docs: cluster peering docs feedback (#15268)

* docs: cluster peering docs feedback

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
This commit is contained in:
David Yu 2022-11-04 15:01:23 -07:00 committed by GitHub
parent 3eb3cf3b0d
commit ebe23574e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 9 deletions

View File

@ -237,6 +237,12 @@ The examples described in this section demonstrate how to export a service named
</CodeBlockConfig>
1. Deploy the `backend` service to the second cluster.
```shell-session
$ kubectl apply --context $CLUSTER2_CONTEXT --filename backend.yaml
```
1. In `cluster-02`, create an `ExportedServices` custom resource.
<CodeBlockConfig filename="exportedsvc.yaml">
@ -255,17 +261,17 @@ The examples described in this section demonstrate how to export a service named
</CodeBlockConfig>
1. Apply the service file and the `ExportedServices` resource to the second cluster.
1. Apply the `ExportedServices` resource to the second cluster.
```shell-session
$ kubectl apply --context $CLUSTER2_CONTEXT --filename backend.yaml --filename exportedsvc.yaml
$ kubectl apply --context $CLUSTER2_CONTEXT --filename exportedsvc.yaml
```
### Authorize services for peers
1. Create service intentions for the second cluster.
<CodeBlockConfig filename="intention.yml">
<CodeBlockConfig filename="intention.yaml">
```yaml
apiVersion: consul.hashicorp.com/v1alpha1
@ -287,7 +293,7 @@ The examples described in this section demonstrate how to export a service named
1. Apply the intentions to the second cluster.
```shell-session
$ kubectl --context $CLUSTER2_CONTEXT apply --filename intention.yml
$ kubectl --context $CLUSTER2_CONTEXT apply --filename intention.yaml
```
1. Add the `"consul.hashicorp.com/connect-inject": "true"` annotation to your service's pods before deploying the workload so that the services in `cluster-01` can dial `backend` in `cluster-02`. To dial the upstream service from an application, configure the application so that that requests are sent to the correct DNS name as specified in [Service Virtual IP Lookups](/docs/discovery/dns#service-virtual-ip-lookups). In the following example, the annotation that allows the workload to join the mesh and the configuration provided to the workload that enables the workload to dial the upstream service using the correct DNS name is highlighted.
@ -364,6 +370,8 @@ The examples described in this section demonstrate how to export a service named
1. Run the following command in `frontend` and then check the output to confirm that you peered your clusters successfully.
<CodeBlockConfig filename="frontend.yaml" highlight="31">
```shell-session
$ kubectl --context $CLUSTER1_CONTEXT exec -it $(kubectl --context $CLUSTER1_CONTEXT get pod -l app=frontend -o name) -- curl localhost:9090
@ -401,6 +409,8 @@ The examples described in this section demonstrate how to export a service named
"code": 200
}
```
</CodeBlockConfig>
## End a peering connection
@ -423,10 +433,10 @@ To end a peering connection, delete both the `PeeringAcceptor` and `PeeringDiale
1. Exec into the server pod for the first cluster.
```shell-session
$ kubectl exec -it consul-server-0 -- /bin/sh
$ kubectl exec -it consul-server-0 --context $CLUSTER1_CONTEXT -- /bin/sh
```
1. Export an ACL token to access the `/health` HTP endpoint for services. The bootstrap token may be used if an ACL token is not already provisioned.
1. If you've enabled ACLs, export an ACL token to access the `/health` HTP endpoint for services. The bootstrap token may be used if an ACL token is not already provisioned.
```shell-session
$ export CONSUL_HTTP_TOKEN=<INSERT BOOTSTRAP ACL TOKEN>
@ -435,8 +445,8 @@ To end a peering connection, delete both the `PeeringAcceptor` and `PeeringDiale
1. Query the the `/health` HTTP endpoint. The peered services should no longer appear.
```shell-session
$ curl "localhost:8500/v1/health/connect/backend?peer=cluster-02"
```
$ curl "localhost:8500/v1/health/connect/backend?peer=cluster-02"
```
## Recreate or reset a peering connection
@ -452,7 +462,7 @@ To recreate or reset the peering connection, you need to generate a new peering
metadata:
name: cluster-02
annotations:
consul.hashicorp.com/peering-version: 1 ## The peering version you want to set.
consul.hashicorp.com/peering-version: "1" ## The peering version you want to set, must be in quotes
spec:
peer:
secret: