-
-
Save wrkode/b207dabba65ee741ae709897a70c1107 to your computer and use it in GitHub Desktop.
Revisions
-
dgiebert revised this gist
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -84,7 +84,7 @@ cilium connectivity test --context $CLUSTER3 --multi-cluster $CLUSTER1 Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ ### Test Configure the Ingress Controller to use ClusterIP and add the correct annotations ```yaml apiVersion: helm.cattle.io/v1 -
Jun 27, 2024 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -103,4 +103,5 @@ spec: annotations: service.cilium.io/affinity: remote service.cilium.io/global: 'true' ``` Execute into the cattle-cluster-agent Pod and run `curl http://rke2-ingress-nginx-controller.kube-system.svc` watch the magic in Hubble :) -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,7 +24,7 @@ spec: ``` ### Use the CLI to connect 2 clusters Download and combine the KUBECONFIG files with a tool of your choice and install the CLI [(docs)](https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/#install-the-cilium-cli) ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer -
Jun 27, 2024 . 1 changed file with 1 addition and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,8 +24,7 @@ spec: ``` ### Use the CLI to connect 2 clusters Download and combine the KUBECONFIG files with a tool of your choice andnstall the CLI [(docs)](https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/#install-the-cilium-cli) ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer -
Jun 27, 2024 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -25,6 +25,7 @@ spec: ### Use the CLI to connect 2 clusters Download and combine the KUBECONFIG files with a tool of your choice Install the CLI [docs](https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/#install-the-cilium-cli) ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ ### Prepare the Cluster Deploy this config to all clusters that you want to form a mesh with ```yaml apiVersion: helm.cattle.io/v1 -
Jun 27, 2024 . 1 changed file with 22 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -82,4 +82,25 @@ cilium connectivity test --context $CLUSTER3 --multi-cluster $CLUSTER1 **!! Persist all settings in the HelmChartConfig (helm get values -n kube-system rke2-cilium)!!** Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ #### Test Configure the Ingress Controller to use ClusterIP and add the correct annotations ```yaml apiVersion: helm.cattle.io/v1 kind: HelmChartConfig metadata: name: rke2-ingress-nginx namespace: kube-system spec: valuesContent: |- controller: hostPort: enabled: false service: enabled: true type: ClusterIP annotations: service.cilium.io/affinity: remote service.cilium.io/global: 'true' ``` -
Jun 27, 2024 . 1 changed file with 20 additions and 18 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,46 +24,48 @@ spec: ``` ### Use the CLI to connect 2 clusters Download and combine the KUBECONFIG files with a tool of your choice ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer kubectl --context=$CLUSTER1 annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Fix cilium-ca for Hubble kubectl --context=$CLUSTER1 label secret -n kube-system cilium-ca app.kubernetes.io/managed-by="Helm" kubectl --context=$CLUSTER1 annotate secret -n kube-system cilium-ca meta.helm.sh/release-name="rke2-cilium" kubectl --context=$CLUSTER1 annotate secret -n kube-system meta.helm.sh/release-namespace="kube-system" kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - # Fix LoadBalancer in CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl --context=$CLUSTER2 annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Check Status of the Cluster Mesh Components in each cluster cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait # Start connecting cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 ``` **!! Persist all settings in the HelmChartConfig (helm get values -n kube-system rke2-cilium)!!** ### Use the CLI to connect 3 clusters Download and combine the KUBECONFIG files with a tool of your choice ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 CLUSTER3=cilium03 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer kubectl --context=$CLUSTER1 annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Fix cilium-ca for Hubble kubectl --context=$CLUSTER1 label secret -n kube-system cilium-ca app.kubernetes.io/managed-by="Helm" kubectl --context=$CLUSTER1 annotate secret -n kube-system cilium-ca meta.helm.sh/release-name="rke2-cilium" kubectl --context=$CLUSTER1 annotate secret -n kube-system meta.helm.sh/release-namespace="kube-system" kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER3 create -f - # Deploy API Server and fix LoadBalancer in CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl --context=$CLUSTER2 annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Deploy API Server and fix LoadBalancer in CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER3 --service-type LoadBalancer kubectl --context=$CLUSTER3 annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Check Status of the Cluster Mesh Components in each cluster cilium clustermesh status --context $CLUSTER1 --wait @@ -76,8 +78,8 @@ cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER3 - cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 cilium connectivity test --context $CLUSTER2 --multi-cluster $CLUSTER3 cilium connectivity test --context $CLUSTER3 --multi-cluster $CLUSTER1 ``` **!! Persist all settings in the HelmChartConfig (helm get values -n kube-system rke2-cilium)!!** Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ -
Jun 27, 2024 . 1 changed file with 4 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,5 @@ ### HelmChartConfig Deploy this config to all clusters that you want to form a mesh with ```yaml apiVersion: helm.cattle.io/v1 kind: HelmChartConfig @@ -17,9 +18,9 @@ spec: type: wireguard # Cluster-mesh # This needs to be unique for all nodes # cluster: # name: cilium01 # id: 1 ``` ### Use the CLI to connect 2 clusters -
Jun 27, 2024 . 1 changed file with 5 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,9 +16,10 @@ spec: enabled: true type: wireguard # Cluster-mesh # This needs to be unique for all nodes cluster: name: cilium01 id: 1 ``` ### Use the CLI to connect 2 clusters @@ -45,7 +46,7 @@ cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2-cilium ``` ### Use the CLI to connect 3 clusters ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 CLUSTER3=cilium03 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer -
