Distributed Cloud Container Platform for Kubernetes (ACK One) provides the multi-cluster Services (MCS) feature to allow you to access Services across Kubernetes clusters by using domain names. This achieves cross-cluster Service traffic routing without the need to modify your business code or modify the dnsConfig field or CoreDNS configurations for your business pods.
Prerequisites
The Fleet management feature is enabled. For more information, see Enable multi-cluster management.
Two clusters are associated with a Fleet instance. One cluster serves as the Service provider. The other cluster serves as the Service consumer. For more information, see Manage associated clusters.
The Kubernetes versions of the associated clusters must be 1.22 or later.
Pods in the Service provider cluster and pods in the Service consumer cluster can communicate with each other. For more information, see MCS overview.
NoteAfter enabling pod CIDR connectivity between clusters, ensure that the security groups for the cluster's node pools have allowed traffic from the pod CIDR blocks of the interconnected clusters.
The kubeconfig files of the Service provider cluster, Service consumer cluster, and the Fleet instance are obtained, and kubectl is used to connect to the clusters and the instance. For more information, see Obtain the kubeconfig file of a cluster and use kubectl to connect to the cluster.
MCS architecture
To allow a Service in the Service provider cluster to be accessed by a client pod in the Service consumer cluster, perform the following steps:
Create a Service named
service1and an application pod that is exposed by using the service1 Service in the Service provider cluster. Create a Service namedservice1in the Service consumer cluster.Create a multi-cluster Service named service1 on the Fleet instance. When you create the multi-cluster Service, set the Service name to service1 and the namespace to the namespace of the service1 Service in the Service provider cluster. In addition, specify the names of the Service provider cluster and the Service consumer cluster in the configurations of the multi-cluster Service.
Create a client pod in the Service consumer cluster. This way, you can use the client pod to access the backend pods of the service1 Service in the Service provider cluster by using a domain name.
In this topic, the application and Services are deployed by using kubectl. You can also use the GitOps and application distribution features of the Fleet instance to distribute the preceding resources to the associated clusters.
Step 1: Create a Service named service1 in the Service provider cluster
Connect to the Service provider cluster by using its kubeconfig file. Then, use the following code block to create a file named
web-demo-svc-provider.yaml:apiVersion: v1 kind: Service metadata: name: service1 namespace: provider-ns spec: ports: - port: 80 protocol: TCP targetPort: 8080 selector: app: web-demo sessionAffinity: None type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: name: web-demo namespace: provider-ns spec: replicas: 1 selector: matchLabels: app: web-demo template: metadata: creationTimestamp: null labels: app: web-demo spec: containers: - env: - name: ENV_NAME value: cluster-provider image: registry-cn-hangzhou.ack.aliyuncs.com/acs/web-demo:0.5.0 imagePullPolicy: Always name: web-demo dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-schedulerRun the following command to create a Service named
service1and an application pod that is exposed by using the Service:kubectl apply -f web-demo-svc-provider.yaml
Step 2: Create a Service named service1 in the Service consumer cluster
Connect to the Service consumer cluster by using its kubeconfig file. Then, use the following code block to create a file named
web-demo-svc-consumer.yaml:NoteIn this step, you do not need to create application pods.
apiVersion: v1 kind: Service metadata: name: service1 namespace: provider-ns spec: ports: - port: 80 protocol: TCP targetPort: 8080 selector: app: web-demo sessionAffinity: None type: ClusterIPRun the following command to create a Service named
service1:kubectl apply -f web-demo-svc-consumer.yaml
Step 3: Create a multi-cluster Service on the Fleet instance
Connect to the Fleet instance by using its kubeconfig file. Then, use the following code block to create a file named
multiclusterservice.yaml:NoteReplace
<your consumer cluster id>and<your provider cluster id>with the actual cluster IDs.The
nameandnamespaceof the multi-cluster Service must be the same as the name and namespace of theservice1Service in the Service provider cluster.
apiVersion: networking.one.alibabacloud.com/v1alpha1 kind: MultiClusterService metadata: name: service1 namespace: provider-ns spec: consumerClusters: - name: <your consumer cluster id> providerClusters: - name: <your provider cluster id>Run the following command to create a multi-cluster Service named
service1on the Fleet instance:kubectl apply -f multiclusterservice.yaml
Step 4: Create a client pod in the Service consumer cluster to access the service1 Service in the Service provider cluster
Connect to the Service consumer cluster by using its kubeconfig file. Then, use the following code block to create a file named
client-pod.yaml:apiVersion: v1 kind: Pod metadata: name: curl-client namespace: customer-ns spec: containers: - name: curl-client image: registry-cn-hangzhou.ack.aliyuncs.com/dev/curl:8.11.1 command: ["sh", "-c", "sleep 12000"]Run the following command to deploy a client pod in the Service consumer cluster:
kubectl apply -f client-pod.yamlRun the following command to log on to the client pod in the Service consumer cluster and access the
service1Service in the Service provider cluster:kubectl exec -it -ncustomer-ns curl-client -- sh curl service1.provider-nsExpected output:
This is cluster-provider!