Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #60744 from rh-tokeefe/OSSM-4041
OSSM-4041: Update infrastructure node content
- Loading branch information
Showing
6 changed files
with
181 additions
and
11 deletions.
There are no files selected for viewing
13 changes: 13 additions & 0 deletions
13
modules/ossm-about-control-plane-components-and-infrastructure-nodes.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
// Module included in the following assemblies: | ||
// * service_mesh/v2x/ossm-create-smcp.adoc | ||
|
||
:_content-type: CONCEPT | ||
[id="ossm-about-control-plane-components-and-infrastructure-nodes_{context}"] | ||
= About control plane components and infrastructure nodes | ||
|
||
Infrastructure nodes provide a way to isolate infrastructure workloads for two primary purposes: | ||
|
||
* To prevent incurring billing costs against subscription counts | ||
* To separate maintenance and management of infrastructure workloads | ||
You can configure some or all of the {SMProductShortName} control plane components to run on infrastructure nodes. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 53 additions & 0 deletions
53
modules/ossm-config-control-plane-infrastructure-node-console.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
// Module included in the following assemblies: | ||
// | ||
// * service_mesh/v2x/ossm-deployment-models.adoc | ||
|
||
:_content-type: PROCEDURE | ||
[id="ossm-config-control-plane-infrastructure-node-console_{context}"] | ||
= Configuring all control plane components to run on infrastructure nodes using the web console | ||
|
||
Perform this task if all of the components deployed by the {SMProductShortName} control plane will run on infrastructure nodes. These deployed components include Istiod, Ingress Gateway, and Egress Gateway, and optional applications such as Prometheus, Grafana, and Distributed Tracing. | ||
|
||
If the control plane will run on a worker node, skip this task. | ||
|
||
.Prerequisites | ||
|
||
* You have installed the {SMProductName} Operator. | ||
* You are logged in as a user with the `cluster-admin` role. If you use {product-dedicated}, you are logged in as a user with the `dedicated-admin` role. | ||
.Procedure | ||
|
||
. Log in to the {product-title} web console. | ||
|
||
. Navigate to *Operators* -> *Installed Operators*. | ||
|
||
. Click the {SMProductName} Operator, and then click *Istio Service Mesh Control Plane*. | ||
|
||
. Click the name of the control plane resource. For example, `basic`. | ||
|
||
. Click *YAML*. | ||
|
||
. Add the `nodeSelector` and `tolerations` fields to the `spec.runtime.defaults.pod` specification in the `ServiceMeshControlPlane` resource, as shown in the following example: | ||
+ | ||
[source,yaml] | ||
---- | ||
spec: | ||
runtime: | ||
defaults: | ||
pod: | ||
nodeSelector: <1> | ||
node-role.kubernetes.io/infra: "" | ||
tolerations: <2> | ||
- effect: NoSchedule | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
- effect: NoExecute | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
---- | ||
<1> Ensures that the `ServiceMeshControlPlane` pod is only scheduled on an infrastructure node. | ||
<2> Ensures that the pod is accepted by the infrastructure node for execution. | ||
|
||
. Click *Save*. | ||
|
||
. Click *Reload*. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
88 changes: 88 additions & 0 deletions
88
modules/ossm-config-individual-control-plane-infrastructure-node-console.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
// Module included in the following assemblies: | ||
// | ||
// * service_mesh/v2x/ossm-deployment-models.adoc | ||
|
||
:_content-type: PROCEDURE | ||
[id="ossm-config-individual-control-plane-infrastructure-node-console_{context}"] | ||
= Configuring individual control plane components to run on infrastructure nodes using the web console | ||
|
||
Perform this task if individual components deployed by the {SMProductShortName} control plane will run on infrastructure nodes. These deployed components include Istiod, the Ingress Gateway, and the Egress Gateway. | ||
|
||
If the control plane will run on a worker node, skip this task. | ||
|
||
.Prerequisites | ||
|
||
* You have installed the {SMProductName} Operator. | ||
* You are logged in as a user with the `cluster-admin` role. If you use {product-dedicated}, you are logged in as a user with the `dedicated-admin` role. | ||
.Procedure | ||
|
||
. Log in to the {product-title} web console. | ||
|
||
. Navigate to *Operators* -> *Installed Operators*. | ||
|
||
. Click the {SMProductName} Operator, and then click *Istio Service Mesh Control Plane*. | ||
|
||
. Click the name of the control plane resource. For example, `basic`. | ||
|
||
. Click *YAML*. | ||
|
||
. Add the `nodeSelector` and `tolerations` fields to the `spec.runtime.components.pilot.pod` specification in the `ServiceMeshControlPlane` resource, as shown in the following example: | ||
+ | ||
[source,yaml] | ||
---- | ||
spec: | ||
runtime: | ||
components: | ||
pilot: | ||
pod: | ||
nodeSelector: <1> | ||
node-role.kubernetes.io/infra: "" | ||
tolerations: <2> | ||
- effect: NoSchedule | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
- effect: NoExecute | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
---- | ||
<1> Ensures that the `Istiod` pod is only scheduled on an infrastructure node. | ||
<2> Ensures that the pod is accepted by the infrastructure node for execution. | ||
|
||
. Add the `nodeSelector` and the `tolerations` fields to the `spec.gateways.ingress.runtime.pod` and `spec.gateways.egress.runtime.pod` specifications in the `ServiceMeshControlPlane` resource, as shown in the following example: | ||
+ | ||
[source,yaml] | ||
---- | ||
spec: | ||
gateways: | ||
ingress: | ||
runtime: | ||
pod: | ||
nodeSelector: <1> | ||
node-role.kubernetes.io/infra: "" | ||
tolerations: <2> | ||
- effect: NoSchedule | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
- effect: NoExecute | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
egress: | ||
runtime: | ||
pod: | ||
nodeSelector: <1> | ||
node-role.kubernetes.io/infra: "" | ||
tolerations: <2> | ||
- effect: NoSchedule | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
- effect: NoExecute | ||
key: node-role.kubernetes.io/infra | ||
value: reserved | ||
---- | ||
<1> Ensures that the gateway pod is only scheduled on an infrastructure node | ||
<2> Ensures that the pod is accepted by the infrastructure node for execution. | ||
|
||
. Click *Save*. | ||
|
||
. Click *Reload*. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters