docs: Setting up Cluster Mesh with helm chart / olm

[m-yosefpor]

Proposal / RFE

Is your feature request related to a problem?

Currently there are some docs in cilium website about how to setting up a cluster mesh with cilium cli (https://docs.cilium.io/en/latest/gettingstarted/clustermesh/clustermesh/), however there are no docs which explains how to achieve similar thing via helm charts. Almost all other sections have docs both about CLI solution and helm chart solution, but this part is explained specifically with cli.

The approach explains how to share CA with --inherit-ca flag in installing, and then cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 which both of them are not straight forward how can be done in a helm chart deployment.

Describe the solution you'd like

Having a docs about how can we setup cilium in clustermesh mode with helm chart (which would also trivially answers how to do it with OLM, as CilliumConfig corresponds helm chart values.yaml

[samueltorres]

I've prepared a PR with the Helm Chart Changes :)
#17851
Tomorrow I'll take care of finishing the PR 👍

[samueltorres]

What do you think about this Helm values schema ?

# -- Clustermesh explicit configuration.
  config:
    # -- Enable the Clustermesh explicit configuration.
    enabled: false
    # -- Default dns domain for the Clustermesh API servers
    # This is used in the case cluster addresses are not provided
    # and IPs are used.
    domain: mesh.cilium.io
    # -- List of clusters to be peered in the mesh.
    clusters: []
    # clusters: 
    # # -- Name of the cluster
    # - name: cluster1
    # # -- Address of the cluster, use this if you created DNS records for
    # # the cluster Clustermesh API server.
    #   address: cluster1.mesh.cilium.io 
    # # -- Port of the cluster Clustermesh API server.
    #   port: 2379
    # # -- IPs of the cluster Clustermesh API server, use multiple ones when
    # # you have multiple IPs to access the Clustermesh API server.
    #   ips:
    #   - 172.18.255.201
    # # -- base64 encoded PEM values for the cluster client certificate, private key and certificate authority.
    #   tls:
    #     cert: ""
    #     key: ""

• This schema allows a given user to set up the Clustermesh connections manually if needed.
• It allows each cluster connection to be configured using the Clustermesh load balancer / Node ips or a pre-defined DNS record.
• The port is configurable
• The client certificates need to be provided in order to correctly configure the etcd config.
• It uses the tls.ca.cert CA as the chosen ca for the etcd config.

Is there anything missing in terms of features ?

[anovv]

Is it moving?

[github-actions]

This issue has been automatically marked as stale because it has not
had recent activity. It will be closed if no further activity occurs.

[aanm]

@dirtyValera yes, in #17851