Closed gyliu513 closed 6 years ago
We need something to resolve *.x.global
to 1.1.1.1. Hence the reason for using CoreDNS. We could set it up as an upstream DNS server, but that requires us to obtain the cluster IP of coreDNS and then create the kube config that configures kube-dns to use CoreDNS as the upstream DNS. I don't mind doing this.
Thanks @rshriram , can you please show more detail for why need resolve *.x.global to 1.1.1.1
?
So the traffic has to get out of the application so that the sidecar can capture the traffic and then apply HTTP/SNI based routing. In order to make the application make an outbound call, server.cluster2.global has to resolve to some IP so that the OS connect() call can be made. 1.1.1.1 is simply a dummy IP chosen for this purpose.
I see, so we are also using this ServiceEntry
to enable server.cluster2.global
can be accessed. With the CoreDNS here, all services in the format of *.x.global
will be resolved to 1.1.1.1
, right? And we only want to use this way to make the service is DNS resolvable with a dummy IP?
# One service entry for each cluster to bridge
# the endpoint.address should be the ingress gateway adress of the cluster.
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: external-service-cluster2
spec:
hosts:
- "*.cluster2.global"
ports:
- number: 80
name: http
protocol: HTTP
- number: 443 #this will exit from sidecar if user does https
name: https
protocol: HTTPS
resolution: DNS
endpoints:
# address of ingressgateway of this cluster
- address: __REPLACEME__
ports:
http: 80
https: 443
yes
thanks @rshriram
What is the problem if I use kube-dns in Cluster1 and Cluster2? @rshriram