지원콘솔개발자평가판 시작연락처

1.18.

1.18.1.

1.18.2.

1.18.3.

1.18.4.

1.18.5.

1.18.6.

    • 참고

1.18.7.

1.18.7.1.

1.18.7.2.

1.18.7.3.

service.beta.kubernetes.io/aws-load-balancer-type: nlb

1.18.7.4.

1.18.7.5.

1.18.8.

1.18.9. 

apiVersion: maistra.io/v2
kind: ServiceMeshControlPlane
metadata:
  name: red-mesh
  namespace: red-mesh-system
spec:
  version: v2.3
  runtime:
    defaults:
      container:
        imagePullPolicy: Always
  gateways:
    additionalEgress:
      egress-green-mesh:
        enabled: true
        requestedNetworkView:
        - green-network
        routerMode: sni-dnat
        service:
          metadata:
            labels:
              federation.maistra.io/egress-for: egress-green-mesh
          ports:
          - port: 15443
            name: tls
          - port: 8188
            name: http-discovery  #note HTTP here
      egress-blue-mesh:
        enabled: true
        requestedNetworkView:
        - blue-network
        routerMode: sni-dnat
        service:
          metadata:
            labels:
              federation.maistra.io/egress-for: egress-blue-mesh
          ports:
          - port: 15443
            name: tls
          - port: 8188
            name: http-discovery  #note HTTP here
    additionalIngress:
      ingress-green-mesh:
        enabled: true
        routerMode: sni-dnat
        service:
          type: LoadBalancer
          metadata:
            labels:
              federation.maistra.io/ingress-for: ingress-green-mesh
          ports:
          - port: 15443
            name: tls
          - port: 8188
            name: https-discovery  #note HTTPS here
      ingress-blue-mesh:
        enabled: true
        routerMode: sni-dnat
        service:
          type: LoadBalancer
          metadata:
            labels:
              federation.maistra.io/ingress-for: ingress-blue-mesh
          ports:
          - port: 15443
            name: tls
          - port: 8188
            name: https-discovery  #note HTTPS here
  security:
    trust:
      domain: red-mesh.local

표 1.6.
매개변수설명기본값
spec:
  cluster:
    name:

문자열

해당 없음 

spec:
  cluster:
    network:

문자열

해당 없음

1.18.9.1.

표 1.7.
매개변수설명기본값
spec:
  gateways:
    additionalEgress:
      <egressName>:

  
spec:
  gateways:
    additionalEgress:
      <egressName>:
        enabled:

true/false

true 

spec:
  gateways:
    additionalEgress:
      <egressName>:
        requestedNetworkView:

 
spec:
  gateways:
    additionalEgress:
      <egressName>:
        routerMode:

sni-dnat

 
spec:
  gateways:
    additionalEgress:
      <egressName>:
        service:
          metadata:
            labels:
              federation.maistra.io/egress-for:

  
spec:
  gateways:
    additionalEgress:
      <egressName>:
        service:
          ports:

 
spec:
  gateways:
    additionalIngress:

  
spec:
  gateways:
    additionalIgress:
      <ingressName>:
        enabled:

true/false

true 

spec:
  gateways:
    additionalIngress:
      <ingressName>:
        routerMode:

sni-dnat

 
spec:
  gateways:
    additionalIngress:
      <ingressName>:
        service:
          type:

LoadBalancer

 
spec:
  gateways:
    additionalIngress:
      <ingressName>:
        service:
          type:

NodePort

 
spec:
  gateways:
    additionalIngress:
      <ingressName>:
        service:
          metadata:
            labels:
              federation.maistra.io/ingress-for:

  
spec:
  gateways:
    additionalIngress:
      <ingressName>:
        service:
          ports:

 
spec:
  gateways:
    additionalIngress:
      <ingressName>:
        service:
          ports:
            nodePort:

 

  gateways:
     additionalIngress:
      ingress-green-mesh:
        enabled: true
        routerMode: sni-dnat
        service:
          type: NodePort
          metadata:
            labels:
              federation.maistra.io/ingress-for: ingress-green-mesh
          ports:
          - port: 15443
            nodePort: 30510
            name: tls
          - port: 8188
            nodePort: 32359
            name: https-discovery

1.18.9.2. 

kind: ServiceMeshControlPlane
metadata:
  name: red-mesh
  namespace: red-mesh-system
spec:
  security:
    trust:
      domain: red-mesh.local
표 1.8.
매개변수설명기본값
spec:
  security:
    trust:
      domain:

<mesh-name>.local

해당 없음

  2. Operators 설치된 Operator로 이동합니다.
  4. Red Hat OpenShift Service Mesh Operator를 클릭합니다.
  6. ServiceMeshControlPlane 세부 정보 만들기 페이지에서 YAML을 클릭하여 구성을 수정합니다.
  8. 저장을 클릭합니다.

다음 절차에 따라 명령줄로 ServiceMeshControlPlane을 생성하거나 편집합니다.

  1. 다음 명령을 입력합니다. 메시지가 표시되면 사용자 이름과 암호를 입력합니다. 

    $ oc login --username=<NAMEOFUSER> https://<HOSTNAME>:6443

  2. $ oc project red-mesh-system

  4. $ oc edit -n red-mesh-system smcp red-mesh

  5. $ oc get smcp -n red-mesh-system

    NAME       READY   STATUS            PROFILES      VERSION   AGE
red-mesh   10/10   ComponentsReady   ["default"]   2.1.0     4m25s

1.18.10.


[D]

kind: ServiceMeshPeer
apiVersion: federation.maistra.io/v1
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  remote:
    addresses:
    - ingress-red-mesh.green-mesh-system.apps.domain.com
  gateways:
    ingress:
      name: ingress-green-mesh
    egress:
      name: egress-green-mesh
  security:
    trustDomain: green-mesh.local
    clientID: green-mesh.local/ns/green-mesh-system/sa/egress-red-mesh-service-account
    certificateChain:
      kind: ConfigMap
      name: green-mesh-ca-root-cert

표 1.9.
매개변수설명
metadata:
  name:

문자열 

metadata:
  namespace:

문자열 

spec:
  remote:
    addresses:

 
spec:
  remote:
    discoveryPort:
 

spec:
  remote:
    servicePort:
 

spec:
  gateways:
    ingress:
      name:

 
spec:
  gateways:
    egress:
      name:

 
spec:
  security:
    trustDomain:

<peerMeshName>.local 

spec:
  security:
    clientID:

<peerMeshTrustDomain>/ns/<peerMeshSystem>/sa/<peerMeshEgressGatewayName>-service-account 

spec:
  security:
    certificateChain:
      kind: ConfigMap
      name:

1.18.10.1.

사전 요구 사항

  • cluster-admin 역할이 있는 계정.

  1. 다음 명령을 입력합니다. 메시지가 표시되면 사용자 이름과 암호를 입력합니다. 

    $ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443

  2. $ oc project red-mesh-system

  3. kind: ServiceMeshPeer
apiVersion: federation.maistra.io/v1
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  remote:
    addresses:
    - ingress-red-mesh.green-mesh-system.apps.domain.com
  gateways:
    ingress:
      name: ingress-green-mesh
    egress:
      name: egress-green-mesh
  security:
    trustDomain: green-mesh.local
    clientID: green-mesh.local/ns/green-mesh-system/sa/egress-red-mesh-service-account
    certificateChain:
      kind: ConfigMap
      name: green-mesh-ca-root-cert

  4. $ oc create -n red-mesh-system -f servicemeshpeer.yaml

  5. $ oc -n red-mesh-system get servicemeshpeer green-mesh -o yaml

    status:
  discoveryStatus:
    active:
    - pod: istiod-red-mesh-b65457658-9wq5j
      remotes:
      - connected: true
        lastConnected: "2021-10-05T13:02:25Z"
        lastFullSync: "2021-10-05T13:02:25Z"
        source: 10.128.2.149
      watch:
        connected: true
        lastConnected: "2021-10-05T13:02:55Z"
        lastDisconnectStatus: 503 Service Unavailable
        lastFullSync: "2021-10-05T13:05:43Z"

1.18.11.


