Trying to setup istio-multi cluster with in same network
Step1 setup two k8s cluster with different cluster/context name(primary-cluster and remote-cluster)
Setup for primary cluster is done using link: Istioldie 1.7 / Shared control plane (single and multiple networks)
Steps followed as per link Istio / Install Primary-Remote
Step-1 create two k8s clusters in GCP VMs (name cluster1 with one master and two worker nodes for each cluster)
Step-2 followed the link [Istio / Install Primary-Remote]
create cluster1.yaml as per above link
→ istioctl install --set values.pilot.env.EXTERNAL_ISTIOD=true --context=“${CTX_CLUSTER1}” -f cluster1.yaml
export CTX_CLUSTER1 = kubernetes-admin@cluster1 <<set while init the master using kubeadm and verify using “kubectl config get-contexts”>>
Step-3 install east-west gateway
[samples/multicluster/gen-eastwest-gateway.sh --mesh mesh1 --cluster cluster1 --network network1 | istioctl --context=“${CTX_CLUSTER1}” install -y -f - ]
Step-4 expose control plan in cluster1
[kubectl apply --context=“${CTX_CLUSTER1}” -n istio-system -f samples/multicluster/expose-istiod.yaml]
Step-5 Set the controlplane for cluster2
[kubectl --context=“${CTX_CLUSTER2}” annotate namespace istio-system topology.istio.io/controlPlaneClusters=cluster1] value of CTX_CLUSTER2=“kubernetes-admin@cluster2” set in env
Step-6 configure cluster2 as remote
[export DISCOVERY_ADDRESS=$(kubectl --context=“${CTX_CLUSTER1}” -n istio-system get svc istio-eastwestgateway -o jsonpath=‘{.status.loadBalancer.ingress[0].ip}’)]
→ here set the external static_ip in VPC → IP and export DISCOVERY_ADDRESS=<<static_IP>>
Step-7 create cluster2.yaml as per the link with istiodRemote: as
injectionPath: /inject/cluster/cluster2/net/network1
global:
remotePilotAddress: ${DISCOVERY_ADDRESS}
[istioctl install --context=“${CTX_CLUSTER2}” -f cluster2.yaml]
Step-8
Attach cluster2 as a remote cluster of cluster1
[istioctl x create-remote-secret --context=“${CTX_CLUSTER2}” --name=cluster2 | kubectl apply -f - --context=“${CTX_CLUSTER1}”]
Step-8 # verify the installation [Istio / Verify the installation]
Deploy Helloworld v1 in cluster1 – done successful
[kubectl apply --context=“${CTX_CLUSTER1}” -f samples/helloworld/helloworld.yaml -l version=v1 -n sample]
Deploy helloworld v2 in cluster2
[kubectl apply --context=“${CTX_CLUSTER2}” -f samples/helloworld/helloworld.yaml -l version=v2 -n sample]
getting error in remote cluster2
[replicaset-controller Error creating: Internal error occurred: failed calling webhook “namespace.sidecar-injector.istio.io”: failed to call webhook: Post “https://istiod.istio-system.svc:443/inject/cluster/cluster3/net/network1?timeout=10s”: dial tcp 10.105.138.129:443: i/o timeout]
as per error the cluster2 process is trying to connect the cluster2 local istio-ip(10.105.138.129:443) ideally it has to connect to cluster1 istiod ip
Any suggestion or guidance where I am wrong or missing any steps or configuration.
troubleshooting steps. once i remove istio-injection- the cluster2 starts working fine as independent cluster. but as a remote cluster2 it is not getting or trying connect to controlplace of cluster1
Any suggestions are most welcome