How to use HTTP(S) Load Balancers to Set Up Multi-Ingress Clusters

John C TaylorNovember 17th 2021, 1:31

Your web application uses GCKE clusters to operate efficiently but these clusters are spread across a variety of regions. You need a way to reliably direct users’ traffic to the nearest cluster to their geographical location.

The best way to achieve this is with a single HTTP(S) load balancer such as Anthos’ Multicluster Ingress tool. It directs user traffic based on its origin so that Kubernetes clusters don’t get bogged down with unnecessary reroutes.

Prerequisites

Ensure the following APIs are enabled:

  • Activate Kubernetes Engine API
  • Activate GCKE hub
  • Install Anthos
  • Install and activate a Multi-Cluster Ingress API

To see this method working, you need to have at least two active clusters that are in different regions (e.g. us-central1 and us-east1).

Step 1 - Launch Google Cloud Console and log in.

Step 2 - Select Compute on the primary menu. Then, select Kubernetes Engine.

Step 3 - Select the Create option right at the top of the menu. Choose Standard and then select Configure.

Step 4 - You should now be looking at the setup menu for a standard cluster. There’s a lot of information that you need to input so follow these instructions carefully:

In the Cluster Basics section:

  • Name: select cluster-1
  • Location Type: select Regional
  • Region : select us-central1

Step 5 - Click the Create option and wait a minute or two for the new settings to save and launch.

Repeat and create second Regional cluster in a different region.

Step 6 - Select the Create option right at the top of the menu. Choose Standard and then select Configure.

Step 7 - You should now be looking at the setup menu for a standard cluster. There’s a lot of information that you need to input so follow these instructions carefully:

In the Cluster Basics section:

  • Name: select cluster-2
  • Location Type: select Regional
  • Region : select us-east1

Step 8 - Click the Create option and wait a minute or two for the new settings to save and launch.

Step 9 -  Next, we will register the clusters to the same environment.

Step 10 - Return to the primary menu and select the Anthos option. Then, select Clusters when it appears in the drop down menu.

Step 11 - Select the option Register Existing Clusters. Your two (or more) active clusters should be listed here. Click the first cluster (e.g. cluster-1) and press the Register button.

Step 12 - Repeat steps 11 and 12 for the second cluster (e.g. cluster-2).

Step 13 - Return to the Anthos menu and select ‘Features’. Find the ‘Ingress’ option and press ‘Enable’.

Step 14 - Open the Config. Membership menu and find the first cluster (cluster-1). Hit the ‘Install’ button next to it. Wait for a minute or two. Then, fresh the screen to see if the installation has been successful.

Step 15 - Launch the cloud shell menu.

Step 16 - Input the command below to the cloud shell to create a directory for storing your .yaml data. You’ll need this data to complete the remaining steps.

mkdir multicluster-ingress \
    && cd multicluster-ingress

Step 17 - To properly configure both clusters using kubectl, you need to optimise your access to them by establishing a kubeconfig. credential. Make this happen by executing the following command to the cloud shell:

gcloud container clusters \
get-credentials cluster-1 --region us-central1
gcloud container clusters \
get-credentials cluster-2 --region us-east1

Step 18 - Using the cloud shell’s UI, you should now be able to configure the clusters from the command line. First, run the following to command shell:

nano namespace.yaml

Step 19 - Next, paste this test into the yaml:

apiVersion: v1
kind: Namespace
metadata:
    name: zoneprinter

Step 20 - Make sure to save the yaml. file in a memorable location before navigating anywhere else.

Step 21 - Now, establish the shell variable for your unique Project ID by inputting the following:

PROJECT=$(gcloud info --format='value(config.project)')

Step 22 - Execute the following command to cloud shell to launch namespace.yaml across both clusters (-1 and -2):

kubectl config use-context gke_$(echo $PROJECT)_us-central1_cluster-1
kubectl apply -f namespace.yaml
kubectl config use-context gke_$(echo $PROJECT)_us-east1_cluster-2
kubectl apply -f namespace.yaml

Step 23 - The next step is to install an app that communicates the original location of users’ traffic to your clusters. Zone-Printer is one of the most widely available.

Step 24 - Generate a new yaml. file by inputting ‘nano app.yaml’ to the gcloud terminal. Then, input following into the yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: zone-ingress
  namespace: zoneprinter
  labels:
    app: zoneprinter
spec:
  selector:
    matchLabels:
      app: zoneprinter
  template:
    metadata:
      labels:
        app: zoneprinter
    spec:
      containers:
      - name: frontend
        image: gcr.io/google-samples/zone-printer:0.2
        ports:
        - containerPort: 8080

Step 25 - Again, take a moment to save the file. Now, it’s time to launch ‘app.yaml’ across both clusters (-1 and -2). Make this happen by executing the following command to the cloud shell:

kubectl config use-context gke_$(echo $PROJECT)_us-central1_cluster-1
kubectl apply -f app.yaml
kubectl config use-context gke_$(echo $PROJECT)_us-east1_cluster-2
kubectl apply -f app.yaml

Step 26 - The final part of the process is establishing the MultiCluster Object and Multicluster Service. Generate another new yaml. file by inputting ‘nano mcs.yaml’ to the cloud shell. Next, execute the following command into the yaml:

apiVersion: networking.gke.io/v1
kind: MultiClusterService
metadata:
  name: zone-mcs
  namespace: zoneprinter
spec:
  template:
    spec:
      selector:
        app: zoneprinter
      ports:
      - name: web
        protocol: TCP
        port: 8080
        targetPort: 8080

Step 27 - Save the new yaml. file. It’s really important that you store all of the files you generate in an appropriate location. Launch it to cluster -1.

kubectl config use-context gke_$(echo $PROJECT)_us-central1_cluster-1
kubectl apply -f mcs.yaml

Step 28  - Lets now create the MultiClusterIngress, Generate another new yaml. file by inputting ‘nano mci.yaml’ to the cloud shell. Next, execute the following command into the yaml:

apiVersion: networking.gke.io/v1
kind: MultiClusterIngress
metadata:
  name: zone-ingress
  namespace: zoneprinter
spec:
  template:
    spec:
      backend:
        serviceName: zone-mcs
        servicePort: 8080

Step 29 - Save the file. Now, lets apply this file to cluster-1:

kubectl apply -f mci.yaml

Step 30 - Nearly finished! The final part of creating the ingress is using the Virtual IP (or VIP) to launch your web application from within the MultiCluster Ingress. You can do this by executing the following command:

kubectl describe mci zone-ingress -n zoneprinter

Step 31 - Within the output, under ‘Status’, look for a field labelled ‘VIP’. If there’s no IP in the box, wait a few minutes. Sometimes, the ingress needs a little time to catch up with all the configuration changes. Be patient. Repeat step 23 if you’ve waited for 3 or 4 minutes and there’s still no data in the box.

Step 32 - Copy and paste the VIP (when it appears) into a new browser tab and hit the enter button. If you’ve followed every step correctly, you’ll see a page that look something like this:

Step 33 - Well done! You’ve established a Multicluster Ingress on two or more Kubernetes clusters. Now you can use Athos to direct traffic requests to the most appropriate cluster according to region.