[D]

kind: ExportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  exportRules:
  # export ratings.mesh-x-bookinfo as ratings.bookinfo
  - type: NameSelector
    nameSelector:
      namespace: red-mesh-bookinfo
      name: red-ratings
      alias:
        namespace: bookinfo
        name: ratings
  # export any service in red-mesh-bookinfo namespace with label export-service=true
  - type: LabelSelector
    labelSelector:
      namespace: red-mesh-bookinfo
      selector:
        matchLabels:
          export-service: "true"
      aliases: # export all matching services as if they were in the bookinfo namespace
      - namespace: "*"
        name: "*"
        alias:
          namespace: bookinfo

표 1.10.
매개변수설명
metadata:
  name:
 

metadata:
  namespace:

 
spec:
  exportRules:
  - type:

NameSelector, LabelSelector 

spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      namespace:
      name:

 
spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      alias:
        namespace:
        name:

 
spec:
  exportRules:
  - type: LabelSelector
    labelSelector:
      namespace: <exportingMesh>
      selector:
        matchLabels:
          <labelKey>: <labelValue>

 
spec:
  exportRules:
  - type: LabelSelector
    labelSelector:
      namespace: <exportingMesh>
      selector:
        matchLabels:
          <labelKey>: <labelValue>
      aliases:
      - namespace:
        name:
        alias:
          namespace:
          name:

 

kind: ExportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: blue-mesh
  namespace: red-mesh-system
spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      namespace: "*"
      name: ratings

kind: ExportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      namespace: west-data-center
      name: "*"

1.18.11.1.

사전 요구 사항

  • cluster-admin 역할이 있는 계정.
참고

  1. 다음 명령을 입력합니다. 메시지가 표시되면 사용자 이름과 암호를 입력합니다. 

    $ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443

  2. $ oc project red-mesh-system

  3. apiVersion: federation.maistra.io/v1
kind: ExportedServiceSet
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      namespace: red-mesh-bookinfo
      name: ratings
      alias:
        namespace: bookinfo
        name: red-ratings
  - type: NameSelector
    nameSelector:
      namespace: red-mesh-bookinfo
      name: reviews

  4. $ oc create -n <ControlPlaneNamespace> -f <ExportedServiceSet.yaml>

    예를 들면 다음과 같습니다. 

    $ oc create -n red-mesh-system -f export-to-green-mesh.yaml

  6. $ oc get exportedserviceset <PeerMeshExportedTo> -o yaml

    예를 들면 다음과 같습니다. 

    $ oc get exportedserviceset green-mesh -o yaml

  7. $ oc get exportedserviceset <PeerMeshExportedTo> -o yaml

    예를 들면 다음과 같습니다. 

    $ oc -n red-mesh-system get exportedserviceset green-mesh -o yaml

      status:
    exportedServices:
    - exportedName: red-ratings.bookinfo.svc.green-mesh-exports.local
      localService:
        hostname: ratings.red-mesh-bookinfo.svc.cluster.local
        name: ratings
        namespace: red-mesh-bookinfo
    - exportedName: reviews.red-mesh-bookinfo.svc.green-mesh-exports.local
      localService:
        hostname: reviews.red-mesh-bookinfo.svc.cluster.local
        name: reviews
        namespace: red-mesh-bookinfo

1.18.12.


[D]

kind: ImportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: red-mesh #name of mesh that exported the service
  namespace: green-mesh-system #mesh namespace that service is being imported into
spec:
  importRules: # first matching rule is used
  # import ratings.bookinfo as ratings.bookinfo
  - type: NameSelector
    importAsLocal: false
    nameSelector:
      namespace: bookinfo
      name: ratings
      alias:
        # service will be imported as ratings.bookinfo.svc.red-mesh-imports.local
        namespace: bookinfo
        name: ratings

표 1.11.
매개변수설명
metadata:
  name:

 
metadata:
  namespace:

 
spec:
  importRules:
  - type:

NameSelector 

spec:
  importRules:
  - type: NameSelector
    nameSelector:
      namespace:
      name:

 
spec:
  importRules:
  - type: NameSelector
    importAsLocal:

true/false 

spec:
  importRules:
  - type: NameSelector
    nameSelector:
      namespace:
      name:
      alias:
        namespace:
        name:

 

kind: ImportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: red-mesh
  namespace: blue-mesh-system
spec:
  importRules:
  - type: NameSelector
    importAsLocal: false
    nameSelector:
      namespace: bookinfo
      name: ratings

kind: ImportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: red-mesh
  namespace: green-mesh-system
spec:
  importRules:
  - type: NameSelector
    importAsLocal: false
    nameSelector:
      namespace: west-data-center
      name: "*"

1.18.12.1.

