From dd376e0389d9fce8e19f6dee028804f47ba832f9 Mon Sep 17 00:00:00 2001 From: Jason Madigan Date: Wed, 23 Aug 2023 12:50:53 +0100 Subject: [PATCH] Service Protection components installation guide --- .../redis/limitador/kustomization.yaml | 2 +- docs/how-to/mgc-setup.md | 2 +- docs/how-to/ratelimiting-shared-redis.md | 53 ++++++------- docs/how-to/service-protection-setup.md | 74 +++++++++++++++++++ 4 files changed, 103 insertions(+), 28 deletions(-) create mode 100644 docs/how-to/service-protection-setup.md diff --git a/config/kuadrant/redis/limitador/kustomization.yaml b/config/kuadrant/redis/limitador/kustomization.yaml index 35662940e..13b4107b9 100644 --- a/config/kuadrant/redis/limitador/kustomization.yaml +++ b/config/kuadrant/redis/limitador/kustomization.yaml @@ -6,4 +6,4 @@ secretGenerator: literals: - URL=redis://172.31.0.3:30611 options: - disableNameSuffixHash: true \ No newline at end of file + disableNameSuffixHash: true \ No newline at end of file diff --git a/docs/how-to/mgc-setup.md b/docs/how-to/mgc-setup.md index 68b4a7ef8..b2ffbda1d 100644 --- a/docs/how-to/mgc-setup.md +++ b/docs/how-to/mgc-setup.md @@ -164,4 +164,4 @@ clusterissuer.cert-manager.io/mgc-ca condition met Now that you have MGC installed and configured in your hub cluster, you can now continue with any of these follow-on guides: -- Installing the Kuadrant data-plane pieces [TODO: link to this] \ No newline at end of file +- Installing the [Kuadrant Service Protection components](./service-protection-setup.md) \ No newline at end of file diff --git a/docs/how-to/ratelimiting-shared-redis.md b/docs/how-to/ratelimiting-shared-redis.md index 5e11e9dbe..f8f4ba022 100644 --- a/docs/how-to/ratelimiting-shared-redis.md +++ b/docs/how-to/ratelimiting-shared-redis.md @@ -5,8 +5,8 @@ The following document is going to show you how to deploy Redis as storage for L ## Requirements * Kind -* Kuadrant operator [Walkthrough to install Kuadrant can be found here](https://github.com/Kuadrant/multicluster-gateway-controller/docs/how-to's/kuadrant-addon-walkthrough.md) -* Gateways setup [Walkthrough to setup gateways in you clusters can be found here](https://github.com/Kuadrant/multicluster-gateway-controller/docs/how-to's/ocm-control-plane-walkthrough.md) +* Kuadrant operator [Walkthrough to install Kuadrant can be found here](https://github.com/Kuadrant/multicluster-gateway-controller/docs/how-to/kuadrant-addon-walkthrough.md) +* Gateways setup [Walkthrough to setup gateways in you clusters can be found here](https://github.com/Kuadrant/multicluster-gateway-controller/docs/how-to/ocm-control-plane-walkthrough.md) ## Installation and Setup @@ -27,40 +27,41 @@ Open three windows, which we'll refer to throughout this walkthrough as: ``` bash kubectl get nodes -o wide ``` -1. If needs be, update the URL located in `config/kuadrant/redis/limitador` to include the ip address from above step. +1. If needs be, update the URL located in `config/kuadrant/redis/limitador/kustomization.yaml` to include the internal IP address from above step. 1. In the clusters that have Kuadrant operator installed i.e. `T1 & T3` run the following to configure limitador to use Redis as storage rather than local cluster storage: ```bash - kustomize build config/kuadrant/limitador/ | kubectl apply -f - + kustomize build config/kuadrant/redis/limitador/ | kubectl apply -f - ``` ## Configuring Rate Limit Policies 1. In `T1 & T3 both spoke clusters` run the following command to create a Rate Limit Policy for the HTTP route created in the walkthrough linked above called `Open Cluster Management and Multi-Cluster gateways`. The policy is limiting the route to have 8 successful requests in 10 seconds, these values can be changed to whatever you want. - ```bash - kubectl apply -f - <= 0.6.0) Managed Cluster, which has already been bootstrapped and registered with a hub cluster + * We have [a guide](./mgc-setup.md) which covers this in detail + * Also see: + * https://open-cluster-management.io/getting-started/quick-start/ + * https://open-cluster-management.io/concepts/managedcluster/ +* OLM will need to be installed into the ManagedCluster where you want to run the Kuadrant Service Protection components + * See https://olm.operatorframework.io/docs/getting-started/ +* Kuadrant uses Istio as a Gateway API provider - this will need to be installed into the data plane clusters + * See https://istio.io/v1.16/blog/2022/getting-started-gtwapi/ + * We recommend installing Istio 1.17.0 + + +Alternatively, if you'd like to quickly get started locally, without having to worry to much about the pre-requisites, take a look at [this guide](./ocm-control-plane-walkthrough.md). It will get you setup with Kind, OLM, OCM & Kuadrant in a few short steps. + + +## Install the Kuadrant OCM Add-On + +To install the Kuadrant Service Protection components into a `ManagedCluster`, target your cluster and run: + +```bash +kubectl apply -f - <