Skip to content

multi-cluster gateway controller, manages multi-cluster gateways based on gateway api and policy attachment

License

Notifications You must be signed in to change notification settings

KevFan/multicluster-gateway-controller

 
 

Repository files navigation

multicluster-gateway-controller

Description:

The multi-cluster gateway controller, leverages the gateway API standard and Open Cluster Management to provide multi-cluster connectivity and global load balancing

Key Features:

  • Central Gateway Definition that can then be distributed to multiple clusters
  • Automatic TLS and cert distribution for HTTPS based listeners
  • DNSPolicy to decide how North-South based traffic should be balanced and reach the gateways
  • Health checks to detect and take remedial action against unhealthy endpoints
  • Cloud DNS provider integrations (AWS route 53) with new ones being added (google DNS)

When deploying the multicluster gateway controller using the make targets, the following will be created:

  • Kind cluster(s)
  • Gateway API CRDs in the control plane cluster
  • Ingress controller
  • Cert manager
  • ArgoCD instance
  • K8s Dashboard
  • LetsEncrypt certs

Prerequisites:

  • AWS
  • Various dependencies installed into $(pwd)/bin e.g. kind, yq etc.
    • Run make dependencies
  • openssl>=3
    • On macos a later version is available with brew install openssl. You'll need to update your PATH as macos provides an older version via libressl as well
    • On fedora use dnf install openssl
  • go >= 1.20

1. Running the controller in the cluster:

  1. Create env files:

    • One called aws-credentials.env containing AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION
    • One called controller-config.env containing AWS_DNS_PUBLIC_ZONE_ID and ZONE_ROOT_DOMAIN
  2. Setup your local environment

    make local-setup MGC_WORKLOAD_CLUSTERS_COUNT=<NUMBER_WORKLOAD_CLUSTER>
  3. Build the controller image and load it into the control plane

    kubectl config use-context kind-mgc-control-plane 
    make kind-load-controller
  4. Deploy the controller to the control plane cluster

    make deploy-controller
  5. (Optional) View the logs of the deployed controller

    kubectl logs -f $(kubectl get pods -n multi-cluster-gateways | grep "mgc-" | awk '{print $1}') -n multi-cluster-gateways

2. Running the controller locally:

  1. Create env files:

    • One called aws-credentials.env containing AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION
    • One called controller-config.env containing AWS_DNS_PUBLIC_ZONE_ID and ZONE_ROOT_DOMAIN
  2. Setup your local environment

    make local-setup MGC_WORKLOAD_CLUSTERS_COUNT=<NUMBER_WORKLOAD_CLUSTER>
  3. Run the controller locally:

    kubectl config use-context kind-mgc-control-plane 
    (export $(cat ./controller-config.env | xargs) && export $(cat ./aws-credentials.env | xargs) && make build-controller install run-controller)

3. Running the agent in the cluster:

  1. Build the agent image and load it into the workload cluster

    kubectl config use-context kind-mgc-workload-1 
    make kind-load-agent
  2. Deploy the agent to the workload cluster

    make deploy-agent

4. Running the agent locally

  1. Target the workload cluster you wish to run on:
export KUBECONFIG=./tmp/kubeconfigs/mgc-workload-1.kubeconfig
  1. Run the agent locally:
make build-agent run-agent

License

Copyright 2022 Red Hat.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

About

multi-cluster gateway controller, manages multi-cluster gateways based on gateway api and policy attachment

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 93.7%
  • Shell 3.2%
  • Makefile 2.4%
  • Other 0.7%