docs: Update single dc multiple k8s clusters doc (#14476)

Co-authored-by: Jona Apelbaum <jona@hashicorp.com>
This commit is contained in:
David Yu 2022-09-02 15:34:15 -07:00 committed by GitHub
parent 0f7d4efac3
commit 97606d94a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 5 deletions

View File

@ -6,6 +6,8 @@ description: Single Consul Datacenter deployed in multiple Kubernetes clusters
# Single Consul Datacenter in Multiple Kubernetes Clusters
~> **Note:** For running Consul across multiple Kubernetes, it is generally recommended to utilize [Admin Partitions](/docs/enterprise/admin-partitions) for production environments. This Consul Enterprise feature allows for the ability to accommodate for multiple tenants without concerns of resource collisions when administering a cluster at scale, and for the ability to run Consul on Kubernetes clusters across a non-flat network.
This page describes deploying a single Consul datacenter in multiple Kubernetes clusters,
with servers and clients running in one cluster and only clients in the rest of the clusters.
This example uses two Kubernetes clusters, but this approach could be extended to using more than two.
@ -19,16 +21,13 @@ to pods or nodes in another. In many hosted Kubernetes environments, this may ha
* [Azure AKS CNI](https://docs.microsoft.com/en-us/azure/aks/concepts-network#azure-cni-advanced-networking)
* [AWS EKS CNI](https://docs.aws.amazon.com/eks/latest/userguide/pod-networking.html)
* [GKE VPC-native clusters](https://cloud.google.com/kubernetes-engine/docs/concepts/alias-ips).
If a flat network is unavailable across all Kubernetes clusters, follow the instructions for using [Admin Partitions](/docs/enterprise/admin-partitions), which is a Consul Enterprise feature.
* Either the Helm release name for each Kubernetes cluster must be unique, or `global.name` for each Kubernetes cluster must be unique to prevent collisions of ACL resources with the same prefix.
## Prepare Helm release name ahead of installs
The Helm release name must be unique for each Kubernetes cluster.
The Helm chart uses the Helm release name as a prefix for the
ACL resources that it creates, such as tokens and auth methods. If the names of the Helm releases
are identical, subsequent Consul on Kubernetes clusters overwrite existing ACL resources and cause the clusters to fail.
ACL resources that it creates, such as tokens and auth methods. If the names of the Helm releases are identical, or if `global.name` for each cluster is identical, subsequent Consul on Kubernetes clusters will overwrite existing ACL resources and cause the clusters to fail.
Before proceeding with installation, prepare the Helm release names as environment variables for both the server and client install.