Orchestrating dead-simple service meshes with SuperGloo

Orchestrating dead-simple service meshes with SuperGloo

What is a service mesh?

Service meshes are all the rage in the Kubernetes world these days, but a lot of people seem to be a bit confused as to what they do and why (when) they need one. The best way to think of a service mesh is to imagine well…..a mesh! The service mesh is a configurable, low‑latency infrastructure layer designed to handle communication between the processes among different services using application programming interfaces (APIs). It ensures that communication among containerized and often ephemeral application infrastructure services is fast, reliable, and secure. The mesh also provides critical capabilities that include:

  • Service discovery
  • Load Balancing
  • Encryption
  • Observability
  • Authentication

The service mesh is usually implemented by providing a proxy instance, called a sidecar, for each service instance. Sidecars handle inter-service communications, monitoring, and security‑related concerns – anything can be abstracted away from the individual sources. This way, developers can handle development, support, and maintenance for the application code in the services; operations teams can maintain the service mesh and run the app.

Currently, the most well-known service mesh is Istio with the backing of Lyft, Google, and IBM. However, there are many options and the tool I’m going to show you today is going to help you get started with your first service mesh on various platforms.

Let’s go ahead and check out SuperGloo!

What is SuperGloo?

With all of the varied offerings in the service mesh landscape, it makes it difficult to take on the complexities of experimenting with even a single service mesh solution, let alone multiple ones. The goal of SuperGloo is to take charge of these complexities and make it easy for users to deploy multiple service meshes into their environment.

SuperGloo abstracts away key functionalities associated with the service mesh such as:

  • encryption
  • telemetry
  • and, tracing

Using tools like SuperGloo, you can pair any service mesh with any ingress, and leave it to the abstraction to take care of the installation and configuration necessary to let them work together.

Let’s try it out!

Getting started with SuperGloo

Prerequisites

  • A running Kubernetes cluster
  • Helm (optional)

Installing command line tool (CLI)

The supergloo command line makes it much easier to install and operate SuperGloo, though it is not required.

To install using the Homebrew package manager, run the following.

brew install solo-io/tap/supergloo

To install on any platform run the following.

curl -sL https://run.solo.io/supergloo/install | sh

You can download the CLI directly via the github page. You need to add SuperGloo to your path after downloading.

export PATH=$HOME/.supergloo/bin:$PATH

Verify the CLI is installed and running correctly with:

supergloo --version

Install the SuperGloo Controller to your Kubernetes cluster using supergloo init

Once your Kubernetes cluster is up and running, run the following command to deploy the SuperGloo Controller and Discovery pods to the supergloo-system namespace:

supergloo init

installing supergloo version 0.3.14
using chart uri https://storage.googleapis.com/supergloo-helm/charts/supergloo-0.3.14.
tgz
configmap/sidecar-injection-resources created
serviceaccount/supergloo created
serviceaccount/discovery created
serviceaccount/mesh-discovery created
clusterrole.rbac.authorization.k8s.io/discovery created
clusterrole.rbac.authorization.k8s.io/mesh-discovery created
clusterrolebinding.rbac.authorization.k8s.io/supergloo-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/discovery-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/mesh-discovery-role-binding created
deployment.extensions/supergloo created
deployment.extensions/discovery created
deployment.extensions/mesh-discovery created
install successful!

You can see the kubernetes YAML supergloo is installing to your cluster without installing by running supergloo init --dry-run.


