Feb
22

RHACM GitOps: Install Service Mesh Operator and Configure a default control plan

This blog shows how to use RHACM GitOps to install Service Mesh and configure the default control plan.

The “local-cluster” is the hub server. The 2 managed clusters are “bn7z2-m-dev” and “bn7z2-m-dev-01” with the label “purpose=development”.

GitOps – tempaltes on github

$ git clone https://github.com/alpha-wolf-jin/mesh-apps.git

$ tree ./mesh-apps/
./mesh-apps/
├── elastic-operator
│   └── elasticsearch.yaml
├── jaeger-operator
│   └── jaeger-operator.yaml
├── kiali-servicemesh-operator
│   └── kiali-servicemesh-operator.yaml
├── mesh
│   └── smcp-basic.yaml
└── README.md

Templates used for Service Mesh:

elasticsearch.yaml

Create a Subscription object YAML file to subscribe to elasticsearch-operator in the openshift-operators-redhat namespace.

$ cat elastic-operator/elasticsearch.yaml 
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: elasticsearch-operator
  namespace: openshift-operators-redhat
spec:
  channel: stable
  installPlanApproval: Automatic
  name: elasticsearch-operator
  source: redhat-operators
  sourceNamespace: openshift-marketplace

jaeger.yaml

Create a Subscription object YAML file to subscribe to the jaeger-product in the openshift-distributed-tracing namespace.

$ cat jaeger-operator/jaeger-operator.yaml 
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: jaeger-product
  namespace: openshift-distributed-tracing
spec:
  channel: stable
  installPlanApproval: Automatic
  name: jaeger-product
  source: redhat-operators
  sourceNamespace: openshift-marketplace

kiali-servicemesh-operator.yaml

Create a Subscription object YAML file to subscribe to the kiali-ossm & servicemeshoperator Operators in the openshift-operators namespace.

$ cat kiali-servicemesh-operator/kiali-servicemesh-operator.yaml 
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: kiali-ossm
  namespace: openshift-operators
spec:
  channel: stable
  installPlanApproval: Automatic
  name: kiali-ossm
  source: redhat-operators
  sourceNamespace: openshift-marketplace
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: servicemeshoperator
  namespace: openshift-operators
spec:
  channel: stable
  installPlanApproval: Automatic
  name: servicemeshoperator
  source: redhat-operators
  sourceNamespace: openshift-marketplace

smcp-basic.yaml

Create a ServiceMeshControlPlane object basic in namespace istio-system.

$ cat mesh/smcp-basic.yaml 
---
apiVersion: maistra.io/v2
kind: ServiceMeshControlPlane
metadata:
  name: basic 
  namespace: istio-system 
spec:
  version: v2.2
  gateways: 
    egress:
      enabled: true
      runtime:
        deployment:
          autoScaling:
            enabled: false
    ingress:
      enabled: true
      runtime:
        deployment:
          autoScaling:
            enabled: false

  tracing: 
    sampling: 10000
    type: Jaeger

  telemetry:
    type: Istiod

  policy:
    type: Istiod

  addons:
    grafana: 
      enabled: true
    jaeger: 
      install:
        storage:
          type: Memory
    kiali: 
      enabled: true

Managing Multicluster Service Mesh with RHACM GitOps

Application – elastic

Use RHACM GitOps to create a new elastic application based on the following criteria

FIELDVALUEName | elastic
Namespace | openshift-operators-redhat
Repository types | Git
URL | https://github.com/alpha-wolf-jin/mesh-apps/
Branch | main
Path | elastic-operator
Label | purpose
Value | development
Deployment window | Always Active

Click “Create

Application – jaeger-product

Use RHACM GitOps to create a new jaeger-product application based on the following criteria

FIELDVALUEName | jaeger-product
Namespace | openshift-distributed-tracing
Repository types | Git
URL | https://github.com/alpha-wolf-jin/mesh-apps/
Branch | main
Path | jaeger-operator
Label | purpose
Value | development
Deployment window | Always active

Application – kiali-servicemesh

Use RHACM GitOps to create a new kiali-servicemesh application based on the following criteria

FIELDVALUEName | kiali-servicemesh
Namespace | openshift-operators
Repository types | Git
URL | https://github.com/alpha-wolf-jin/mesh-apps/
Branch | main
Path | kiali-servicemesh-operator
Label | purpose
Value | development
Deployment window | Always active

Application – mesh

Use RHACM GitOps to create a new mesh application based on the following criteria

FIELDVALUEName | mesh
Namespace | istio-system
Repository types | Git
URL | https://github.com/alpha-wolf-jin/mesh-apps/
Branch | main
Path | mesh
Label | purpose
Value | development
Deployment window | Always Active

Verify Service Mesh inside RHACM

Application – elastic

Verify Service Mesh inside Managed Clusters

Cluster 01

The smcp is ready.

$ oc login -u kubeadmin -p <password> https://api.bn7z2-m-dev-01.sandbox1558.opentlc.com:6443
Login successful.

$ oc get smcp -n istio-system
NAME    READY   STATUS            PROFILES      VERSION   AGE
basic   10/10   ComponentsReady   ["default"]   2.2.3     18h

Cluster 02

The smcp is ready.

$ oc login -u kubeadmin -p <password> https://api.bn7z2-m-dev.sandbox1558.opentlc.com:6443
Login successful.

$ oc get smcp -n istio-system
NAME    READY   STATUS                   PROFILES   VERSION   AGE
basic   0/0     DependencyMissingError                        3h39m

The above is a small sample of how to manage the cluster with the RHACM GitOps.

Contact

Missing something?

Feel free to request missing tools or give some feedback using our contact form.

Contact Us