-
Notifications
You must be signed in to change notification settings - Fork 1
/
skewer.yaml
217 lines (183 loc) · 7.13 KB
/
skewer.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
title: Skupper Hello World using YAML
subtitle: A minimal HTTP application deployed across Kubernetes clusters using Skupper
overview: |
This example is a variant of [Skupper Hello World][hello-world] that
is deployed using YAML resource definitions instead of imperative
commands.
It contains two services:
* A backend service that exposes an `/api/hello` endpoint. It
returns greetings of the form `Hi, <your-name>. I am <my-name>
(<pod-name>)`.
* A frontend service that sends greetings to the backend and
fetches new greetings in response.
In this scenario, each service runs in a different Kubernetes
cluster. The frontend runs in a namespace on cluster 1 called West,
and the backend runs in a namespace on cluster 2 called East.
<img src="images/entities.svg" width="640"/>
Skupper enables you to place the backend in one cluster and the
frontend in another and maintain connectivity between the two
services without exposing the backend to the public internet.
[hello-world]: https://github.com/skupperproject/skupper-example-hello-world
sites:
west:
title: West
platform: kubernetes
namespace: west
env:
KUBECONFIG: ~/.kube/config-west
east:
title: East
platform: kubernetes
namespace: east
env:
KUBECONFIG: ~/.kube/config-east
steps:
- title: Install Skupper in your clusters
preamble: |
Use the `kubectl apply` command to install the Skupper
controller in each cluster.
commands:
west:
- run: kubectl apply -f skupper.yaml
output: |
namespace/skupper-site-controller created
serviceaccount/skupper-site-controller created
clusterrole.rbac.authorization.k8s.io/skupper-site-controller created
clusterrolebinding.rbac.authorization.k8s.io/skupper-site-controller created
deployment.apps/skupper-site-controller created
east:
- run: kubectl apply -f skupper.yaml
output: |
namespace/skupper-site-controller created
serviceaccount/skupper-site-controller created
clusterrole.rbac.authorization.k8s.io/skupper-site-controller created
clusterrolebinding.rbac.authorization.k8s.io/skupper-site-controller created
deployment.apps/skupper-site-controller created
- standard: kubernetes/set_up_your_namespaces
- title: Apply your YAML resources
preamble: |
To configure our example sites and service bindings, we are
using the following resources:
West:
* [site.yaml](west/site.yaml) - Skupper configuration for West
* [frontend.yaml](west/frontend.yaml) - The Hello World frontend
East:
* [site.yaml](east/site.yaml) - Skupper configuration for East
* [backend.yaml](east/backend.yaml) - The Hello World backend
Let's look at some of these resources in more detail.
#### Resources in West
The `site` ConfigMap defines a Skupper site for its associated
Kubernetes namespace. This is where you set site configuration
options. See the [config reference][config] for more
information.
[config]: https://skupper.io/docs/yaml/index.html
[site.yaml](west/site.yaml):
~~~ yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: skupper-site
data:
name: west
~~~
#### Resources in East
Like the one for West, here is the Skupper site definition for
the East. It includes the `ingress: none` setting since no
ingress is required at this site for the Hello World example.
[site.yaml](east/site.yaml):
~~~ yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: skupper-site
data:
name: east
ingress: none
~~~
In East, the `backend` deployment has an annotation named
`skupper.io/proxy` with the value `tcp`. This tells Skupper to
expose the backend on the Skupper network. As a consequence,
the frontend in West will be able to see the backend and call
its API.
[backend.yaml](east/backend.yaml):
<pre>apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
labels:
app: backend
<b>annotations:
skupper.io/proxy: tcp</b>
spec:
selector:
matchLabels:
app: backend
replicas: 3
template:
metadata:
labels:
app: backend
spec:
containers:
- name: backend
image: quay.io/skupper/hello-world-backend
ports:
- containerPort: 8080</pre>
Now we're ready to apply everything. Use the `kubectl apply`
command with the resource definitions for each site.
**Note:** If you are using Minikube, [you need to start
`minikube tunnel`][minikube-tunnel] before you create the
Skupper sites.
[minikube-tunnel]: https://skupper.io/start/minikube.html#running-minikube-tunnel
commands:
west:
- run: kubectl apply -f west/site.yaml -f west/frontend.yaml
output: |
configmap/skupper-site created
deployment.apps/frontend created
- await_resource: deployment/skupper-service-controller
- await_resource: deployment/frontend
east:
- run: kubectl apply -f east/site.yaml -f east/backend.yaml
output: |
configmap/skupper-site created
deployment.apps/backend created
- await_resource: deployment/skupper-service-controller
- await_resource: deployment/backend
- standard: link_your_sites
preamble: |
You can configure sites and service bindings declaratively, but
linking sites is different. To create a link, you must have the
authentication secret and connection details of the remote site.
Since these cannot be known in advance, linking must be
procedural.
<!--
**Note:** There are several ways to automate the generation and
distribution of tokens across sites, using for example Ansible,
Backstage, or Vault. See [Token distribution][XXX] for more
information.
-->
This example uses the Skupper command-line tool to generate the
secret token in West and create the link in East.
To install the Skupper command:
~~~ shell
curl https://skupper.io/install.sh | sh
~~~
For more installation options, see [Installing
Skupper][install].
Once the command is installed, use `skupper token create` in
West to generate the token. Then, use `skupper link create` in
East to create a link.
[install]: https://skupper.io/install/index.html
- standard: hello_world/access_the_frontend
- standard: cleaning_up
commands:
west:
- run: kubectl delete -f west/site.yaml -f west/frontend.yaml
- run: kubectl delete -f skupper.yaml
east:
- run: kubectl delete -f east/site.yaml -f east/backend.yaml
- run: kubectl delete -f skupper.yaml
apply: readme
- run: kubectl delete -f skupper.yaml --ignore-not-found
apply: test