Configuring a WorkloadEntry and WorkloadGroup
1. Configuring a WorkloadEntry and WorkloadGroup
In this section, you explore WorkloadEntry and WorkloadGroup. WorkloadEntry enables the integration of non-Kubernetes workloads by defining the workload properties, such as its address, service account, and labels. In Istio, WorkloadGroup provides a mechanism to manage collections of non-Kubernetes workloads by defining their bootstrap properties. Let's begin by exploring how to configure WorkloadEntry. A WorkloadEntry must have a corresponding ServiceEntry, which defines the service itself. Hostnames ports. ServiceEntry uses label selectors to associate the service with the WorkloadEntry. When a workload connects to Istio, its status is updated, containing its health and other details, enabling centralized monitoring and management of all workloads in the mesh. This is an example of a WorkloadEntry for a VM with a static IP address. The VM uses a mesh internal ServiceEntry with the resolution defined as STATIC. Traffic is routed through sidecars, with Istio-mutual TLS securing communication. In this example, we are using a fully qualified DNS name for the VM. In this case, the WorkloadEntry's resolution mode is set to DNS, enabling client-side sidecars to dynamically resolve the DNS name. Next, let's transition to WorkloadGroup. You can use WorkloadGroup to manage collections of non-Kubernetes workloads by defining their bootstrap properties. They mimic Kubernetes' sidecar injection and deployment models. WorkloadGroup is essentially, a template for WorkloadEntry resources. A WorkloadGroup defines metadata, like labels, and a template specifying ports and service accounts for associated workloads. This ensures consistent configuration across multiple instances. Health probes can also be defined, allowing Istio to monitor workload health. This example defines a WorkloadGroup named reviews, in the bookinfo namespace. Health probes can also be defined, allowing Istio to monitor workload health. The WorkloadGroup has specific labels, ports, gRPC, and HTTP, and a service account. It also includes a health probe configuration. The WorkloadGroup focuses on workload configuration and bootstrapping, not service registry. Hostname configuration is managed by ServiceEntry. WorkloadGroup uses common properties across WorkloadEntry resources to simplify management and ensure consistency.2. Let's practice!
Create Your Free Account
or
By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.