NOTE: You can install SuperGloo to an existing namespace by providing the--namespace option. If the option is not provided, the namespace defaults to supergloo-system.

supergloo init --namespace my-namespace

Check that the SuperGloo and Discovery pods have been created:

kubectl --namespace supergloo-system get all

NAME                                 READY   STATUS    RESTARTS   AGE
pod/discovery-68df78f9c-rk2w4        1/1     Running   0          2m49s
pod/mesh-discovery-bc9fbcb7f-z84r9   1/1     Running   0          2m49s
pod/supergloo-59445698c5-p2fvm       1/1     Running   0          2m49s

NAME                             DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/discovery        1         1         1            1           2m49s
deployment.apps/mesh-discovery   1         1         1            1           2m49s
deployment.apps/supergloo        1         1         1            1           2m49s

NAME                                       DESIRED   CURRENT   READY   AGE
replicaset.apps/discovery-68df78f9c        1         1         1       2m49s
replicaset.apps/mesh-discovery-bc9fbcb7f   1         1         1       2m49s
replicaset.apps/supergloo-59445698c5       1         1         1       2m49s

Install SuperGloo using Helm

Add the SuperGloo Helm charts to your local Helm installation.

helm repo add supergloo http://storage.googleapis.com/supergloo-helm

You can examine the available versions of SuperGloo by running the following command

helm search supergloo/supergloo --versions

NAME               	CHART VERSION	APP VERSION	DESCRIPTION
supergloo/supergloo	0.3.16       	           	The official Helm Chart for SuperGloo
supergloo/supergloo	0.3.15       	           	The official Helm Chart for SuperGloo
supergloo/supergloo	0.3.14       	           	The official Helm Chart for SuperGloo
supergloo/supergloo	0.3.13       	           	The official Helm Chart for SuperGloo
supergloo/supergloo	0.3.12       	           	The official Helm Chart for SuperGloo
supergloo/supergloo	0.3.11       	           	The official Helm Chart for SuperGloo
...

Installing Linkerd with SuperGloo

First, ensure that SuperGloo has been initialized in your Kubernetes cluster via supergloo init or the Supergloo Helm Chart. See the installation instructions for detailed instructions on installing SuperGloo.

Once SuperGloo has been installed, we’ll create an Install CRD with configuration parameters which will then trigger SuperGloo to begin the mesh installation.

This can be done in one of two ways:

Option 1: Using the supergloo CLI:

supergloo install linkerd --name linkerd

See supergloo install linkerd --help for the full list of installation options for Linkerd.

Option 2: Using kubectl apply on a yaml file:

cat <<EOF | kubectl apply --filename -
apiVersion: supergloo.solo.io/v1
kind: Install
metadata:
  name: linkerd
spec:
  installationNamespace: linkerd
  mesh:
    linkerdMesh:
      enableAutoInject: true
      enableMtls: true
      linkerdVersion: stable-2.3.0
EOF

Once you’ve created the Install CRD, you can track the progress of the Linkerd installation:

kubectl --namespace linkerd get pod --watch
NAME                                      READY   STATUS    RESTARTS   AGE
linkerd-ca-585f97b595-l96mj               1/1     Running   0          46s
linkerd-controller-6954987c97-mjj8l       3/3     Running   0          45s
linkerd-grafana-7c6bbd8d-6vnqp            1/1     Running   0          46s
linkerd-prometheus-644f9f4754-5m2l8       1/1     Running   0          46s
linkerd-proxy-injector-8449944ffc-clh6j   1/1     Running   0          8s
linkerd-web-546b557f56-xsjqf              1/1     Running   0          5s

To tear everything down from this demo:

kubectl --namespace default delete --filename https://raw.githubusercontent.com/istio/istio/1.0.6/samples/bookinfo/platform/kube/bookinfo.yaml
kubectl delete namespace not-injected

Uninstalling Linkerd

If the disabled field is set to true on the install CRD. Doing so, again we have two options:

Option 1: Using the supergloo CLI:

supergloo uninstall --name linkerd

Option 2: Using kubectl edit and set spec.disabled: true:

kubectl edit install linkerd
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: supergloo.solo.io/v1
kind: Install
metadata:
  name: linkerd
  namespace: supergloo-system
spec:
   ## add the following line
   disabled: true
   ##
   installationNamespace: linkerd
   mesh:
     installedMesh:
       name: linkerd
       namespace: supergloo-system
     linkerdMesh:
       enableAutoInject: true
       enableMtls: true
       linkerdVersion: stable-2.3.0

Installing Istio with SuperGloo

First, ensure that SuperGloo has been initialized in your Kubernetes cluster via supergloo init or the Supergloo Helm Chart. See the installation instructions for detailed instructions on installing SuperGloo.

