独家优惠奖金 100% 高达 1 BTC + 180 免费旋转

Multi Cluster Support for Service Mesh with IBM Cloud Private

In this article, the overall deployment topology will have two IBM Cloud Private Clusters with BookInfo deployed across those two clusters, as it is displayed in the following image:

Note: Ensure that each cluster has a unique Pod Classless Inter-domain Routing (CIDR) setting, as the multi-cluster support request pod communicates across different clusters.

In IBM Cloud Private, you can configure CIDR in cluster/config.yaml as follows:

For Cluster 1, I have three nodes.

And Cluster 1 is also running well.

For Cluster 2, I also have three nodes.

Cluster 2 is running as follows:

A Multi Cluster Support for Service Mesh request configures all pod CIDRs in every cluster routable to each other. Here I will show how to enable two IBM Cloud Private Clusters to communicate with each other.

IBM Cloud Private is using Calico Node-to-Node Mesh by default to manage container networks. The BGP Client on each node distributes the IP router information to all nodes.

In order to make sure pods can communicate across different clusters, you need to configure IP routers on all nodes in the cluster. You need to add IP routers in Cluster 2 to Cluster 1, and add IP routers in Cluster 1 to Cluster 2.

You can check how to add IP routers in Cluster 1 to Cluster 2. With Node-to-Node Mesh mode, each node will have IP routers connecting to peer nodes in the cluster.

First, get all of the ip routeon nodes in Cluster 1 with command ip route | grep bird . See the following example:

You can see there are three IP routers total for those three nodes in Cluster 1.

Then, add those three IP routers to all nodes in Cluster 2 by the command as follows.

You can use same steps to add all IP routers in Cluster 2 to Cluster 1, as well. After the configuration finished, you will see that the pods in those two different clusters can communication with each other.

You can verify it by pinging pod IP in Cluster 2 from Cluster 1.

The following is a pod from Cluster 2 with pod IP as 20.1.47.150.

In one of Cluster 1 node, ping this pod IP; it should succeed.

The above configuration actually configured full IP route mesh across all nodes in the two IBM Cloud Private Clusters, which enabled Pod communication cross clusters.

In the following section, I will treat Cluster 1 as Istio Local Control Panel Cluster and Cluster 2 as the Isito Remote Control Panel Cluster.

For this demo, I am using istio-demo.yaml to deploy Istio Local Control Panel.

And after Istio Local Control Panel deployed, you can check its status as follows with `kubectl`, and you can also check it from IBM Cloud Private dashboard.

You can also check Istio Remote Control Panel as follows. From the output, you can see that the Istio Remote Control Panel is actually connecting back to the Istio Local Control Panel with Pilot, Policy and StatsdPod IP.

Test BookInfo Cross IBM Cloud Private Clusters

Now you can test how to do traffic control between those two IBM Cloud Private Clusters with BookInfo.

The demo case will deploy reviews-v3in Istio Remote Control Panel and others in Istio Local Control Panel. The following diagram is the deployment topology for BookInfo.

Create the gateway and virtual services for BookInfo.

Apply the route rules of route-rule-all-v1.yaml, and this can make sure all requests to productpage will direct to reviews-v1.

You want to deploy reviews-v3 in Istio Remote Control Panel Cluster, so here you need to delete the deployment of reviews-v3, and re-deploy it in Istio Remote Control Panel Cluster.

After you deleted reviews-v3, you can see you only have reviews-v1and reviews-v2 in Istio Local Control Panel Cluster.

Now you can access the BookInfo dashboard. You will see you can only access reviews-v1 since you have defined virtual services, which will direct all request to reviews-v1.

Deploy the reviews-v3.yaml in Istio Remote Control Panel as follows:

Now you will see red stars, which means your request have been directed to reviews-v3 in Cluster 2, the Istio Remote Control Panel Cluster.

You can try more route rules for Bookinfo at samples/bookinfo/routing.

After the load balancer service was created, you can see I created some new LoadBalancer services, such as istio-pilot-ilb, istio-policy-ilb, istio-statsd-prom-bridge-ilb etc…

After re-deploy in my remote IBM Cloud Private Cluster, you can see all of the epare using new loadbalancer IP.

After this finishes, you can restart your Istio local control panel. After the Istio local control panel restarts, you can still access the reviews-v3 in remote cluster without re-deploying the remote cluster.

As you can see, multi cluster support for service mesh is still alpha feature and there are still two major works to complete to improve quality and usability:

1) Enable ILB support, as I mentioned previously.

Meanwhile, IBM Cloud Private will keep integrating with Istio so users can use Istio for service mesh with ease!

Add a comment

What is your view?

Send

Related posts:

How to Split Firewood with Ease

Splitting firewood is a joy for some and a chore for others. Whatever it is to you, it shouldn’t be a struggle. With the right technique and approach, you’ll be able to deal with even the biggest…

Lying gun society

Gun society in the U.S. won’t be changed much for a while.. “Lying gun society” is published by tetsuyanh.

Brand your Voice and Generate Leads with the Best Digital Marketing Solution

Cipher Solutions is a digital marketing service in Saudi Arabia. We try to make utilizing the internet for you as quick and straightforward as we can. You can focus on your primary line of business…