Get up to 50% off on CKA, CKAD, CKS, KCNA, KCSA exams and courses!

RHACM GitOps: Install Service Mesh Operator and Configure a default control plan

RHACM GitOps: Install Service Mesh Operator and Configure a default control plan

This blog shows how to use RHACM GitOps to install Service Mesh and configure the default control plan.

If your hub and managed clusters are not ready, please refer to https://www.techbeatly.com/install-the-rhacm-operator-import-an-existing-cluster-deploy-a-new-cluster/ for environment setup.

Below are the clusters we use here.

The “local-cluster” is the hub server. The 2 managed clusters are “ bn7z2-m-dev ” and “ bn7z2-m-dev-01 ” with the label “purpose=development”.

GitOps – tempaltes on github

$ git clone https://github.com/alpha-wolf-jin/mesh-apps.git

$ tree ./mesh-apps/
./mesh-apps/
├── elastic-operator
│   └── elasticsearch.yaml
├── jaeger-operator
│   └── jaeger-operator.yaml
├── kiali-servicemesh-operator
│   └── kiali-servicemesh-operator.yaml
├── mesh
│   └── smcp-basic.yaml
└── README.md

Templates used for Service Mesh:

elasticsearch.yaml

Create a Subscription object YAML file to subscribe to elasticsearch-operator in the openshift-operators-redhat namespace.

$ cat elastic-operator/elasticsearch.yaml
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: elasticsearch-operator
  namespace: openshift-operators-redhat
spec:
  channel: stable
  installPlanApproval: Automatic
  name: elasticsearch-operator
  source: redhat-operators
  sourceNamespace: openshift-marketplace

jaeger.yaml

Create a Subscription object YAML file to subscribe to the jaeger-product in the openshift-distributed-tracing namespace.

$ cat jaeger-operator/jaeger-operator.yaml
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: jaeger-product
  namespace: openshift-distributed-tracing
spec:
  channel: stable
  installPlanApproval: Automatic
  name: jaeger-product
  source: redhat-operators
  sourceNamespace: openshift-marketplace

kiali-servicemesh-operator.yaml

Create a Subscription object YAML file to subscribe to the kiali-ossm & servicemeshoperator Operators in the openshift-operators namespace.

$ cat kiali-servicemesh-operator/kiali-servicemesh-operator.yaml
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: kiali-ossm
  namespace: openshift-operators
spec:
  channel: stable
  installPlanApproval: Automatic
  name: kiali-ossm
  source: redhat-operators
  sourceNamespace: openshift-marketplace
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: servicemeshoperator
  namespace: openshift-operators
spec:
  channel: stable
  installPlanApproval: Automatic
  name: servicemeshoperator
  source: redhat-operators
  sourceNamespace: openshift-marketplace

smcp-basic.yaml

Create a ServiceMeshControlPlane object basic in namespace istio-system .

$ cat mesh/smcp-basic.yaml
---
apiVersion: maistra.io/v2
kind: ServiceMeshControlPlane
metadata:
  name: basic
  namespace: istio-system
spec:
  version: v2.2
  gateways:
    egress:
      enabled: true
      runtime:
        deployment:
          autoScaling:
            enabled: false
    ingress:
      enabled: true
      runtime:
        deployment:
          autoScaling:
            enabled: false

  tracing:
    sampling: 10000
    type: Jaeger

  telemetry:
    type: Istiod

  policy:
    type: Istiod

  addons:
    grafana:
      enabled: true
    jaeger:
      install:
        storage:
          type: Memory
    kiali:
      enabled: true

Managing Multicluster Service Mesh with RHACM GitOps

Application – elastic

Use RHACM GitOps to create a new elastic application based on the following criteria

FieldValue
`Name`elastic
`Namespace`openshift-operators-redhat
`Repository types``Git`
`URL`https://github.com/alpha-wolf-jin/mesh-apps/
Branchmain
Pathelastic-operator
Labelpurpose
Valuedevelopment
Deployment windowAlways Active

Click “ Create “

Application – jaeger-product

Use RHACM GitOps to create a new jaeger-product application based on the following criteria

FieldValue
`Name`jaeger-product
`Namespace`openshift-distributed-tracing
`Repository types``Git`
`URL`https://github.com/alpha-wolf-jin/mesh-apps/
Branchmain
Pathjaeger-operator
Labelpurpose
Valuedevelopment
Deployment windowAlways active
Application – kiali-servicemesh

Use RHACM GitOps to create a new kiali-servicemesh application based on the following criteria

FieldValue
`Name`kiali-servicemesh
`Namespace`openshift-operators
`Repository types``Git`
`URL`https://github.com/alpha-wolf-jin/mesh-apps/
Branchmain
Pathkiali-servicemesh-operator
Labelpurpose
Valuedevelopment
Deployment windowAlways active
Application – mesh

Use RHACM GitOps to create a new mesh application based on the following criteria

FieldValue
`Name`mesh
`Namespace`istio-system
`Repository types``Git`
`URL`https://github.com/alpha-wolf-jin/mesh-apps/
Branchmain
Pathmesh
Labelpurpose
Valuedevelopment
Deployment windowAlways Active

Verify Service Mesh inside RHACM

Application – elastic

Application – jaeger-product

Application – kiali-servicemesh

Application – mesh

Verify Service Mesh inside Managed Clusters

Cluster 01

The smcp is ready.

$ oc login -u kubeadmin -p <password> https://api.bn7z2-m-dev-01.sandbox1558.opentlc.com:6443
Login successful.

$ oc get smcp -n istio-system
NAME    READY   STATUS            PROFILES      VERSION   AGE
basic   10/10   ComponentsReady   ["default"]   2.2.3     18h

Cluster 02

The smcp is ready.

$ oc login -u kubeadmin -p <password> https://api.bn7z2-m-dev.sandbox1558.opentlc.com:6443
Login successful.

$ oc get smcp -n istio-system
NAME    READY   STATUS                   PROFILES   VERSION   AGE
basic   0/0     DependencyMissingError                        3h39m

The above is a small sample of how to manage the cluster with the RHACM GitOps.

Share :

Related Posts

Conduct Vulnerability Management for Your Kubernetes Applications

Conduct Vulnerability Management for Your Kubernetes Applications

Kubernetes is an open source container orchestration tool initially developed by Google and subsequently handed over to the Cloud Native Computing …

Using Ansible with Terraform – Ansible Real Life Series

Learn how to use Ansible with Terraform for provisioning the configurations and software.

How to Fix a Failed PV in OpenShift Cluster

How to Fix a Failed PV in OpenShift Cluster

Image : https://premierevanlines.com There are several cases a PV (PersistentVolume) appear as Failed in OpenShift or Kubernetes cluster. Once of the …

Learn OpenShift – A Comprehensive Guide for OpenShift Courses and Exams

Learn OpenShift – A Comprehensive Guide for OpenShift Courses and Exams

Introduction OpenShift is an enterprise Kubernetes platform used to build, deploy, and manage cloud-native applications. OpenShift offers automated …

OpenShift Cluster – How to Drain or Evacuate a Node for Maintenance

OpenShift Cluster – How to Drain or Evacuate a Node for Maintenance

Image : www.oemoffhighway.com As we know OpenShift clusters are bundled with multiple compute nodes, master nodes, infra nodes etc, it’s not a big …

Kubernetes vs OpenShift – 15 Facts You Should Know

Kubernetes vs OpenShift – 15 Facts You Should Know

Welcome back to the OpenShift Bootcamp series. In this article we will see the difference between Kubernetes and OpenShift . Please note, during the …