This example is part of a suite of examples showing the different ways you can use Skupper to connect services across cloud providers, data centers, and edge sites.
- Overview
- Prerequisites
- Step 1: Install the Skupper command-line tool
- Step 2: Set up your namespaces
- Step 3: Deploy the HTTP server
- Step 4: Create your sites
- Step 5: Link your sites
- Step 6: Expose the HTTP server
- Step 7: Run the HTTP client
- Cleaning up
- Summary
- Next steps
- About this example
This example shows how you can use Skupper to connect an HTTP client on one Kubernetes cluster to an HTTP server on another.
-
The
kubectlcommand-line tool, version 1.15 or later (installation guide) -
Access to at least one Kubernetes cluster, from any provider you choose
This example uses the Skupper command-line tool to deploy Skupper.
You need to install the skupper command only once for each
development environment.
On Linux or Mac, you can use the install script (inspect it here) to download and extract the command:
curl https://skupper.io/install.sh | shThe script installs the command under your home directory. It prompts you to add the command to your path if necessary.
For Windows and other installation options, see Installing Skupper.
Skupper is designed for use with multiple Kubernetes namespaces,
usually on different clusters. The skupper and kubectl
commands use your kubeconfig and current context to
select the namespace where they operate.
Your kubeconfig is stored in a file in your home directory. The
skupper and kubectl commands use the KUBECONFIG environment
variable to locate it.
A single kubeconfig supports only one active context per user. Since you will be using multiple contexts at once in this exercise, you need to create distinct kubeconfigs.
For each namespace, open a new terminal window. In each terminal,
set the KUBECONFIG environment variable to a different path and
log in to your cluster. Then create the namespace you wish to use
and set the namespace on your current context.
Note: The login procedure varies by provider. See the documentation for yours:
- Minikube
- Amazon Elastic Kubernetes Service (EKS)
- Azure Kubernetes Service (AKS)
- Google Kubernetes Engine (GKE)
- IBM Kubernetes Service
- OpenShift
Public:
export KUBECONFIG=~/.kube/config-public
# Enter your provider-specific login command
kubectl create namespace public
kubectl config set-context --current --namespace publicPrivate:
export KUBECONFIG=~/.kube/config-private
# Enter your provider-specific login command
kubectl create namespace private
kubectl config set-context --current --namespace privateIn the private namespace, use the kubectl apply command to
install the server.
Private:
kubectl apply -f http-server/kubernetes.yamlSample output:
$ kubectl apply -f http-server/kubernetes.yaml
deployment.apps/http-server createdA Skupper site is a location where components of your application are running. Sites are linked together to form a network for your application. In Kubernetes, a site is associated with a namespace.
For each namespace, use skupper init to create a site. This
deploys the Skupper router and controller. Then use skupper status to see the outcome.
Note: If you are using Minikube, you need to start minikube
tunnel before you run skupper init.
Public:
skupper init
skupper statusSample output:
$ skupper init
Waiting for LoadBalancer IP or hostname...
Waiting for status...
Skupper is now installed in namespace 'public'. Use 'skupper status' to get more information.
$ skupper status
Skupper is enabled for namespace "public". It is not connected to any other sites. It has no exposed services.Private:
skupper init
skupper statusSample output:
$ skupper init
Waiting for LoadBalancer IP or hostname...
Waiting for status...
Skupper is now installed in namespace 'private'. Use 'skupper status' to get more information.
$ skupper status
Skupper is enabled for namespace "private". It is not connected to any other sites. It has no exposed services.As you move through the steps below, you can use skupper status at
any time to check your progress.
A Skupper link is a channel for communication between two sites. Links serve as a transport for application connections and requests.
Creating a link requires use of two skupper commands in
conjunction, skupper token create and skupper link create.
The skupper token create command generates a secret token that
signifies permission to create a link. The token also carries the
link details. Then, in a remote site, The skupper link create command uses the token to create a link to the site
that generated it.
Note: The link token is truly a secret. Anyone who has the token can link to your site. Make sure that only those you trust have access to it.
First, use skupper token create in site Public to generate the
token. Then, use skupper link create in site Private to link
the sites.
Public:
skupper token create ~/secret.tokenSample output:
$ skupper token create ~/secret.token
Token written to ~/secret.tokenPrivate:
skupper link create ~/secret.tokenSample output:
$ skupper link create ~/secret.token
Site configured to link to https://10.105.193.154:8081/ed9c37f6-d78a-11ec-a8c7-04421a4c5042 (name=link1)
Check the status of the link using 'skupper link status'.If your terminal sessions are on different machines, you may need
to use scp or a similar tool to transfer the token securely. By
default, tokens expire after a single use or 15 minutes after
creation.
In the private namespace, use skupper expose to expose the
HTTP server on the Skupper network.
Then, in the public namespace, use kubectl get service/http-server to check that the http-server service
appears after a moment.
Private:
skupper expose deployment/http-server --port 8080 --target-port 80Sample output:
$ skupper expose deployment/http-server --port 8080 --target-port 80
deployment http-server exposed as http-serverPublic:
kubectl get service/http-serverSample output:
$ kubectl get service/http-server
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
http-server ClusterIP 10.100.58.95 <none> 8080/TCP 2sIn the public namespace, use kubectl run to run the HTTP client.
Public:
kubectl run http-client --attach --rm --image docker.io/library/nginx --restart Never -- curl -sf http://http-server:8080/Sample output:
$ kubectl run http-client --attach --rm --image docker.io/library/nginx --restart Never -- curl -sf http://http-server:8080/
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
pod "http-client" deletedTo remove Skupper and the other resources from this exercise, use the following commands.
Private:
skupper delete
kubectl delete -f http-server/kubernetes.yamlPublic:
skupper deleteCheck out the other examples on the Skupper website.
This example was produced using Skewer, a library for documenting and testing Skupper examples.
Skewer provides utility functions for generating the README and
running the example steps. Use the ./plano command in the project
root to see what is available.
To quickly stand up the example using Minikube, try the ./plano demo
command.