeshDemo directory and list out the contents to verify that the repository has been created correctly.
We will now deploy the demo application to your kubernetes cluster. The deployment script takes the namespace as a parameter. We will be using mythical-payment for namespace
You can monitory the deployment with the following commands
Once all services are running you can test out the application. To access the application open you browser and go to the following URL
To test out the application follow these steps: Select Item to purchase, Click Add to Cart, Click Checkout, Leave default email and click CONTINUE, Click AUTHORIZE PAYMENT, Last click PLACE ORDER
First download the lastest Anypoint Service Mesh CLI and make it executable.
Now we are ready to install Anypoint Service Mesh. To do this we will call asmctl install. This command requires 3 parameters
If you are not familiar with how to get environment Client Id and Secret, navigate to API Manager and click on the Environment Information button.
Verify that Anypoint Service Mesh has been installed correctly with the following command.
Next we want to deploy the Anypoint Service Mesh adapter in each namespace that we want to monitor API’s. For this example, we will just be doing the nto-payment namespace that contains the demo application. To deploy the ASM Adapter we will be using a Kubernetes custom resource definition (CRD). In the ServiceMeshDemo repository, we have to create the file nto-payment-asm-adapter.yaml that can be modified.
Replace CLIENT ID and CLIENT SECRET with values for your environment. Save file and run the following command
Use the following command to monitor the progress. Wait for status to change to Ready.
We will now use Anypoint Service Mesh auto-discovery to create API’s in Anypoint Platform. We will create API’s for Customer, Inventory, Order and Payments services that are used by the demo application. Before creating the APIs, ensure the Anypoint Platform user has API Manager Environment Administrator permission, in addition, to Manage APIs Configuration. This can be done by your organization admin in *Access Management.
Modify the Kubernetes custom resource definition (CRD) file demo-apis.yaml. For each API, replace ENV ID, USER, and PASSWORD with the values for your environment. If you are unsure how to get the environment I’d check out this article. NOTE: If you run this multiple times you might need to change the version number since Anypoint Platform will keep it around for 7 days. Save the file and run the following command
You can also verify that the API’s have been created in Anypoint Platform. Go to Anypoint Platform and navigate to API Manager
The last step is to bind the Kubernetes Services with the Anypoint Platform API’s. To do this you will use the binding definition file demo-bind-apis.yaml. Execute the following command
Use the following command to monitor the progress. Wait for status to change to Ready
If you go may to API Management in Anypoint Platform and refresh the page you will see that the API’s are now Active. You have completed the installation of Anypoint Service Mesh. To view some more examples of how to apply API Management Polices, you can view this AWS guide on the MuleSoft GitHub by clicking here.
CONGRATULATIONS!!! You have completed installing Anypoint Service Mesh, applying policies to kubernetes services, reporting and monitoring the analytics of these non-Mule services via Anypoint Platform.