사전 요구 사항

  • cluster-admin 역할이 있는 계정.
참고

  1. 다음 명령을 입력합니다. 메시지가 표시되면 사용자 이름과 암호를 입력합니다. 

    $ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443

  2. $ oc project green-mesh-system

  3. kind: ImportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: red-mesh
  namespace: green-mesh-system
spec:
  importRules:
  - type: NameSelector
    importAsLocal: false
    nameSelector:
      namespace: bookinfo
      name: red-ratings
      alias:
        namespace: bookinfo
        name: ratings

  4. $ oc create -n <ControlPlaneNamespace> -f <ImportedServiceSet.yaml>

    예를 들면 다음과 같습니다. 

    $ oc create -n green-mesh-system -f import-from-red-mesh.yaml

  6. $ oc get importedserviceset <PeerMeshImportedInto> -o yaml

    예를 들면 다음과 같습니다. 

    $ oc get importedserviceset green-mesh -o yaml

  7. $ oc get importedserviceset <PeerMeshImportedInto> -o yaml

    $ oc -n green-mesh-system get importedserviceset/red-mesh -o yaml

    status:
  importedServices:
  - exportedName: red-ratings.bookinfo.svc.green-mesh-exports.local
    localService:
      hostname: ratings.bookinfo.svc.red-mesh-imports.local
      name: ratings
      namespace: bookinfo
  - exportedName: reviews.red-mesh-bookinfo.svc.green-mesh-exports.local
    localService:
      hostname: ""
      name: ""
      namespace: ""

1.18.13.

사전 요구 사항

  • cluster-admin 역할이 있는 계정.

1.18.13.1. 

kind: ImportedServiceSet
apiVersion: federation.maistra.io/v1
metadata:
  name: red-mesh #name of mesh that exported the service
  namespace: green-mesh-system #mesh namespace that service is being imported into
spec:
  importRules: # first matching rule is used
  # import ratings.bookinfo as ratings.bookinfo
  - type: NameSelector
    importAsLocal: true
    nameSelector:
      namespace: bookinfo
      name: ratings
      alias:
        # service will be imported as ratings.bookinfo.svc.red-mesh-imports.local
        namespace: bookinfo
        name: ratings
  #Locality within which imported services should be associated.
  locality:
    region: us-west

표 1.12.
이름설명유형

string

string

string

절차

  1. $ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443

  2. $ oc project <smcp-system>

    $ oc project green-mesh-system

  3. $ oc edit -n <smcp-system> -f <ImportedServiceSet.yaml>

    $ oc edit -n green-mesh-system -f import-from-red-mesh.yaml

    3. 변경 사항을 저장하십시오.

1.18.13.2.

절차

  1. 다음 명령을 입력합니다. 메시지가 표시되면 사용자 이름과 암호를 입력합니다. 

    $ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443

  2. $ oc project <smcp-system>

    $ oc project green-mesh-system

  3. apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
  name: default-failover
  namespace: bookinfo
spec:
  host: "ratings.bookinfo.svc.cluster.local"
  trafficPolicy:
    loadBalancer:
      localityLbSetting:
        enabled: true
        failover:
          - from: us-east
            to: us-west
    outlierDetection:
      consecutive5xxErrors: 3
      interval: 10s
      baseEjectionTime: 1m

  4. $ oc create -n <application namespace> -f <DestinationRule.yaml>

    예를 들면 다음과 같습니다. 

    $ oc create -n bookinfo -f green-mesh-us-west-DestinationRule.yaml

1.18.14.

1.18.14.1.

1.18.14.2.

1.18.15.

Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.