Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update 11-enable-Gateway-API-within-GKE.sh #3

Merged
merged 2 commits into from
Jun 13, 2022
Merged

Update 11-enable-Gateway-API-within-GKE.sh #3

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
213e746
Update 11-enable-Gateway-API-within-GKE.sh
danielmarzini Jun 13, 2022
77bfd6e
Update 11-enable-Gateway-API-within-GKE.sh
danielmarzini Jun 13, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
146 changes: 143 additions & 3 deletions 11-enable-Gateway-API-within-GKE.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,6 @@ source .env.sh || fatal 'Couldnt source this'
set -x
set -e

# Add your code here:
kubectl apply -k "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v0.4.3"
kubectl get gatewayclass

# CREO IN europe-west6
gcloud compute networks subnets create dmarzi-proxy \
Expand All @@ -21,3 +18,146 @@ gcloud compute networks subnets create dmarzi-proxy \

# End of your code here
echo YAY. Tutto ok.



# WORKS ONLY WITH MULTIPLE CLUSTERS IN THE SAME REGION
# Enable (multi-cluster Gateways)[https://cloud.google.com/kubernetes-engine/docs/how-to/enabling-multi-cluster-gateways]
# Blue-Green https://cloud.google.com/kubernetes-engine/docs/how-to/deploying-multi-cluster-gateways#blue-green

1. # enable required APIs
gcloud services enable \
container.googleapis.com \
gkehub.googleapis.com \
multiclusterservicediscovery.googleapis.com \
multiclusteringress.googleapis.com \
trafficdirector.googleapis.com \
--project=PROJECT_ID

2. # register clusters to the fleet
gcloud container fleet memberships register CLUSTER_1 \
--gke-cluster CLUSTER_1_LOCATION/CLUSTER_1 \
--enable-workload-identity \
--project=PROJECT_ID

gcloud container fleet memberships register CLUSTER_2 \
--gke-cluster CLUSTER_2_LOCATION/CLUSTER_2 \
--enable-workload-identity \
--project=PROJECT_ID

3. #enable multi-cluster services
gcloud container fleet multi-cluster-services enable \
--project PROJECT_ID

gcloud projects add-iam-policy-binding PROJECT_ID \
--member "serviceAccount:PROJECT_ID.svc.id.goog[gke-mcs/gke-mcs-importer]" \
--role "roles/compute.networkViewer" \
--project=PROJECT_ID

4. # enable gateway apis
kubectl apply -k "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v0.4.3"
kubectl get gatewayclass

5. #enable GKE gateway controller
gcloud container fleet ingress enable \
--config-membership=/projects/PROJECT_ID/locations/global/memberships/CLUSTER_1 \
--project=PROJECT_ID

gcloud projects add-iam-policy-binding PROJECT_ID \
--member "serviceAccount:service-PROJECT_NUMBER@gcp-sa-multiclusteringress.iam.gserviceaccount.com" \
--role "roles/container.admin" \
--project=PROJECT_ID


6. # apply the gateway configuration on CLUSTER_1

kind: Gateway
apiVersion: gateway.networking.k8s.io/v1alpha2
metadata:
name: apps-http
spec:
gatewayClassName: gke-l7-rilb-mc
listeners:
- name: http
protocol: HTTP
port: 80
allowedRoutes:
kinds:
- kind: HTTPRoute
namespaces:
from: Selector
selector:
matchLabels:
gateway: apps-http

7. Export Services
CLUSTER_1
---
apiVersion: v1
kind: Service
metadata:
name: app-web-01
spec:
ports:
- port: 8080
name: http
selector:
app: app01-web
---
kind: ServiceExport
apiVersion: net.gke.io/v1
metadata:
name: app-web-01
namespace: default

CLUSTER_2

---
apiVersion: v1
kind: Service
metadata:
name: app-web-02
spec:
ports:
- port: 9292
targetPort: 9292
selector:
app: app02-ruby
---
kind: ServiceExport
apiVersion: net.gke.io/v1
metadata:
name: app-web-02
namespace: default


8.

kind: HTTPRoute
apiVersion: gateway.networking.k8s.io/v1alpha2
metadata:
name: internal-store-route
namespace: default
labels:
gateway: apps-http
spec:
parentRefs:
- kind: Gateway
namespace: default
name: apps-http
hostnames:
- "apps.example.internal"
rules:
- backendRefs:
# 90% of traffic to store-west-1 ServiceImport
- name: app-web-01
group: net.gke.io
kind: ServiceImport
port: 8080
weight: 90
# 10% of traffic to store-west-2 ServiceImport
- name: app-web-02
group: net.gke.io
kind: ServiceImport
port: 8080
weight: 10