@@ -17,58 +17,63 @@ This example creates a single cluster in a single VPC, then configures two route
1717
1818![ Single cluster/VPC service-to-service communications] ( images/example1.png )
1919
20- ** Steps**
20+ ### Steps
2121
22- ** Set up Service -to-Service communications**
22+ ** Set up service -to-service communications**
2323
24- 1 . Create the Kubernetes Gateway ` my-hotel ` :
24+ 1 . Use aws cli to create a VPC Lattice service network, with the name ` my-hotel ` :
2525 ``` bash
26- kubectl apply -f examples/my-hotel-gateway.yaml
27- ```
28- *** Note*** : By default, the gateway (lattice service network) is not associated with cluster's VPC. To associate a gateway (lattice service network) to VPC, ` my-hotel-gateway.yaml ` includes the following annotation.
29- ```
30- apiVersion: gateway.networking.k8s.io/v1beta1
31- kind: Gateway
32- metadata:
33- name: my-hotel
34- annotations:
35- application-networking.k8s.aws/lattice-vpc-association: "true"
26+ aws vpc-lattice create-service-network --name my-hotel
27+ {
28+ " arn" " <my-hotel-sn-arn>"
29+ " authType" " NONE"
30+ " id" " <my-hotel-sn-id>"
31+ " name" " my-hotel"
32+ }
3633 ```
37- 1 . Verify that ` my-hotel ` gateway is created (this could take about five minutes):
34+
35+ 2 . Create the Lattice ServiceNetworkVpcAssociation between current k8s cluster VPC and ` my-hotel ` service network:
3836 ``` bash
39- kubectl get gateway
37+ aws vpc-lattice create-service-network-vpc-association --service-network-identifier < my-hotel-sn-id> --vpc-identifier < k8s-cluster-vpc-id>
38+ {
39+ " arn" " <snva-arn>"
40+ " createdBy" " <timestamp>"
41+ " id" " <snva-id>"
42+ " status" " CREATE_IN_PROGRESS"
43+ }
4044 ```
41- ```
42- NAME CLASS ADDRESS READY AGE
43- my-hotel amazon-vpc-lattice 7d12h
44- ```
45- 1 . Once the gateway is created, find the VPC Lattice service network:
45+ Wait until above ServiceNetworkVpcAssociation status change to ` ACTIVE ` :
4646 ``` bash
47- kubectl get gateway my-hotel -o yaml
47+ aws vpc-lattice get-service-network-vpc-association --service-network-vpc-association-identifier snva-0041ace3a8658371e
48+ {
49+ ....
50+ " status" " ACTIVE"
51+ }
4852 ```
53+ 3 . Create the Kubernetes Gateway ` my-hotel ` :
54+ ``` bash
55+ kubectl apply -f examples/my-hotel-gateway.yaml
4956 ```
50- apiVersion: gateway.networking.k8s.io/v1beta1
51- kind: Gateway
52- ...
53- status:
54- conditions:
55- message: 'aws-gateway-arn: arn:aws:vpc-lattice:us-west-2:694065802095:servicenetwork/sn-0ab6bb70055929edd'
56- reason: Reconciled
57- status: "True"
58- type: Schedules
57+ Verify that ` my-hotel ` gateway is created with ` PROGRAMMED ` equals to ` True ` :
58+ ``` bash
59+ kubectl get gateway
60+
61+ NAME CLASS ADDRESS PROGRAMMED AGE
62+ my-hotel amazon-vpc-lattice True 7d12h
5963 ```
60- 1 . Create the Kubernetes HTTPRoute rates for the parking service, review service, and HTTPRoute rate:
64+
65+ 4 . Create the Kubernetes HTTPRoute ` rates ` that can has path match routes to the ` parking ` service and ` review ` service (this could take about few minutes)
6166 ``` bash
6267 kubectl apply -f examples/parking.yaml
6368 kubectl apply -f examples/review.yaml
6469 kubectl apply -f examples/rate-route-path.yaml
6570 ```
66- 1 . Create the Kubernetes HTTPRoute inventory (this could take about five minutes):
71+ 5 . Create another Kubernetes HTTPRoute ` inventory ` (this could take about few minutes):
6772 ``` bash
6873 kubectl apply -f examples/inventory-ver1.yaml
6974 kubectl apply -f examples/inventory-route.yaml
7075 ```
71- 1 . Find out HTTPRoute's DNS name from HTTPRoute status:
76+ 6 . Find out HTTPRoute's DNS name from HTTPRoute status:
7277 ``` bash
7378 kubectl get httproute
7479 ```
@@ -77,23 +82,21 @@ This example creates a single cluster in a single VPC, then configures two route
7782 inventory 51s
7883 rates 6m11s
7984```
80- 1 . List the route’s yaml file to see the DNS address (highlighted here on the ` message ` line) :
85+ 7 . Check the lattice generated DNS address for HTTPRoute ` inventory ` and ` rates ` :
8186 ``` bash
8287 kubectl get httproute inventory -o yaml
83- ```
84- ```
88+
8589 apiVersion: gateway.networking.k8s.io/v1beta1
8690 kind: HTTPRoute
8791 metadata:
8892 annotations:
8993 application-networking.k8s.aws/lattice-assigned-domain-name: inventory-default-02fb06f1acdeb5b55.7d67968.vpc-lattice-svcs.us-west-2.on.aws
9094 ...
9195 ```
92-
96+
9397 ` ` ` bash
9498 kubectl get httproute rates -o yaml
95- ` ` `
96- ```
99+
97100 apiVersion: v1
98101 items:
99102 - apiVersion: gateway.networking.k8s.io/v1beta1
@@ -104,65 +107,40 @@ This example creates a single cluster in a single VPC, then configures two route
104107 ...
105108 ` ` `
106109
107- 1. if the previous step returns the expected response, store assigned DNS names to variables.
108-
110+ 8. if the previous step returns the expected response, store lattice assigned DNS names to variables.
109111
110112 ` ` ` bash
111- ratesdns =$( kubectl get httproute rates -o json | jq -r ' .status.parents[].conditions[0].message ' )
112- inventorydns =$( kubectl get httproute inventory -o json | jq -r ' .status.parents[].conditions[0].message ' )
113+ ratesFQDN =$( kubectl get httproute rates -o json | jq -r ' .metadata.annotations."application-networking.k8s.aws/lattice-assigned-domain-name" ' )
114+ inventoryFQDN =$( kubectl get httproute inventory -o json | jq -r ' .metadata.annotations."application-networking.k8s.aws/lattice-assigned-domain-name" ' )
113115 ` ` `
114-
115- remove preceding extra text :
116+
117+ Confirm that the URLs are stored correctly :
116118
117119 ` ` ` bash
118- prefix=" DNS Name: "
119- echo $ratesdns
120- echo $inventorydns
121- ratesFQDN=${ratesdns# $prefix }
122- inventoryFQDN=${inventorydns# $prefix }
120+ echo $ratesFQDN $inventoryFQDN
121+ rates-default-034e0056410499722.7d67968.vpc-lattice-svcs.us-west-2.on.aws inventory-default-0c54a5e5a426f92c2.7d67968.vpc-lattice-svcs.us-west-2.on.aws
123122 ` ` `
124123
125- confirm that the URLs are stored correctly:
126-
127- ` ` ` bash
128- echo $ratesFQDN $inventoryFQDN
129- ` ` `
130-
131- ` ` `
132- rates-default-034e0056410499722.7d67968.vpc-lattice-svcs.us-west-2.on.aws inventory-default-0c54a5e5a426f92c2.7d67968.vpc-lattice-svcs.us-west-2.on.aws
133- ` ` `
124+ ** Verify service-to-service communications**
134125
135- ** Check service connectivity**
136126
137- 1. Check Service-Inventory Pod access for Service-Rates/parking or Service-Rates/review by executing into the pod, then curling each service.
138- ` ` ` bash
139- kubectl get pod
140- ` ` `
141- ` ` `
142- NAME READY STATUS RESTARTS AGE
143- inventory-ver1-7bb6989d9d-2p2hk 1/1 Running 0 7d13h
144- inventory-ver1-7bb6989d9d-464rk 1/1 Running 0 7d13h
145- parking-6cdcd5b4b4-bbzvt 1/1 Running 0 103m
146- parking-6cdcd5b4b4-g8dkb 1/1 Running 0 103m
147- review-5888566ff6-2plsj 1/1 Running 0 101m
148- review-5888566ff6-89fqk 1/1 Running 0 101m
149- ` ` `
150- 1. Exec into an inventory pod to check connectivity to parking and review services:
127+ 9. Check connectivity from the ` inventory-ver1` ` parking` ` review`
151128 ` ` ` bash
152- kubectl exec -it deploy/inventory-ver1 -- curl $ratesFQDN /parking $ratesFQDN /review
129+ kubectl exec deploy/inventory-ver1 -- curl $ratesFQDN /parking $ratesFQDN /review
153130 ` ` `
154131 ` ` `
155132 Requsting to Pod(parking-8548d7f98d-57whb): parking handler pod
156133 Requsting to Pod(review-6df847686d-dhzwc): review handler pod
157134 ` ` `
158-
159- 1. Exec into a parking pod to check connectivity to the inventory-ver1 service:
135+
136+ 10. Check connectivity from the ` parking` service to the ` inventory-ver1`
160137 ` ` ` bash
161- kubectl exec -it deploy/parking -- curl $inventoryFQDN
138+ kubectl exec deploy/parking -- curl $inventoryFQDN
162139 ` ` `
163140 ` ` `
164141 Requsting to Pod(inventory-ver1-99d48958c-whr2q): Inventory-ver1 handler pod
165142 ` ` `
143+ Now you could confirm the service-to-service communications within one cluster is working as expected.
