Skip to main content

Using RedHat ServiceMesh instead of community ISTIO

Using RedHat ServiceMesh instead of community Istio

Scope here is:  Using RedHat ServiceMesh instead of (community) Istio Mesh services.

Default integration for KOBIL Services to the Community Istio ServiceMesh is done by creating CRD "istiooperator". Do not use CRD "istiooperator" in OpenShift environemt but use RedHat  "ServiceMeshControlPlane" CRD. Find more info here: https://maistra.io/docs/ossm-custom-resources.html

Overall procedure is:

  • run standard deployment for KOBIL Shift-Operator
  • run standard deployment for KOBIL Shift
  • adding the KOBIL Shift Project(Namespace) to the ServiceMeshMemberRoll object.
  • create ServiceMeshControlPlane object and update
  • create OpenShift route object to expose the gateway

Note: As the ServiceMesh to KOBIL Shift services integration is part of the platform infrastructure services and is not part of the KOBIL Shift charts. KOBIL provides with the community Istio "istiooperator" CRD sample sufficient info to compose a specific ServiceMeshControlPlane CRD as a sample.

Find more info from Openshift here: https://docs.openshift.com/rosa/service_mesh/v2x/ossm-create-mesh.html#ossm-member-roll-create-cli_ossm-create-mesh

To create the ServiceMeshControlPlane CRD Object - we suggest to make use of the OpenShift Console per "admin login" and to check for the available "CRD" (ensure to have the RedHat ServiceMesh enabled for this cluster environment).  Here per OpenShift Console - check via "Administration" / "CustomResourceDefinitions" - and search for "ServiceMeshControlPlane" Object - here to select the "ServiceMeshControlPlane" object and create one (using the right_upper Button "Create ServiceMeshCtronlPlane") in the "istio-system" namespace. Now edit the SMCP to cover:

Find section "spec" - here to add section for "spec.gateways.additionalIngress:"

ServiceMeshControlPlane Sample data

apiVersion: maistra.io/v2
kind: ServiceMeshControlPlane
  metadata:
  ...
spec:
  ...
  gateways:
    additionalIngress:
      istio-kobilshiftgateway-admin:
        enabled: true
        namespace: kobil-shift # kobil-shift install namespace
        runtime:
          deployment:
            replicas: 1
        service:
          metadata:
            labels:
              istio: istio-kobilshiftgateway-admin # gatewayobject name in kobil-shift namespace

Once the ServiceMeshControlPlane object was created and edited - then verify if that had successfully created the Service-Entry in the KOBIL-Shift namespace associated to the Gateway Object in that namespace(project).

  • Create a "oc route" declaration routing to the ServiceMesh-Gateway service

More infos for specific setup is here: OpenShift sample setup using "oc route"

oc get smmr default -n istio-system -o yaml

This should list the KOBIL Shift namespace being added to the Specifications - like (project-name == "shift"):

 ...
 spec:
   members:
   - shift