How can I use Kuma to run a multi-cloud service mesh that spans across a VM-based environment as well as a Kubernetes-based environment?
Specifically, how will service discovery work in such a way that VM-based workloads can discover K8s-based ones and vice-versa?
Kuma defines the so-called zone
as a domain of control isolation, i.e. all workload connections are managed by a single control plane. Such a control plane is called remote
. The overall view and policy management is done in a global
control plane, which unifies all zones.
When one starts planning a distributed deployment, they have to enlist the following items:
Global
control plane will be deployed and its type. The latter can be either Universal
(VM/BareMetal/Container) or Kubernetes(on-premise/cloud).Follow the instructions to install the global
control plane following the steps specific for the chose type of deployment. Gather the relevant IP address/ports as described.
Installing remote
control plane is fairly trivial. This process can be repeated as needed during the lifetime of the whole multi-zone deployment.
Cross-zone service consumption is described in brief here. In short, we do recommend using the following syntax to access a service echo-server
, deployed in a Kubernetes namespace echo-example
and exposed on port 1010
:
<kuma-enabled-pod>$ curl http://echo-server_echo-example_svc_1010.mesh
Using this syntax, the service can be found and consumed even from a neighbouring Universal zone where the workload runs in a VM. Kuma leverages its own DNS service, that allows for this service discovery.
It is recommended that service declared in VMs follow the same service naming format so that if needed to have a service replica in a Kubernetes cluster, they can be easily interchanged without the need to reconfigure the whole infrastructure.