You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Background

L7 Proxy Service Mesh Controller intends to provide connectivity, shape the traffic, apply policies, RBAC and provide

mutual TLS for applications/microservices running across clusters (with service mesh), within the cluster

and with external applications. The functionalities are subjected to the usage of underlying service mesh technology. 

Design Overview


Traffic Controller Design Internals

JIRA

  1. REST API Interface -  MULTICLOUD-913 - Getting issue details... STATUS
  2. Controller Interface, Backend Process -  MULTICLOUD-914 - Getting issue details... STATUS
  3. Developing backend code with interfaces -  MULTICLOUD-915 - Getting issue details... STATUS
  4. Loadbalancer configuration (Firewall, IPVS, NAT, and other L3 connectivity) -  MULTICLOUD-924 - Getting issue details... STATUS   MULTICLOUD-925 - Getting issue details... STATUS MULTICLOUD-926 - Getting issue details... STATUS
  5. External DNS Configuration - 
  6. Testing -  MULTICLOUD-918 - Getting issue details... STATUS
  7. Documentation -  MULTICLOUD-923 - Getting issue details... STATUS

API

RESTful North API (with examples)

Inter Micro-service communication intents

Considering microservice replication across multiple locations with replication within each cluster. - Testing Scenarios - HTTP Applications

Considering instantiation of the same application multiple times in multiple logical clouds that span across the same edge locations. - Documentation is in Progress

Considering instantiation of the same application multiple times in the same logical cloud - In Progress

Considering RBAC/ABAC - TBD

External application communication intents

Considering DNS resolution,  No DNS resolution (IP addresses), Egress proxies of the Service Mesh, Third-party egress proxy


User facing communication intents

Considering Multiple DNS Servers

Considering multiple user facing entities

Considering RBAC/ABAC


Internal Design details

Guidelines that need to kept in mind

  • Support for metrics that can be retrieved by Prometheus
  • Support for Jaeger distributed tracing by including opentracing libraries around HTTP calls.
  • Support for logging that is understood by fluentd
  • Mutual exclusion of database operations (keeping internal modules accessing database records simultaneously and also by replication entities of the scheduler micro-service).
  • Resilience - ensure that the information returned by controllers is not lost as the synchronization of resources to remote edge clouds can take hours or even days when the edge is not up and running and possibility of restart of scheduler micro service in the meantime.
  • Concurrency - Support multiple operations at a time and even synchronizing resources in various edge clouds in parallel.
  • Performance - Avoiding file system operations as much as possible.

Modules (Description, internal structures etc..)

....


Sequence flows


Test cases


  • No labels