166144
167145# # Set up multi-cluster/multi-VPC service-to-service communications
168146
@@ -176,49 +154,47 @@ The following figure illustrates this:
176154
177155! [Multiple clusters/VPCs service-to-service communications](images/example2.png)
178156
179- ** Steps**
157+ # ## Steps
180158
159+ ** Set up ` inventory-ver2` **
181160
182- ** Set up inventory on a second cluster **
161+ 1. Create a second Kubernetes cluster ` cluster2 ` (using the same instructions used to create the first).
183162
184- 1. Create a second cluster (using the same instructions used to create the first).
185- ** Important** : Note that each cluster requires its own gateway.
186-
187- 1. Ensure you' re using the second cluster profile.
163+ 2. Ensure you' re using the second cluster `kubectl` context.
188164 ```bash
189165 kubectl config get-contexts
190166 ```
191- If your profile is set to the first cluster, switch your credentials to use the second cluster:
167+ If your context is set to the first cluster, switch your credentials to use the second cluster:
192168 ```bash
193- kubectl config use-context <yourcluster2info >
169+ kubectl config use-context <cluster2-context >
194170 ```
195- 1 . Create a Kubernetes inventory-ver2 service in the second cluster:
171+ 3 . Create a Kubernetes inventory-ver2 service in the second cluster:
196172 ```bash
197173 kubectl apply -f examples/inventory-ver2.yaml
198174 ```
199- 1 . Export this Kubernetes inventory-ver2 from the second cluster, so that it can be referenced by HTTPRoute in the other cluster:
175+ 4 . Export this Kubernetes inventory-ver2 from the second cluster, so that it can be referenced by HTTPRoute in the first cluster:
200176 ```bash
201177 kubectl apply -f examples/inventory-ver2-export.yaml
202178 ```
203- **Switch back to the first cluster**
179+
180+ **Switch back to the first cluster**
204181
205- 1 . Switch credentials back to the first cluster
182+ 5 . Switch credentials back to the first cluster
206183 ```bash
207- kubectl config use-context <yourcluster1info >
184+ kubectl config use-context <cluster1-context >
208185 ```
209- 1. Import the Kubernetes inventory-ver2 into first cluster:
186+ 6. Create Kubernetes ServiceImport ` inventory-ver2` in the first cluster:
210187 ```bash
211188 kubectl apply -f examples/inventory-ver2-import.yaml
212189 ```
213- 1 . Update the HTTPRoute inventory to route 10% traffic to the first cluster and 90% traffic to the second cluster:
190+ 7 . Update the HTTPRoute ` inventory` rules to route 10% traffic to the first cluster and 90% traffic to the second cluster:
214191 ```bash
215192 kubectl apply -f examples/inventory-route-bluegreen.yaml
216193 ```
217- 1 . Check the Service-Rates/parking pod access to Service-Inventory by execing into the parking pod :
194+ 8 . Check the service-to-service connectivity from `parking`(in cluster1) to `inventory-ver1`(in cluster1) and `inventory-ver2`(in cluster2) :
218195 ```bash
219- kubectl exec -it deploy/parking -- sh -c ' for (( i= 1 ; i<= 30 ; i++ )) ; do curl " $0 " ; done' "$inventoryFQDN"
220- ```
221- ```
196+ kubectl exec deploy/parking -- sh -c ' for (( i= 1 ; i<= 30 ; i++ )) ; do curl " $0 " ; done' "$inventoryFQDN"
197+
222198 Requsting to Pod(inventory-ver2-6dc74b45d8-rlnlt): Inventory-ver2 handler pod <----> in 2nd cluster
223199 Requsting to Pod(inventory-ver2-6dc74b45d8-rlnlt): Inventory-ver2 handler pod
224200 Requsting to Pod(inventory-ver2-6dc74b45d8-rlnlt): Inventory-ver2 handler pod
0 commit comments