# App Meshåœ¨EKSä¸Šçš„å¯è§‚æµ‹æ€§: X-Ray

æ³¨æ„ï¼šåœ¨å¼€å§‹æœ¬éƒ¨åˆ†ä¹‹å‰ï¼Œè¯·ç¡®ä¿å·²å®Œæˆå¸¦æœ‰EKSçš„App Meshçš„[çŽ¯å¢ƒæå»º](base.md)ã€‚ æ¢å¥è¯è¯´ï¼Œä»¥ä¸‹å‡è®¾å·²é…ç½®äº†App Meshçš„EKSç¾¤é›†å¯ç”¨ï¼Œå¹¶ä¸”æ»¡è¶³å…ˆå†³æ¡ä»¶ï¼ˆawsï¼Œkubectlï¼Œjqç‰ï¼‰ã€‚

é¦–å…ˆï¼Œå°†IAMç–ç•¥`arn:aws-cn:iam::aws:policy/AWSXRayDaemonWriteAccess`é™„åŠ åˆ°æ‚¨çš„EKSé›†ç¾¤çš„EC2 auto-scaling groupç»„ä¸ã€‚
è¦åœ¨äºšé©¬é€Šäº‘ç§‘æŠ€ä¸å›½åŒºåŸŸè¦é€šè¿‡å‘½ä»¤è¡Œé™„åŠ IAMç–ç•¥ï¼Œè¯·ä½¿ç”¨ï¼š
```
$ INSTANCE_PROFILE_PREFIX=$(aws cloudformation describe-stacks | jq -r '.Stacks[].StackName' | grep eksctl-appmeshtest-nodegroup-ng)
$ INSTANCE_PROFILE_NAME=$(aws iam list-instance-profiles | jq -r '.InstanceProfiles[].InstanceProfileName' | grep $INSTANCE_PROFILE_PREFIX)
$ ROLE_NAME=$(aws iam get-instance-profile --instance-profile-name $INSTANCE_PROFILE_NAME | jq -r '.InstanceProfile.Roles[] | .RoleName')
$ aws iam attach-role-policy \
      --role-name $ROLE_NAME \
      --policy arn:aws-cn:iam::aws:policy/AWSXRayDaemonWriteAccess
```

å¦‚æžœæ˜¯AWSå…¶ä»–åŒºåŸŸï¼š
```
$ INSTANCE_PROFILE_PREFIX=$(aws cloudformation describe-stacks | jq -r '.Stacks[].StackName' | grep eksctl-appmeshtest-nodegroup-ng)
$ INSTANCE_PROFILE_NAME=$(aws iam list-instance-profiles | jq -r '.InstanceProfiles[].InstanceProfileName' | grep $INSTANCE_PROFILE_PREFIX)
$ ROLE_NAME=$(aws iam get-instance-profile --instance-profile-name $INSTANCE_PROFILE_NAME | jq -r '.InstanceProfile.Roles[] | .RoleName')
$ aws iam attach-role-policy \
      --role-name $ROLE_NAME \
      --policy arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess
```

å¯ç”¨App Meshæ•°æ®å¹³é¢çš„X-Ray tracing

```sh
helm upgrade -i appmesh-controller eks/appmesh-controller \
    --namespace appmesh-system \
    --set region=$AWS_DEFAULT_REGION \
    --set serviceAccount.create=false \
    --set serviceAccount.name=appmesh-controller \
    --set image.repository=961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/appmesh-controller \
    --set init.image.repository=919830735681.dkr.ecr.cn-northwest-1.amazonaws.com.cn/aws-appmesh-proxy-route-manager \
    --set init.iamge.tag=v4-prod \
    --set sidecar.image.repository=919830735681.dkr.ecr.cn-northwest-1.amazonaws.com.cn/aws-appmesh-envoy \
    --set sidecar.image.tag=v1.20.0.0-prod \
    --set tracing.enabled=true \
    --set tracing.provider=x-ray
```

X-Rayå®ˆæŠ¤ç¨‹åºç”±[App Mesh Controller](https://github.com/aws/aws-app-mesh-controller-for-k8s) è‡ªåŠ¨æ³¨å…¥åˆ°æ‚¨çš„åº”ç”¨å®¹å™¨ä¸ã€‚ä½¿ç”¨ä»¥ä¸‹å‘½ä»¤è¿›è¡ŒéªŒè¯ï¼š

```
$ kubectl -n appmesh-demo \
          get pods
NAME                                 READY   STATUS    RESTARTS   AGE
colorgateway-69cd4fc669-p6qhn        3/3     Running   0          11m
colorteller-845959f54-4cj5v          3/3     Running   0          11m
colorteller-black-6cc98458db-pqbv6   3/3     Running   0          11m
colorteller-blue-88bcffddb-6bmlt     3/3     Running   0          11m
colorteller-red-6f55b447db-2ht5k     3/3     Running   0          11m
```

æ‚¨åœ¨`READY` åˆ—ä¸çœ‹åˆ°`3`äº†å—ï¼Ÿè¿™æ„å‘³ç€æ¯ä¸ªåŠèˆ±ä¸è¿è¡Œç€ä¸‰ä¸ªå®¹å™¨ï¼šåº”ç”¨ç¨‹åºå®¹å™¨æœ¬èº«ï¼Œä½œä¸ºApp Meshæ•°æ®å¹³é¢ä¸€éƒ¨åˆ†çš„Envoyï¼Œä»¥åŠå°†è·Ÿè¸ªä¿¡æ¯æä¾›ç»™X-RayæœåŠ¡çš„X-Rayä»£ç†ã€‚

æˆ‘ä»¬çŽ°åœ¨å¯ä»¥çœ‹åˆ°æ•´ä¸ª[service map](https://docs.aws.amazon.com/xray/latest/devguide/xray-console.html#xray-console-servicemap)å‘ˆçŽ°äº†æœåŠ¡çš„è°ƒç”¨çº¿è·¯ï¼š

![X-Ray console: service map view](xray-service-map.png)

æˆ‘ä»¬å¯ä»¥çœ‹åˆ°[è·Ÿè¸ª](https://docs.aws.amazon.com/xray/latest/devguide/xray-concepts.html#xray-concepts-traces)ï¼Œè¿™ä»£è¡¨äº†æ²¿ç€è¯·æ±‚è·¯å¾„çš„æœåŠ¡è°ƒç”¨ï¼š

![X-Ray console: traces overview](xray-traces-0.png)

è·Ÿè¸ªçš„è¯¦ç»†è§†å›¾ï¼š

![X-Ray console: traces detailed view](xray-traces-1.png)