Managing Anthos Service Mesh
-
Naming service ports
Name your Kubernetes service ports so that they are included in Anthos Service Mesh.
-
Injecting sidecar proxies
Inject a sidecar proxy into your application's Pods to intercept all inbound and outbound traffic to workloads and communicate with Anthos Service Mesh.
-
Deploying a sample application
Deploy a sample application on a cluster that has Anthos Service Mesh already installed.
-
Using audit logging
View the audit logs created by Anthos Service Mesh as part of Cloud Audit Logs.
-
Controlling access to Anthos Service Mesh in the Google Cloud console
Grant Identity and Access Management roles that users need for access to the Anthos Service Mesh pages in the Google Cloud console.
Security
-
Updating your authorization policies
Update your authorization policies to use
cluster.local
to refer to your local trust domain. -
Updating to the beta security policies
The alpha authentication policy is being deprecated, so you need to update to the beta security policies.
-
Adding Mesh CA to a service perimeter
Add the Anthos Service Mesh certificate authority (Mesh CA) service to an existing service perimeter.
Observability
-
Exploring Anthos Service Mesh in the Google Cloud console
Use the Anthos Service Mesh pages to monitor the overall health of your services or drill down on a specific service to set a service level objective (SLO) or troubleshoot an issue.
-
Designing SLOs
Read this guide before creating an SLO.
-
Creating SLOs
Learn how to create SLOs for your services.
-
Monitoring SLOs
Learn how to monitor your SLOs.
-
Creating an alerting policy for an SLO
Create an alerting policy in Cloud Monitoring for an SLO.
-
Troubleshooting telemetry issues
Follow these steps if you don't see any telemetry data in the Cloud Monitoring and Anthos Service Mesh pages in the Google Cloud console.