karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update istio-on-nonflat-network doc 

Signed-off-by: hejianpeng <hejianpeng2@huawei.com>
This commit is contained in:
hejianpeng 2022-08-01 09:16:12 +08:00
parent 616033fc0e
commit dca4cdc139
1 changed files with 65 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

154
docs/working-with-istio-on-non-flat-network.md
View File

@ -25,6 +25,10 @@ in Quick Start, you can get a Karmada.
## Deploy Istio ## Deploy Istio
***
If you are testing multicluster setup on `kind` you can use [MetalLB](https://metallb.universe.tf/installation/) to make use of `EXTERNAL-IP` for `LoadBalancer` services.
***
### Install istioctl ### Install istioctl
Please refer to the [istioctl](https://istio.io/latest/docs/setup/getting-started/#download) Installation. Please refer to the [istioctl](https://istio.io/latest/docs/setup/getting-started/#download) Installation.
@ -94,74 +98,71 @@ spec:
EOF EOF
``` ```
Override namespace `istio-system` label on `member1`:
```bash
cat <<EOF | kubectl apply -f -
apiVersion: policy.karmada.io/v1alpha1
kind: ClusterOverridePolicy
metadata:
name: istio-system-member1
spec:
resourceSelectors:
- apiVersion: v1
kind: Namespace
name: istio-system
overrideRules:
- targetCluster:
clusterNames:
- member1
overriders:
plaintext:
- path: "/metadata/labels"
operator: add
value:
topology.istio.io/network: network1
EOF
```
Override namespace `istio-system` label on `member2`:
```bash
cat <<EOF | kubectl apply -f -
apiVersion: policy.karmada.io/v1alpha1
kind: ClusterOverridePolicy
metadata:
name: istio-system-member2
spec:
resourceSelectors:
- apiVersion: v1
kind: Namespace
name: istio-system
overrideRules:
- targetCluster:
clusterNames:
- member2
overriders:
plaintext:
- path: "/metadata/labels"
operator: add
value:
topology.istio.io/network: network2
EOF
```
Run the following command to install istio CRDs on karmada apiserver: Run the following command to install istio CRDs on karmada apiserver:
```bash ```bash
istioctl install istioctl manifest generate --set profile=external \
``` --set values.global.configCluster=true \
--set values.global.externalIstiod=false \
Karmada apiserver will not deploy a real istiod pod, you should press `ctrl+c` to exit installation --set values.global.defaultPodDisruptionBudget.enabled=false \
when `Processing resources for Istiod`. --set values.telemetry.enabled=false | kubectl apply -f -
```bash
✔ Istio core installed
- Processing resources for Istiod.
``` ```
### Install Istiod on member1 ### Install Istiod on member1
1. Disable Karmada's auto-sync feature when labeling a namespace, because I need to label the same namespace `istio-system` 1. Install istio control plane
in the different clusters differently.
Export `KUBECONFIG` and switch to `karmada host`:
```bash
export KUBECONFIG=$HOME/.kube/karmada.config
kubectl config use-context karmada-host
```
Edit `karmada-controller-manager`deployment
```bash
kubectl edit deployment karmada-controller-manager -n karmada-system
```
add `--controllers=-namespace,*` in start command
2. Set the network of member1 and member2
switch to `karmada api-server` and list work about namespace `istio-system`:
```bash
kubectl config use-context karmada-apiserver
kubectl get work -A | grep istio-system-
```
the output will looks like as following:
```bash
[root@vm1-su-001 istio-1.12.6]# kubectl get work -A | grep istio-system-
karmada-es-member1 istio-system-f854dc5d9 true 21m
karmada-es-member2 istio-system-f854dc5d9 true 21m
```
label namespace `istio-system` on `member1` by using the output above
```bash
kubectl edit work istio-system-f854dc5d9 -n karmada-es-member1
```
add `topology.istio.io/network: network1` in `.spec.workload.manifests.metadata.labels`
label namespace `istio-system` on `member2` by using the output above
```bash
kubectl edit work istio-system-f854dc5d9 -n karmada-es-member2
```
add `topology.istio.io/network: network2` in `.spec.workload.manifests.metadata.labels`
3. Install istio control plane
Export `KUBECONFIG` and switch to `member1`: Export `KUBECONFIG` and switch to `member1`:
@ -186,13 +187,13 @@ spec:
EOF EOF
``` ```
4. Install the east-west gateway in `member1` 2. Install the east-west gateway in `member1`
```bash ```bash
samples/multicluster/gen-eastwest-gateway.sh --mesh mesh1 --cluster member1 --network network1 | istioctl install -y -f - samples/multicluster/gen-eastwest-gateway.sh --mesh mesh1 --cluster member1 --network network1 | istioctl install -y -f -
``` ```
5. Expose the control plane and service in `member1` 3. Expose the control plane and service in `member1`
```bash ```bash
kubectl apply -f samples/multicluster/expose-istiod.yaml -n istio-system kubectl apply -f samples/multicluster/expose-istiod.yaml -n istio-system
@ -264,31 +265,6 @@ EOF
samples/multicluster/gen-eastwest-gateway.sh --mesh mesh1 --cluster member2 --network network2 | istioctl install -y -f - samples/multicluster/gen-eastwest-gateway.sh --mesh mesh1 --cluster member2 --network network2 | istioctl install -y -f -
``` ```
4. Expose service in `member2`
```bash
kubectl apply -f samples/multicluster/expose-services.yaml -n istio-system
```
### Deploy bookinfo application ### Deploy bookinfo application
1. Enable Karmada's auto-sync feature See module [Deploy bookinfo application](./working-with-istio-on-flat-network.md#deploy-bookinfo-application.md)
Export `KUBECONFIG` and switch to `karmada host`:
```bash
export KUBECONFIG=$HOME/.kube/karmada.config
kubectl config use-context karmada-host
```
Edit `karmada-controller-manager`deployment
```bash
kubectl edit deployment karmada-controller-manager -n karmada-system
```
delete `--controllers=-namespace,*` in start command
2. Deploy bookinfo application
See module `Deploy bookinfo application` in https://github.com/karmada-io/karmada/blob/master/docs/istio-on-karmada.md