Once SuperGloo has been installed, we’ll create an Install CRD with configuration parameters which will then trigger SuperGloo to begin the mesh installation.

This can be done in one of two ways:

Option 1: Using the supergloo CLI:

supergloo install istio --name istio --installation-namespace istio-system --mtls=true --auto-inject=true

See supergloo install istio --help for the full list of installation options for istio.

Option 2: Using kubectl apply on a yaml file:

cat <<EOF | kubectl apply --filename -
apiVersion: supergloo.solo.io/v1
kind: Install
metadata:
  name: my-istio
  namespace: supergloo-system
spec:
  installationNamespace: istio-system
  mesh:
    istio:
      enableAutoInject: true
      enableMtls: true
      installGrafana: true
      installJaeger: true
      installPrometheus: true
      version: 1.0.6
EOF

Once you’ve created the Install CRD, you can track the progress of the istio installation:

kubectl --namespace istio-system get pod --watch
NAME                                      READY     STATUS              RESTARTS   AGE
grafana-7f6cd4bf56-xst2n                  1/1       Running             0          27s
istio-citadel-796c94878b-59gw6            1/1       Running             0          26s
istio-cleanup-secrets-xd6f8               0/1       Completed           0          27s
istio-galley-6c68c5dbcf-z6j5k             1/1       Running             0          27s
istio-pilot-c5dddb4b9-nb6fd               2/2       Running             0          26s
istio-policy-977d74ff4-669vk              2/2       Running             0          27s
istio-sidecar-injector-6d8f88c98f-5f58t   1/1       Running             0          26s
istio-telemetry-5f79796bf6-fl4sn          2/2       Running             0          27s
istio-tracing-7596597bd7-lc92t            1/1       Running             0          26s
prometheus-76db5fddd5-55r6d               1/1       Running             0          26s

Deploying the bookinfo example

A good place to go from here is the try out deploying the Istio Bookinfo example app. To deploy the bookinfo sample, first enable automatic sidecar injection on the default namespace (or any namespace of your choosing):

Istio Injection Label

kubectl label namespace default istio-injection=enabled

Linkerd Injection Annotation

kubectl annotate namespace default linkerd.io/inject=enabled

Next, create the bookinfo deployments and services:

kubectl --namespace default apply --filename \
    https://raw.githubusercontent.com/solo-io/supergloo/master/test/e2e/files/bookinfo.yaml

We should be up and running in a few minutes:

kubectl --namespace default get pod --watch
NAME                             READY     STATUS    RESTARTS   AGE
details-v1-6764bbc7f7-k4rhk      2/2       Running   0          27s
productpage-v1-54b8b9f55-sxxnw   2/2       Running   0          27s
ratings-v1-7bc85949-kh4f9        2/2       Running   0          27s
reviews-v1-fdbf674bb-z467l       2/2       Running   0          27s
reviews-v2-5bdc5877d6-gvgns      2/2       Running   0          27s
reviews-v3-dd846cc78-55wr5       2/2       Running   0          27s

We should see 2/2 containers are READY, since one of those containers is the sidecar injected by either Istio or Linkerd.

And we’re done

There you have it! Deploying service meshes with SuperGloo is a simple task with the abstraction they provide. I hope that this brief intro provides you with a new tool to add to your toolbox, and hopefully, it might even make a tough deployment easier for you. Until next time, thanks for reading.

Discover more with Gcore Managed Kubernetes

Orchestrating dead-simple service meshes with SuperGloo

Subscribe
to our newsletter

Get the latest industry trends, exclusive insights, and Gcore
updates delivered straight to your inbox.