Jun 27, 2024 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -41,7 +41,6 @@ cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait # Start connecting cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2-cilium ``` @@ -72,8 +71,9 @@ cilium clustermesh status --context $CLUSTER3 --wait cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER2 --destination-context $CLUSTER3 cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER3 --destination-context $CLUSTER1 cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 cilium connectivity test --context $CLUSTER2 --multi-cluster $CLUSTER3 cilium connectivity test --context $CLUSTER3 --multi-cluster $CLUSTER1 # Persist all settings in the HelmChartConfig helm get values -n kube-system rke2-cilium ``` -
Jun 27, 2024 . No changes.There are no files selected for viewing
-
Jun 27, 2024 . 1 changed file with 29 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,32 @@ spec: # id: 1 ``` ### Use the CLI to connect 2 clusters ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer # Fix LoadBalancer in CLUSTER1 kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Fix cilium-ca for Hubble kubectl label secret -n kube-system cilium-ca app.kubernetes.io/managed-by="Helm" kubectl annotate secret -n kube-system cilium-ca meta.helm.sh/release-name="rke2-cilium" kubectl annotate secret -n kube-system meta.helm.sh/release-namespace="kube-system" kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer # Fix LoadBalancer in CLUSTER2 kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Check Status of the Cluster Mesh Components in each cluster cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait # Start connecting cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2-cilium ``` ### Use the CLI to connect 2 clusters ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 CLUSTER3=cilium03 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer @@ -45,8 +70,11 @@ cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh status --context $CLUSTER3 --wait # Start connecting cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER2 --destination-context $CLUSTER3 cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER3 --destination-context $CLUSTER1 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 # Persist all settings in the HelmChartConfig helm get values -n kube-system rke2-cilium ``` -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -47,7 +47,7 @@ cilium clustermesh status --context $CLUSTER3 --wait cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2-cilium ``` Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ -
Jun 27, 2024 . 1 changed file with 12 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -23,19 +23,27 @@ spec: ### Use the CLI ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 CLUSTER3=cilium03 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer # Fix LoadBalancer in CLUSTER1 kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Fix cilium-ca for Hubble kubectl label secret -n kube-system cilium-ca app.kubernetes.io/managed-by="Helm" kubectl annotate secret -n kube-system cilium-ca meta.helm.sh/release-name="rke2-cilium" kubectl annotate secret -n kube-system meta.helm.sh/release-namespace="kube-system" kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER3 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer # Fix LoadBalancer in CLUSTER2 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER3 --service-type LoadBalancer # Fix LoadBalancer in CLUSTER3 kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Check Status of the Cluster Mesh Components in each cluster cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh status --context $CLUSTER3 --wait # Start connecting cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 -
Jun 27, 2024 . 1 changed file with 8 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,10 +24,16 @@ spec: ### Use the CLI ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer # Fix LoadBalancer kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' # Fix cilium-ca for Hubble kubectl label secret -n kube-system cilium-ca app.kubernetes.io/managed-by="Helm" kubectl annotate secret -n kube-system cilium-ca meta.helm.sh/release-name="rke2-cilium" kubectl annotate secret -n kube-system meta.helm.sh/release-namespace="kube-system" cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -30,7 +30,7 @@ cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 -- kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium --helm-release-name rke2-cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2- -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -27,7 +27,7 @@ export CLUSTER1=cilium01 CLUSTER2=cilium02 kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl annotate svc -n kube-system clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -27,7 +27,7 @@ export CLUSTER1=cilium01 CLUSTER2=cilium02 kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl annotate svc clustermesh-apiserver cloudprovider.harvesterhci.io/ipam='dhcp' cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 -
Jun 27, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -27,7 +27,7 @@ export CLUSTER1=cilium01 CLUSTER2=cilium02 kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl annotate svc foo cloudprovider.harvesterhci.io/ipam='dhcp' cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 -
Jun 27, 2024 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -33,6 +33,7 @@ cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 helm get values -n kube-system rke2- ``` Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ -
Jun 27, 2024 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -34,3 +34,5 @@ cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 ``` Based on: https://docs.cilium.io/en/stable/network/clustermesh/clustermesh/ -
Jun 27, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,36 @@ ### HelmChartConfig ```yaml apiVersion: helm.cattle.io/v1 kind: HelmChartConfig metadata: name: rke2-cilium namespace: kube-system spec: valuesContent: |- kubeProxyReplacement: strict k8sServiceHost: 127.0.0.1 k8sServicePort: 6443 ipv4NativeRoutingCIDR: 10.0.0.0/8 # Transparent Encryption encryption: enabled: true type: wireguard # Cluster-mesh # cluster: # name: cilium01 # id: 1 ``` ### Use the CLI ```sh export CLUSTER1=cilium01 CLUSTER2=cilium02 kubectl --context=$CLUSTER1 get secret -n kube-system cilium-ca -o yaml | kubectl --context $CLUSTER2 create -f - cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER1 --service-type LoadBalancer cilium --helm-release-name rke2-cilium clustermesh enable --context $CLUSTER2 --service-type LoadBalancer kubectl patch ... cilium clustermesh status --context $CLUSTER1 --wait cilium clustermesh status --context $CLUSTER2 --wait cilium clustermesh connect --context $CLUSTER1 --destination-context $CLUSTER2 cilium clustermesh status --context $CLUSTER1 --wait cilium connectivity test --context $CLUSTER1 --multi-cluster $CLUSTER2 ```