Getting started with the Free Tier

This Getting Started guide helps you access and install the free version of Service Mesh Manager. If you are a paying customer, see Installation for installation options.

To get started with Service Mesh Manager, you will install Service Mesh Manager and a demo application on a single cluster. After that, you can attach other clusters to the mesh and redeploy the demo application to run on multiple clusters.

Free tier limitations

  • The free tier of Service Mesh Manager allows you to use Service Mesh Manager on maximum of two Kubernetes clusters where the total number of worker nodes in your clusters is 10. For details, see Licensing options.
  • SMM Operator helm charts is not supported.

To buy an enterprise license, contact your Cisco sales representative, or directly Cisco Emerging Technologies and Incubation.

Prerequisites

You need a Kubernetes cluster to run Service Mesh Manager. If you don’t already have a Kubernetes cluster to work with, then:

  1. Create a cluster that meets the following resource requirements with your favorite provider.

    CAUTION:

    Supported providers and Kubernetes versions

    The cluster must run a Kubernetes version that Service Mesh Manager supports: Kubernetes 1.21, 1.22, 1.23, 1.24.

    Service Mesh Manager is tested and known to work on the following Kubernetes providers:

    • Amazon Elastic Kubernetes Service (Amazon EKS)
    • Google Kubernetes Engine (GKE)
    • Azure Kubernetes Service (AKS)
    • Red Hat OpenShift 4.11
    • On-premises installation of stock Kubernetes with load balancer support (and optionally PVCs for persistence)

    Calisti resource requirements

    Make sure that your Kubernetes or OpenShift cluster has sufficient resources to install Calisti. The following table shows the number of resources needed on the cluster:

    Resource Required
    CPU - 32 vCPU in total
    - 4 vCPU available for allocation per worker node (If you are testing on a cluster at a cloud provider, use nodes that have at least 4 CPUs, for example, c5.xlarge on AWS.)
    Memory - 64 GiB in total
    - 4 GiB available for allocation per worker node for the Kubernetes cluster (8 GiB in case of the OpenShift cluster)
    Storage 12 GB of ephemeral storage on the Kubernetes worker nodes (for Traces and Metrics)

    These minimum requirements need to be available for allocation within your cluster, in addition to the requirements of any other loads running in your cluster (for example, DaemonSets and Kubernetes node-agents). If Kubernetes cannot allocate sufficient resources to Service Mesh Manager, some pods will remain in Pending state, and Service Mesh Manager will not function properly.

    Enabling additional features, such as High Availability increases this value.

    The default installation, when enough headroom is available in the cluster, should be able to support at least 150 running Pods with the same amount of Services. For setting up Service Mesh Manager for bigger workloads, see scaling Service Mesh Manager.

  2. Set Kubernetes configuration and context.

    The Service Mesh Manager command-line tool uses your current Kubernetes context, as set in the KUBECONFIG environment variable (~/.kube/config by default). Check if the cluster is the same as the one you plan to deploy the Service Mesh Manager. Run the following command:

    kubectl config get-contexts

    If there are multiple contexts in the Kubeconfig file, specify the one you want to use with the use-context parameter, for example:

    kubectl config use-context <context-to-use>

Preparation

To access and install Calisti, complete the following steps.

  1. You’ll need a Cisco Customer account to download Calisti. If you don’t already have one here’s how to sign up:

    1. Visit the Cisco Account registration page and complete the registration form.
    2. Look out for an email from no-reply@mail-id.cisco.com titled Activate Account and click on the Activate Account button to activate your account.

  2. Download the Calisti command-line tools.

    1. Visit the Calisti download center.
    2. If you’re redirected to the home page, check the upper right-hand corner to see if you’re signed in. If you see a login button go ahead and login using your Cisco Customer account credentials. If, instead, you see “welcome, ” then you are already logged in.
    3. Once you have logged in, navigate to the Calisti download center again.
    4. Read and accept the End-User License Agreement (EULA).
    5. Download the Service Mesh Manager command-line tool (CLI) suitable for your system. The CLI supports macOS and Linux (x86_64). On Windows, install the Windows Subsystem for Linux (WSL) and use the Linux binary.
    6. Extract the archive. The archive contains two binaries, smm for Service Mesh Manager, and supertubes for Streaming Data Manager.
    7. Navigate to the directory where you have extracted the CLI.

