Welcome to the Anypoint Service Mesh Azure tutorial. In this tutorial, we will walk you through the process of installing Anypoint Service Mesh on Azure. You will deploy a demo application and secure using Anypoint Service Mesh. To log issues, click here to go to the Github repository issue submission form. In order to successfully install Anypoint Service Mesh on Azure, you will need to create an Azure Cloud Platform account and also have an Anypoint Platform Account. Click the button below to sign up for an Anypoint Platform account or log into your existing account.
Already have an account? Sign in.
From any browser, go to the URL to access Azure Portal, and under Azure services, select Virtual networks.
Click on + Add at the left top corner or Create virtual network if there isn’t any already.
Next, create a new Resource Group.
Select Resource Group. Enter a unique Name for instance and select Region for Virtual Network creation
Select and remove the default subnet. Add a new subnet with more available IP addresses.
The lower the subnet number is like /16, the more IP addresses are available.
Click Next to Review + create. Ensure the validation passed & click on Create.
Back to the Azure Portal home page. Select Kubernetes services
Click on + Add at the left top corner of Kubernetes services, or Create Kubernetes service if there isn’t any already. Select Resource group, enter a unique Kubernetes cluster name, select Region, and click on Change size for Node size.
Select B4ms, per documentation
Keep everything default till the Networking step. Switch Network configuration from Basic to Advanced. Select the Virtual network created in STEP 1. Enter Kubernetes service address range and Kubernetes DNS service IP address allowed in the selected Virtual network.
At the Tags step at some tags that help identify the resources you’re creating, like owner -> Email.
Move on to the last step, Review + create. Ensure the validation passed & click on Create. Then wait until the deployment is complete.
From the Kubernetes Services page, launch the az command line from the newly created AKS cluster using either Bash or Powershell. Make sure your account’s initialized successfully from the Cloud Shell.
Open Terminal window. If you don’t already have the Azure CLI installed following the Install Azure CLI to first install Azure CLI. Next running the following command to verify that you cluster is running.
kubectl get namespaces
To install Istio we will be using the Istio CLI. For completed instructions Istio Docs. Use the following command to download Istio CLI into your directory of choice and supported by Anypoint Service Mesh (1.6.x or 1.7.x at this time).
curl -L https://istio.io/downloadIstio | ISTIO_VERSION= sh -
Change into newly downloaded directory (the Istio version downloaded and to be installed)
cd istio-x.x.x/
Add current directory directly to path
export PATH=$PWD/bin:$PATH
To install Istio we will be using the Istio CLI. From the istio directory run the following command. At the prompt Proceed? (Y/N) enter Y.
istioctl install
Verify that Istio has been installed. You should now see the istio-system namespace
kubectl get namespaces
For our demo application will be using Northern Trail Outfitters shopping cart application. This web based UI will call several services to complete the order. Clone the demo application git repository onto your local machine.
git clone https://github.com/mulesoft-consulting/ServiceMeshDemo -b 1PlatformDemo
Change to the ServiceMeshDemo directory and list out the contents to verify that the repository has been created correctly.
We will now deploy the demo application to your kubernetes cluster. The deployment script takes the namespace as a parameter. We will be using nto-payment for namespace
./deployAll.sh nto-payment
You can monitor the deployment with the following commands
kubectl get pods -n nto-payment
kubectl get services -n nto-payment
Once all services are running you can test out the application. To access the application open you browser and go to the following URL
http://EXTERNAL-IP:3000
To test out the application follow these steps:
For complete instructions and documentation please visit the MuleSoft Docs
First lets enable API Analytics by setting the disableMixerHttpReports flag to false:
Download the latest Anypoint Service Mesh CLI and make it executable
Now we are ready to install Anypoint Service Mesh. To do this we will call asmctl install. This command requires 3 parameters:
If you are not familiar with how to get environment Client Id and Secret, navigate to API Manager and click on the Environment Information button.
Verify that Anypoint Service Mesh has been installed correctly with the following command
kubectl get pods -n service-mesh
Next, we want to deploy the Anypoint Service Mesh adapter in each namespace that we want to monitor APIs. For this example, we will just be doing the nto-payment namespace that contains the demo application. To deploy the ASM Adapter we will be using a Kubernetes custom resource definition (CRD). In the ServiceMeshDemo repository, we have created the file nto-payment-asm-adapter.yaml that we can modify.
Replace CLIENT ID and CLIENT SECRET with values for your environment. Save the file and run the following command
kubectl apply -f nto-payment-asm-adapter.yaml
Use the following command to monitor the progress. Wait for the status to change to Ready.
asmctl adapter list
After you provision the adapter, you must set the istio-injection=enabled label on the namespace by running the following command
kubectl label ns nto-payment istio-injection=enabled
Deploy all the existing applications in the namespace.
kubectl get deployments -n nto-payment
kubectl get pods -n nto-payment
Verify the Envoy sidecar is injected within each pod in the Kubernetes Cluster by running the following command
asmctl management check sidecar --namespace=nto-payment
We will now use Anypoint Service Mesh auto-discovery to create API’s in Anypoint Platform. We will create API’s for Customer, Inventory, Order, and Payments services that are used by the demo application. Before creating the APIs, ensure the Anypoint Platform user has API Manager Environment Administrator permission, in addition, to Manage APIs Configuration. This can be done by your organization admin in *Access Management.
Modify the Kubernetes custom resource definition (CRD) file demo-apis.yaml. For each API, replace environmentId, clientId, and clientSecret with the values for your environment. You’ll need to Configure Connected Apps to get the client credentials into your CRD file. NOTE: If you run this multiple times you might need to change the version number in demo-apis.yaml, since Anypoint Platform will keep it around for 7 days.
kubectl apply -f demo-apis.yaml
Use the following command to monitor the progress. Wait for the status to change to Ready.
asmctl api list
You can also verify that the API’s have been created in Anypoint Platform. Go to Anypoint Platform and navigate to API Manager.
The last step is to bind the Kubernetes Services with the Anypoint Platform API’s. To do this you will use the binding definition file demo-bind-apis.yaml. Execute the following command.
kubectl apply -f demo-bind-apis.yaml
Use the following command to monitor the progress. Wait for status to change to Ready
asmctl api binding list
If you go to API Management in Anypoint Platform and refresh the page you will see that the API’s are now Active. You have completed the installation of Anypoint Service Mesh. If you would like to continue to learn about applying some policies against the Kubernetes services, visit this GitHub file.
Start your 30-day free trial of the #1 platform for integration, APIs, and automation. No credit card required. No software to install.
Questions? Ask an expert.