Configuring multi-cluster gateways
1. Configuring multi-cluster gateways
When configuring a multi-cluster gateway, the first step is to configure the Google Cloud Load Balancer in the gateway Custom Resource Definition, CRD. Our first step is to ensure that the gateway API is enabled. The gateway API is usually enabled by default on newer GKE clusters. However, ensure that your GKE version supports it. In the gateway YAML file, specify the name of the resource and the target namespace. In the spec section, use the gatewayClassName field to specify which controller you want to use. The gatewayClassName determines the type of load balancer that will be provisioned. Examples of load balancer types include gke-l7-global-external-managed, global external HTTPS managed load balancer; gke l7 regional external managed, regional external HTTPS managed load balancer; gke-l7-gxlb, global external HTTPS load balancer; gke-l7-rilb, regional internal HTTPS load balancer. gke-l7-gxlb-mc, multicluster global external HTTPS load balancer; gke-l7-rilb-mc, multi-cluster regional internal HTTPS load balancer; gke l7 global external https managed mc, multicluster global external HTTPS managed load balancer; and gke l7 regional external https managed mc, multicluster regional external HTTPS managed load balancer. To load balance across clusters, include mc at the end of the load balancer name. You can create routes inside the gateway or in a separate HTTP route resource. If the root is located within a separate HTTP route, use a selector to link it with the gateway. For HTTPS load balancers, specify the credentials for TLS encryption. In a multi-cluster gateway, HTTP routes use service imports to identify services residing in other clusters. This abstraction is necessary, because unlike single cluster gateways, a multi-cluster gateway needs a way to reference services that may not exist locally. An HTTPRoute defines rules for routing HTTPS requests from a gateway to backend services. In the YAML file, the connection with the gateway is defined, and store is configured as the default route. Paths to /east and /west are configured to route to multi-cluster services called store-west-1 and store-east-1. HTTPRoutes are flexible and use features like traffic splits to deliver requests based on weights to services in the same or different clusters. Traffic splits are useful for canary deployments, where you gradually move traffic to the new version of your application to identify issues before they affect all instances of the application; blue-green deployments, where you create a completely new deployment with a newer version of the application. When the pods are ready, the traffic can be switched from the old blue version to the new green version. Then pods in the blue deployment version will be deleted. And A/B testing, where you deploy multiple versions of your application, divert the same percentage of traffic to each version, and test conversion rates to see which version is performing better. To split traffic, you can use the weight field in the backendRefs of an HTTP route. If no weight is specified, traffic is distributed evenly across all backends using a round-robin strategy. The gateway class of a multi-cluster gateway supports the GCPBackendConfig resource, where you can customize backend settings on a per service level. This enables you to benefit from additional Google Cloud features. You can use connectionDraining to enable existing connections to complete when a backend is removed. By default, the value is 0. iap enables you to authenticate and authorize employees to use internal applications. Cloud Armor Security policies help you protect your load balanced applications from web-based attacks, such as denial of service, cross-scripting injection, or SQL injection. Enabling logging can log all HTTP requests from clients to cloud logging at a sampling rate of your choice.2. Let's practice!
Create Your Free Account
or
By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.