    Note: For information on how to download the CLI using ORAS, see Download the CLI using ORAS.

  3. The Calisti download page shows your credentials that you can use to access the Service Mesh Manager and Streaming Data Manager docker images.

    Open a terminal and login to the image registries of Calisti by running the following command. The <your-password> and <your-username> parts contain the access credentials to the registries.

    SMM_REGISTRY_PASSWORD=<your-password> ./smm activate \
  --host=registry.eticloud.io \
  --prefix=smm \
  --user='<your-username>'

Install Service Mesh Manager on a single cluster

  1. Run the following command. This will install the main Service Mesh Manager components.

    • On Kubernetes:

      smm install -a

    • On OpenShift (for details, see OpenShift integration):

      smm install -a --platform=openshift

    Note: If you are installing Service Mesh Manager on a managed Kubernetes solution of a public cloud provider (for example, Amazon EKS, AKS, or GKE) or kOps, the cluster name auto-discovered by Service Mesh Manager is incompatible with Kubernetes resource naming restrictions and Istio’s method of identifying clusters in a multicluster mesh.

    In earlier Service Mesh Manager versions, you had to manually use the --cluster-name parameter to set a cluster name that complies with the RFC 1123 DNS subdomain/label format (alphanumeric string without “_” or “.” characters). Starting with Service Mesh Manager version 1.11, non-compliant names are automatically converted using the following rules:

    • Replace ‘_’ characters with ‘-’
    • Replace ‘.’ characters with ‘-’
    • Replace ‘:’ characters with ‘-’
    • Truncate the name to 63 characters

    Calisti supports KUBECONFIG contexts having the following authentication methods:

    • certfile and keyfile
    • certdata and keydata
    • bearer token
    • exec/auth provider

    Username-password pairs are not supported.

    If you are installing Service Mesh Manager in a test environment, you can install it without requiring authentication by running:

    smm install --anonymous-auth -a

    If you experience errors during the installation, try running the installation in verbose mode: smm install -v

  2. Wait until the installation is completed. This can take a few minutes.

  3. (Optional) If you don’t already have Istio workload and traffic on this cluster, install the demo application:

    smm demoapp install

  4. Run the following command to open the dashboard. If you don’t already have Istio workload and traffic, the dashboard will be empty.

    smm dashboard

    The Service Mesh Manager Dashboard for your Istio service mesh

  5. (Optional)

    If you are installing Service Mesh Manager on a managed Kubernetes solution of a public cloud provider (for example, AWS, Azure, or Google Cloud), assign admin roles, so that you can tail the logs of your containers from the Service Mesh Manager UI, use Service Level Objectives and perform various tasks from the CLI that require custom permissions. Run the following command:

    kubectl create clusterrolebinding user-cluster-admin --clusterrole=cluster-admin --user=<gcp/aws/azure username>

    CAUTION:

    Assigning administrator roles might be very dangerous because it gives wide access to your infrastructure. Be careful and do that only when you’re confident in what you’re doing.

  6. At this point, Service Mesh Manager is up and running. On the dashboard select MENU > TOPOLOGY to see how the traffic flows through your mesh, and experiment with any of the available features described in the documentation.

    The Service Mesh Manager demo application topology The Service Mesh Manager demo application topology

  7. To evaluate Streaming Data Manager, see Getting tarted with Streaming Data Manager.

Next steps

To install applications into the Calisti service mesh, see Deploy custom application into the mesh.

Get help

If you run into errors, experience problems, or just have a question or feedback while using the Free Tier of Service Mesh Manager, visit our Application Networking and Observability community site.

Support details for the Pro and Enterprise Tiers are provided in the purchased plan.