From 506afd02d87fd6fe05d78d4b6d5b8967efab3b72 Mon Sep 17 00:00:00 2001 From: Paul Wright Date: Mon, 12 Aug 2024 14:42:34 +0100 Subject: [PATCH 1/3] single logical service --- cli/index.adoc | 3 ++ cli/single-logical-service.adoc | 93 +++++++++++++++++++++++++++++++++ partials/attributes.adoc | 1 + 3 files changed, 97 insertions(+) create mode 100644 cli/single-logical-service.adoc diff --git a/cli/index.adoc b/cli/index.adoc index 6cca15a..916d1ec 100644 --- a/cli/index.adoc +++ b/cli/index.adoc @@ -447,6 +447,9 @@ include::./network-status.adoc[leveloffset=0] include::./native-security-options.adoc[leveloffset=0] +include::./single-logical-service.adoc[leveloffset=0] + + include::./protocols.adoc[leveloffset=0] // Type: reference diff --git a/cli/single-logical-service.adoc b/cli/single-logical-service.adoc new file mode 100644 index 0000000..5949943 --- /dev/null +++ b/cli/single-logical-service.adoc @@ -0,0 +1,93 @@ +//Category: skupper-cli +// Type: procedure +:context: k8s +[id='deploying-single-logical-service'] +== Deploying a single logical service across many sites for failover + +A typical scenario for using {skupper-name} is to deploy a server process on two sites with the intention that if one site fails, the other site seamlessly processes any further requests. +In this scenario the primary server responds to all requests while that server is available and traffic is only directed to the secondary server when the primary server is not available. +The procedure describes two servers, however this technique works for many servers. + +.Prerequisites + +* Two or more unlinked sites. +* A basic understanding of {skupper-name} and its networking model. + +.Procedure + +. Create sites by using `skupper init`. +. Deploy your servers on different sites. +. Generate a token on the first site: ++ +-- +[source, bash] +---- +$ skupper token create token.yaml +---- + +This file contains a key and the location of the site that created it. + +[NOTE] +==== +Access to this file provides access to the {service-network}. +Protect it appropriately. +==== +-- + +. Use the token on the cluster that you want to connect from: ++ +-- + +To create a link to the first site: + +[source, bash] +---- +$ skupper link create token.yaml --cost 99999 +---- + +The high cost setting means that traffic is not directed to this site under normal circumstances. +However, if there is no other server available, all traffic is directed to this site. +-- + +. Expose the servers on the {service-network} for both sites. ++ +-- +On the first site: + +[source, bash] +---- +$ skupper service create +---- + +where + +* `` is the name of the service you want to create +* `` is the port the service uses + +By default, this service is now visible on both sites, although there is no server available to process requests to this service. + +If `enable-service-sync` is set to `false` you need to create the service on both sites. + +On both sites: + +[source, bash] +---- +$ skupper service bind +---- + +where + +* `` is the name of the service on the {service-network} + +* `` is the object you want to expose, `deployment`, `statefulset`, `pods`, or `service`. + +* `` is the name of the cluster service + +For example: +[source, bash] +---- +$ skupper service bind hello-world-backend deployment hello-world-backend +---- +-- + +. You can use the console to check the traffic flow or monitor the services using your tooling. \ No newline at end of file diff --git a/partials/attributes.adoc b/partials/attributes.adoc index 3ac9d56..fd9a998 100644 --- a/partials/attributes.adoc +++ b/partials/attributes.adoc @@ -1,6 +1,7 @@ :service-network: service network :skupper-cli-version: 1.7 :service-version: 1.7 +:skupper-name: Skupper :policy-link: ../policy/index.html[Securing a service network using policies] :console-link: ../console/index.html[Using the Skupper console] From 928d5e3645444c1ab20af1f9a8967f7dca2d54c0 Mon Sep 17 00:00:00 2001 From: Paul Wright Date: Wed, 28 Aug 2024 18:28:20 +0100 Subject: [PATCH 2/3] update --- cli/single-logical-service.adoc | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/cli/single-logical-service.adoc b/cli/single-logical-service.adoc index 5949943..01c7a3b 100644 --- a/cli/single-logical-service.adoc +++ b/cli/single-logical-service.adoc @@ -50,10 +50,10 @@ However, if there is no other server available, all traffic is directed to this -- . Expose the servers on the {service-network} for both sites. + +.. Create the service: + -- -On the first site: - [source, bash] ---- $ skupper service create @@ -66,9 +66,16 @@ where By default, this service is now visible on both sites, although there is no server available to process requests to this service. -If `enable-service-sync` is set to `false` you need to create the service on both sites. +[NOTE] +==== +By default, if you create a service on one site, it is available on all sites. +However, if `enable-service-sync` is set to `false` you need to create the service on both sites. +==== +-- -On both sites: +.. Bind the service with the server on both sites. ++ +-- [source, bash] ---- @@ -90,4 +97,6 @@ $ skupper service bind hello-world-backend deployment hello-world-backend ---- -- -. You can use the console to check the traffic flow or monitor the services using your tooling. \ No newline at end of file +. You can use the console to check the traffic flow or monitor the services using your tooling. +Clients can connect to either site, and the server on that site processes the requests until the server is not available. +Further requests are processed by the server on the other site. \ No newline at end of file From be20f9ceb705ef30ccdf5c66ab8e53aa5ef7a2a9 Mon Sep 17 00:00:00 2001 From: Paul Wright Date: Thu, 29 Aug 2024 14:23:09 +0100 Subject: [PATCH 3/3] update based on feedback --- cli/single-logical-service.adoc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cli/single-logical-service.adoc b/cli/single-logical-service.adoc index 01c7a3b..ca88c20 100644 --- a/cli/single-logical-service.adoc +++ b/cli/single-logical-service.adoc @@ -61,8 +61,8 @@ $ skupper service create where -* `` is the name of the service you want to create -* `` is the port the service uses +* `` is the name of the service you want to create. +* `` is the port the service uses. By default, this service is now visible on both sites, although there is no server available to process requests to this service. @@ -99,4 +99,7 @@ $ skupper service bind hello-world-backend deployment hello-world-backend . You can use the console to check the traffic flow or monitor the services using your tooling. Clients can connect to either site, and the server on that site processes the requests until the server is not available. -Further requests are processed by the server on the other site. \ No newline at end of file +Further requests are processed by the server on the other site. + +If the server on the original site becomes available, it processes all further requests. +However existing TCP connections to the secondary or backup server will persist until those TCP connections are closed.