Last active
April 10, 2020 01:46
-
-
Save rvennam/eb8033410b8390155d89ba2c7179318d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Preparation | |
| ibmcloud ks cluster config --cluster mc1 | |
| ibmcloud ks cluster config --cluster mc2 | |
| export MAIN_CLUSTER_CTX=mc1/bp8qqdkd09bld02i62r0 | |
| export REMOTE_CLUSTER_CTX=mc2/bp8qqkmd0rgc3c2i62rg | |
| export MAIN_CLUSTER_NAME=main0 | |
| export REMOTE_CLUSTER_NAME=remote0 | |
| # Certificate Authority | |
| kubectl create namespace istio-system --context=$MAIN_CLUSTER_CTX | |
| kubectl create namespace istio-system --context=$REMOTE_CLUSTER_CTX | |
| kubectl create secret generic cacerts --context=$MAIN_CLUSTER_CTX -n istio-system \ | |
| --from-file=samples/certs/ca-cert.pem \ | |
| --from-file=samples/certs/ca-key.pem \ | |
| --from-file=samples/certs/root-cert.pem \ | |
| --from-file=samples/certs/cert-chain.pem | |
| kubectl create secret generic cacerts --context=$REMOTE_CLUSTER_CTX -n istio-system \ | |
| --from-file=samples/certs/ca-cert.pem \ | |
| --from-file=samples/certs/ca-key.pem \ | |
| --from-file=samples/certs/root-cert.pem \ | |
| --from-file=samples/certs/cert-chain.pem | |
| # Cluster and network naming | |
| export MAIN_CLUSTER_NETWORK=network1 | |
| export REMOTE_CLUSTER_NETWORK=network2 | |
| # Install Istio! | |
| ./bin/istioctl --context=${MAIN_CLUSTER_CTX} manifest apply -f istio-main-cluster.yaml | |
| ./bin/istioctl manifest apply --context=$REMOTE_CLUSTER_CTX -f istio-remote0-cluster.yaml | |
| # Configure ingress gateways | |
| kubectl --context=${MAIN_CLUSTER_CTX} apply -f cluster-aware-gateway.yaml | |
| kubectl --context=${REMOTE_CLUSTER_CTX} apply -f cluster-aware-gateway.yaml | |
| # Configure cross-cluster service registries | |
| ./bin/istioctl x create-remote-secret --context=$MAIN_CLUSTER_CTX --name=main0 -n istio-system | kubectl apply -f - --context=$REMOTE_CLUSTER_CTX | |
| ./bin/istioctl x create-remote-secret --context=$REMOTE_CLUSTER_CTX --name=remote0 -n istio-system | kubectl apply -f - --context=$MAIN_CLUSTER_CTX | |
| # Deploy helloworld v2 in the remote cluster | |
| kubectl create --context=${REMOTE_CLUSTER_CTX} namespace sample | |
| kubectl label --context=${REMOTE_CLUSTER_CTX} namespace sample istio-injection=enabled | |
| kubectl create --context=${REMOTE_CLUSTER_CTX} -f samples/helloworld/helloworld.yaml -l app=helloworld -n sample | |
| kubectl create --context=${REMOTE_CLUSTER_CTX} -f samples/helloworld/helloworld.yaml -l version=v2 -n sample | |
| # Deploy helloworld v1 in the main cluster | |
| kubectl create --context=${MAIN_CLUSTER_CTX} namespace sample | |
| kubectl label --context=${MAIN_CLUSTER_CTX} namespace sample istio-injection=enabled | |
| kubectl create --context=${MAIN_CLUSTER_CTX} -f samples/helloworld/helloworld.yaml -l app=helloworld -n sample | |
| kubectl create --context=${MAIN_CLUSTER_CTX} -f samples/helloworld/helloworld.yaml -l version=v1 -n sample | |
| # Deploy sleep to both clusters | |
| kubectl apply --context=${MAIN_CLUSTER_CTX} -f samples/sleep/sleep.yaml -n sample | |
| kubectl apply --context=${REMOTE_CLUSTER_CTX} -f samples/sleep/sleep.yaml -n sample | |
| # Remove v1 Deployment from main cluster | |
| kubectl delete deployment helloworld-v1 -n sample | |
| # Cross-cluster routing in action | |
| kubectl exec --context=${MAIN_CLUSTER_CTX} -it -n sample -c sleep $(kubectl get pod --context=${MAIN_CLUSTER_CTX} -n sample -l app=sleep -o jsonpath='{.items[0].metadata.name}') -- curl helloworld.sample:5000/hello |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment