Service Mesh - Istio Part 3

Modern applications and platforms are distributed and deployed across data center, cloud and edge. Service mesh provides the ability to connect, secure and monitor your applications. In the previous posts, we looked at Traffic management and Monitoring part of service mesh and in this article, we look at the how to set up MultiCluster feature of service mesh.

The latest version of istio have new model of configuration based on control plane and network choices. The control plane can be primary or remote and network can be same or different network. Based on these two configuration, we can have four different configuration and the details can be found here.

We look into how do we configure multiple primary on different network which provides the high availabilty and will be the most common configuration among MultiCluster service mesh.

Following are the six steps required to set up a MultiCluster mesh and verify the installation.

1. Trust across clusters: Trust between clusters can be established with the help of certificates and there can be different ways like using the built-in CA or using the custom CA. More details can be found here.
2. Install istio on both the clusters. For steps 2,3,4 and 5. Refer this link here.
3. Install the east west gateway on both the clusters. This is the way the services in one cluster can communicate with another.
4. Expose services in both the cluster. This will expose the services on east-west gateway in both the clusters. 
5. Enable endpoint discovery. This will create a remote secret which will provide access to each other API server.
6. Verify the MultiCluster mesh by installing the workloads. More details can found here.