Add lifecycle sidecar to mesh gateway #380

lkysow · 2020-03-11T18:56:42Z

When Consul clients in Kubernetes restart, they lose their
registrations. This causes any mesh gateways to be deregistered. To
solve this, we need to run a sidecar that ensures the service is always
registered: a lifecycle-sidecar.

For the lifecycle-sidecar to work, it needs a service.hcl service config
file. This required adding an init container that writes this file and
does the initial service registration. Since the init container is
registering the service, the consul connect envoy -mesh-gateway command
no longer needs the -register flag.

lkysow · 2020-03-17T22:56:53Z

For testing:

Use consul-k8s image lkysow/consul-k8s-dev:mar18-2020-acl-init that has the new -token-sink-file flag for acl-init (Add -token-sink-file flag to acl-init consul-k8s#232)
Start the mesh gateways, then delete the consul client pod on that node. The mesh gateway should be re-registered momentarily.

templates/mesh-gateway-deployment.yaml

ishustava

Luke, it generally looks good. Great job on all those pesky tests! I left a few comments with suggestions and questions. Let me know what you think

templates/mesh-gateway-deployment.yaml

ishustava

Looks good to me 🎉 ! Thanks for addressing my comments 🌮

When Consul clients in Kubernetes restart, they lose their registrations. This causes any mesh gateways to be deregistered. To solve this, we need to run a sidecar that ensures the service is always registered: a lifecycle-sidecar. For the lifecycle-sidecar to work, it needs a service.hcl service config file. This required adding an init container that writes this file and does the initial service registration. Since the init container is registering the service, the consul connect envoy -mesh-gateway command no longer needs the -register flag.

lkysow added area/multi-dc Related to running with multiple datacenters bug Something isn't working labels Mar 12, 2020

lkysow force-pushed the wan-fed-acls branch from e41ff79 to 5fd93fc Compare March 16, 2020 17:00

lkysow changed the base branch from wan-fed-acls to wan-federation March 17, 2020 22:46

lkysow force-pushed the mesh-gateway-lifecycle-sidecar branch 2 times, most recently from e6aefe4 to 6b10e24 Compare March 17, 2020 22:53

lkysow mentioned this pull request Mar 18, 2020

Add -token-sink-file flag to acl-init hashicorp/consul-k8s#232

Merged

lkysow commented Mar 18, 2020

View reviewed changes

templates/mesh-gateway-deployment.yaml Show resolved Hide resolved

lkysow marked this pull request as ready for review March 18, 2020 16:53

lkysow mentioned this pull request Mar 18, 2020

Support LoadBalancerAddress for mesh gateways #388

Merged

lkysow requested a review from a team March 18, 2020 17:03

ishustava reviewed Mar 20, 2020

View reviewed changes

lkysow force-pushed the mesh-gateway-lifecycle-sidecar branch from 74c1880 to f46a444 Compare March 20, 2020 18:43

ishustava approved these changes Mar 20, 2020

View reviewed changes

lkysow force-pushed the mesh-gateway-lifecycle-sidecar branch from f46a444 to 0474f5d Compare March 20, 2020 19:36

lkysow merged commit 8dd14ff into wan-federation Mar 23, 2020

ishustava mentioned this pull request Apr 10, 2020

Mesh gateways need to be re-registered (same as lifecycle-sidecar) #372

Closed

lkysow deleted the mesh-gateway-lifecycle-sidecar branch August 31, 2020 21:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add lifecycle sidecar to mesh gateway #380

Add lifecycle sidecar to mesh gateway #380

lkysow commented Mar 11, 2020 •

edited

lkysow commented Mar 17, 2020 •

edited

ishustava left a comment

ishustava left a comment

Add lifecycle sidecar to mesh gateway #380

Add lifecycle sidecar to mesh gateway #380

Conversation

lkysow commented Mar 11, 2020 • edited

lkysow commented Mar 17, 2020 • edited

ishustava left a comment

Choose a reason for hiding this comment

ishustava left a comment

Choose a reason for hiding this comment

lkysow commented Mar 11, 2020 •

edited

lkysow commented Mar 17, 2020 •

edited