Before You Start
Overview
Welcome to use Application Service Mesh (ASM). ASM provides full-lifecycle management and traffic management of cloud-native containerized applications in a non-intrusive manner. Compatible with the Kubernetes and Istio ecosystems, ASM features intelligent, flexible traffic services including full-process automatic management of grayscale releases, graphical application topologies, and visualized traffic management.
This document describes how to use application programming interfaces (APIs) to perform operations on service meshes, such as creating, deleting, and querying service meshes. For details about all supported operations, see API.
If you plan to access ASM through an API, ensure that you are familiar with ASM concepts.
API Calling
ASM provides Representational State Transfer (REST) APIs. You can call these APIs using HTTPS.
For details about API calling, see Calling APIs.
Constraints
To use ASM, make sure you apply for the full permissions of Cloud Container Engine (CCE) as your ASM permissions are related to CCE permissions.
Basic Concepts
- Account
An account is created after successful registration with Huawei Cloud. The account has full access permissions for all of its cloud services and resources. It can be used to reset user passwords and grant user permissions. The account is a payment entity and should not be used directly to perform routine management. For security purposes, create users and grant them permissions for routine management.
- User
A user is created by an account to use cloud services. Each user has its own identity credentials (password or access keys).
A user can view the account ID and user ID on the My Credentials page of the console. The account, username, and password will be required for API authentication.
- Region
Regions are divided based on geographical location and network latency. Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region. Regions are classified into universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides specific services for specific tenants.
- Availability zone
An availability zone (AZ) contains one or more physical data centers. Each AZ has independent cooling, fire extinguishing, moisture-proof, and electricity facilities. Within an AZ, compute, network, storage, and other resources are logically divided into multiple clusters. AZs within a region are interconnected by optical fibers for high-availability networking.
- Project
A Huawei Cloud region corresponds to a project. Default projects are defined to group and physically isolate resources (including compute, storage, and network resources) across regions. You can grant users permissions in a default project to access all resources in the region associated with the project. If you need more refined access control, you can create subprojects under a default project and purchase resources in subprojects. Then you can grant users the permissions required to access only the resources in specific subprojects.
Figure 1 Project isolation model
To view a project ID, go to the My Credentials page.
- Enterprise project
Enterprise projects allow you to group and manage resources across regions. Resources in enterprise projects are logically isolated from each other. An enterprise project can contain resources of multiple regions, and you can easily add resources to or remove resources from enterprise projects.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
