Add multiproject example #115
Conversation
There was a problem hiding this comment.
Left few comments. I won't have time to finish this before i got on holidays.
@danielmarzini can you please take a look if you have time ?
| @@ -0,0 +1,417 @@ | |||
| # Multi-cluster Ingress for External Load Balancing | |||
|
|
|||
| [Multi-cluster Ingress](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress-for-anthos) for GKE is a cloud-hosted Ingress controller for GKE clusters. It's a Google-hosted service that supports deploying shared load balancing resources across clusters and across regions. | |||
There was a problem hiding this comment.
Can you add a line to what this recipe is about. The description only talks about what MCI does. Please add a line about the fact that MCI doesn't support cross-project and that this recipe solves that issue
|
|
||
| ## Use-cases | ||
|
|
||
| - Disaster recovery for internet traffic across clusters or regions |
There was a problem hiding this comment.
Add cross-project loadbalancing
| - GKE clusters on GCP | ||
| - All versions of GKE supported | ||
| - Tested and validated with 1.22.12-gke.2300 on Nov 14th 2022 | ||
| - Tested and validated with ASM revision asm-managed-stable |
|
|
||
| ### Networking Manifests | ||
|
|
||
| This recipe demonstrates how to use Multi-cluster Ingress (MCI) alongside Anthos Service Mesh (ASM) to publicly expose services deployed in a different projects. In this recipes we will deploy two clusters. The cluster `gke-1` is running in project that hosts the MCI configuration which implies that the GLBC is going to be running in the same project. The cluster `gke-2` is running in a different project. All services will share the same MultiClusterIngress and load balancer IP, but the load balancer will match traffic and send it to the right service depending on the request irrespective of the project. |
There was a problem hiding this comment.
Clusters have to be on the same Shared VPC right ? Can you add a line about that
| 1. Set up Environment variables | ||
|
|
||
| ```bash | ||
| export PROJECT1_NAME=PROJECT1 # Configuration project name |
There was a problem hiding this comment.
You are setting 2 environment varibles for each project. PROJECT_NAME and PROJECT
The first one work because it's set explicitaly
The second doesn't because you are extracting it from gcloud but you don't know what the user had setup before.
You can just set them up explicitaly because you have 2 projects anyway
|
|
||
| Note: `machine-type=e2-standard-4` and `num-nodes=4` are used to support Anthos Service Mesh (ASM) deployment. For more information about ASM minumum requirements for GKE, please [click here](https://cloud.google.com/service-mesh/v1.7/docs/scripted-install/gke-asm-onboard-1-7#requirements). | ||
|
|
||
| ```sh |
There was a problem hiding this comment.
Normally we like to reference the cluster-setup page as specific in the contribution guide https://github.com/GoogleCloudPlatform/gke-networking-recipes/blob/main/CONTRIBUTING.md
But it's missing a SharedVPC setup in there which is what you need for this recipe.
Please fix the sharedVPC portion in the cluster creation commands. Also the project id as i mentioned in the comment before.
I will open an issue to update this recipe later but moving cluster setup to the center guide page
There was a problem hiding this comment.
Hello @abelgana and thanks for your submission, awesome work!
A couple of remarks, there are some typos to be fixed plus other comments from Abdel.
On top of those, the project requirement is to have the recipe in one single file, since we're dealing with two clusters here, it can be divided in two. Please, merge the manifests into no more than 2 files. I'll run the entire recipe as soon as it's ready for the final review.
|
|
||
|  | ||
|
|
||
| There are two Custom Resources (CRs) that control multi-cluster load balancing - the MultiClusterIngress (MCI) and the MultiClusterService (MCS). The MCI below describes the desired traffic matching and routing behavior. Similar to an Ingress resource, it can specify host and path matching with Services. This MCI specifies two host rules and a default backend which will recieve all traffic that does not have a match. The `serviceName` field in this MCI specifies the name of an MCS resource. |
|
|
||
| 1. Now follow the steps for cluster registration with Hub and enablement of Multi-cluster Ingress. | ||
|
|
||
| There are two manifests in this folder: |
There was a problem hiding this comment.
typo: two manifests -> multiple
|
Ping on this change -- looks like there are some comments that need to be addressed. |
This recipe demonstrates how to use Multi-cluster Ingress (MCI) alongside Anthos Service Mesh (ASM) to publicly expose services deployed in a different projects. In this recipes we will deploy two clusters. The cluster
gke-1is running in project that hosts the MCI configuration which implies that the GLBC is going to be running in the same project. The clustergke-2is running in a different project. All services will share the same MultiClusterIngress and load balancer IP, but the load balancer will match traffic and send it to the right service depending on the request irrespective of the project.