Skip to content

Admiral provides automatic configuration generation, syncing and service discovery for multicluster Istio service mesh

License

Notifications You must be signed in to change notification settings

istio-ecosystem/admiral

Repository files navigation

CircleCI

codecov

Admiral provides automatic configuration and service discovery for multicluster Istio service mesh

Istio has a very robust set of multi-cluster capabilities. Managing this configuration across multiple clusters at scale is challenging. Admiral takes an opinionated view on this configuration and provides automatic provisioning and syncing across clusters.

Admiral defines two custom resources, the Dependency and GlobalTrafficPolicy, which are used to configure ServiceEntries, VirtualServices, and DestinationRules on each cluster for each cross-cluster service. This removes the complexity for developers and mesh operators.

alt text

Admiral Demo

Who uses Admiral?

Organizations below are officially using Admiral. Please send a PR with your organization name if you are using Admiral.

Blogs and Presentations

Collaboration and Communication

Admiral Slack Channel

Note: This channel is under Istio slack org, please fill out this form to get access to Istio slack.

Local Development

Refer to Local Development Setup

Contributing

Refer to Contributing doc

Release Cadence

Details can be found here

Admiral Sequence Diagram

Legend:

SE - Istio ServiceEntry

VS - Istio VirtualService

DR - Istio DestinationRule

K8s API - Kubernetes API Server

GTP - Admiral GlobalTrafficPolicy

Loading
sequenceDiagram
		autonumber 1
    Service/VirtualService Handler->>+Rollout/Deployment Handler: Add/Update/Delete events
		autonumber 1
    GTP/OutlierDetection Handler->>Update All Resources: Add/Update
    autonumber 1
    DependencyRecord Handler->>Update All Resources: Add/Update
		autonumber 1
		Rollout/Deployment Handler->>Update All Resources: Add/Update

    autonumber 2
    Update All Resources->>RemoteControllers: Fetch All Cluster Controllers
		rect rgb(255, 255, 220)
	    loop
		    Update All Resources->>K8sAPI 1..N: For each cluster, get corresponding service object
				K8sAPI 1..N-->>Update All Resources: Continue if service does not exist for deployment/rollout
				K8sAPI 1..N-->>Update All Resources: Build list of source services
	    end
		end
	  rect rgb(255, 255, 220)
	    loop
				Update All Resources->>K8sAPI 1..N: Derive SE from each service in the list
				Update All Resources->>GTP/OutlierDetection Cache: Derive DR from GTP/OutlierDetection
			  rect rgb(204, 255, 204)
			    loop
				    Update All Resources->>K8sAPI 1..N: Add/Update SE/DR/VS in source clusters
				    Update All Resources->>DynamoDB: Add/Update WorkloadData for source clusters
					end
		    end
	    end
		end

    Update All Resources->>DependencyCache: Fetch dependent clusters
		rect rgb(204, 255, 204)
	    loop
				Update All Resources->>K8sAPI 1..N: Add/Update SE/DR/VS in dependent clusters
        Update All Resources->>DynamoDB: Add/Update WorkloadData for dependent clusters
			end
		end

Core contributors