EKS Charts
Add the EKS repository to Helm:
helm repo add eks https://aws.github.io/eks-chartsApp Mesh
Create the appmesh-system namespace:
kubectl create ns appmesh-systemApply the App Mesh CRDs:
kubectl apply -f https://raw.githubusercontent.com/aws/eks-charts/master/stable/appmesh-controller/crds/crds.yamlInstall the App Mesh CRD controller:
helm upgrade -i appmesh-controller eks/appmesh-controller \
--namespace appmesh-systemInstall the App Mesh admission controller:
helm upgrade -i appmesh-inject eks/appmesh-inject \
--namespace appmesh-system \
--set mesh.create=true \
--set mesh.name=globalIf you've installed the App Mesh controllers with scripts, you can switch to Helm by removing the controllers with:
# remove injector objects
kubectl delete ns appmesh-inject
kubectl delete ClusterRoleBinding aws-app-mesh-inject-binding
kubectl delete ClusterRole aws-app-mesh-inject-cr
kubectl delete MutatingWebhookConfiguration aws-app-mesh-inject
# remove controller objects
kubectl delete ns appmesh-system
kubectl delete ClusterRoleBinding app-mesh-controller-binding
kubectl delete ClusterRole app-mesh-controllerNote that you shouldn't delete the App Mesh CRDs or the App Mesh custom resources (virtual nodes or services) in your cluster. Once you've removed the App Mesh controller and injector objects, you can proceed with the Helm installation as described above.
App Mesh add-ons
Prometheus monitoring
Install App Mesh Prometheus:
helm upgrade -i appmesh-prometheus eks/appmesh-prometheus \
--namespace appmesh-systemAccess Prometheus UI on localhost:9090 with:
kubectl -n appmesh-system port-forward svc/appmesh-prometheus 9090:9090To retain the monitoring data between chart upgrades or node restarts, you can create a PersistentVolumeClaim:
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prometheus
namespace: appmesh-system
labels:
app.kubernetes.io/name: appmesh-prometheus
spec:
storageClassName: gp2
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
EOFInstall Prometheus with persistent storage:
helm upgrade -i appmesh-prometheus eks/appmesh-prometheus \
--namespace appmesh-system \
--set retention=12h \
--set persistentVolumeClaim.claimName=prometheusGrafana
Install App Mesh Grafana:
helm upgrade -i appmesh-prometheus eks/appmesh-grafana \
--namespace appmesh-systemGrafana uses Prometheus as data source and comes with dashboards for monitoring the App Mesh control plane, Envoy data plane and Flagger canary releases.
Access Grafana on localhost:3000 with:
kubectl -n appmesh-system port-forward svc/appmesh-grafana 3000:3000AWS X-Ray
Enable X-Ray tracing for the App Mesh data plane:
helm upgrade -i appmesh-inject eks/appmesh-inject \
--namespace appmesh-system \
--set tracing.enabled=true \
--set tracing.provider=x-rayThe above configuration will inject the AWS X-Ray daemon sidecar in each pod scheduled to run on the mesh. Note that you should restart all pods running inside the mesh after enabling tracing.
Jaeger tracing
Install App Mesh Jaeger:
helm upgrade -i appmesh-jaeger eks/appmesh-jaeger \
--namespace appmesh-systemFor Jaeger persistent storage you can create a PersistentVolumeClaim
and use --set persistentVolumeClaim.claimName=<PVC-CLAIM-NAME>.
Access Jaeger UI on localhost:16686 with:
kubectl -n appmesh-system port-forward svc/appmesh-jaeger 16686:16686Enable Jaeger tracing for the App Mesh data plane:
helm upgrade -i appmesh-inject eks/appmesh-inject \
--namespace appmesh-system \
--set tracing.enabled=true \
--set tracing.provider=jaeger \
--set tracing.address=appmesh-jaeger.appmesh-system \
--set tracing.port=9411Note that you should restart all pods running inside the mesh after enabling tracing.
Datadog tracing
Install the Datadog agent in the appmesh-system namespace and enable tracing for the App Mesh data plane:
helm upgrade -i appmesh-inject eks/appmesh-inject \
--namespace appmesh-system \
--set tracing.enabled=true \
--set tracing.provider=datadog \
--set tracing.address=datadog.appmesh-system \
--set tracing.port=8126Note that you should restart all pods running inside the mesh after enabling tracing.
License
This project is licensed under the Apache-2.0 License.