Istio Beacon

Canonical Observability

Architecture:

Base version:

Channel	Revision	Published	Runs on
latest/edge	20	29 Jan 2025	Ubuntu 22.04

Learn to deploy on juju >

Platform:

22.04

charms.istio_beacon_k8s.v0.service_mesh

Docstrings Source code
- Fetch library
  
  charmcraft fetch-lib charms.istio_beacon_k8s.v0.service_mesh
  Download service_mesh.py
- 13 Jan 2025
- Library version 0.2

#Service Mesh Library.

The service mesh library is used to facilitate adding your charmed application to a service mesh. The library leverages the service_mesh and cross_model_mesh interfaces.

##Consumer

Service meshes provide a range of capabilities for routing, controlling, and monitoring traffic. A key feature of many service meshes is the ability to restrict traffic between Pods based on L4 and L7 criteria. For example, defining that a Pod MetricsScraper can GET from Pod MetricsProducer at /metrics on port 9090, but SomeOtherPod cannot.

The ServiceMeshConsumer object is used to subscribe a charm and its workloads to a related service mesh. Since it is common for a relation between applications to indicate traffic flow (ex: if DbConsumer Requires a DbProducer), the ServiceMeshConsumer provides an optional way to automate creation of traffic rules based on app relations.

To add service mesh support to your charm, you must add 3 relations in your charmcraft.yaml.

requires:
  service-mesh:
    limit: 1
    interface: service_mesh
  require-cmr-mesh:
    interface: cross_model_mesh
provides:
  provide-cmr-mesh:
    interface: cross_model_mesh

Then instantiate a ServiceMeshConsumer object in the __init__ method of your charm:

from charms.istio_beacon_k8s.v0.service_mesh import Policy, ServiceMeshConsumer

...
self._mesh = ServiceMeshConsumer(
    self,
    policies=[
        Policy(
            relation="metrics",
            endpoints=[
                Endpoint(
                    hosts=[self._my_host_name],
                    ports=[HTTP_LISTEN_PORT],
                    methods=["GET"],
                    paths=["/metrics"],
                ),
            ],
        ),
        Policy(
            relation="data",
            endpoint=[
                Endpoint(
                    hosts=[self._my_host_name],
                    ports[HTTP_LISTEN_PORT],
                    methods=["GET"]
                    paths=["/data"],
                ),
            ],
        ),
    ],
)

The example above specifies two policies. The resulting behaviour would be that when related over the metrics relation, the service mesh will allow traffic to the /metrics endpoint for the remote application and when related over the data endpoint, the service mesh will allow traffic to the /data endpoint.

By using the above method, you can specify exactly which endpoints can be reached over which relations.

###Cross Model relations

If a ServiceMeshConsumer is creating a Policy for a relation that is cross model, additional information is required to construct the policy. To facilitate this, the charms can also be related over the cross_model_mesh interface. When that relation is established, traffic will be allowed from the requirer to the provider.

###Joining the Mesh

For most charms, simply instantiating ServiceMeshConsumer should automatically configure the charm to be on the mesh. If your charm is the one of the old "podspec" style charms or your charm deploys custom k8s resources there is an addition step. You must apply the labels returned by ServiceMeshConsumer.labels() to your pods.

##Provider

To provide a service mesh, instantiate the ServiceMeshProvider object in the init method of your charm:

from charms.istio_beacon_k8s.v0.service_mesh import ServiceMeshProvider

...
self._mesh = ServiceMeshProvider(
    charm = self,
    labels = {"my_service_mesh": "enable"},
    mesh_relation_name = "service-mesh",
)

The labels argument is the dict of labels that indicate to the service mesh that a Pod should be subscribed to the mesh. These will be sent to each related ServiceMeshConsumer to be used by the charm for per-Pod subscription. These labels are service-mesh dependent - for example, for an Istio ambient mesh this should be {"istio.io/dataplane-mode": "ambient"}.

The provider also exposes the method mesh_info that returns a list of MeshPolicy objects. These MeshPolicy objects can be used to configure the service mesh.

for policy in self._mesh.mesh_info():
    set_up_my_mesh(policy)

Index

class Method
class Endpoint
class Policy
class MeshPolicy
class CMRData
class ServiceMeshConsumer
- def __init__( self, charm, mesh_relation_name, cross_model_mesh_requires_name, cross_model_mesh_provides_name, policies, auto_join)
- def update_service_mesh( self)
- def labels( self)
class ServiceMeshProvider
- def __init__( self, charm, labels, mesh_relation_name)
- def update_relations( self)
- def mesh_info( self)

Description

HTTP method. None

Description

Data type for a policy endpoint. None

Description

Data type for defining a policy for your charm. None

Description

Data type for storage service mesh policy information. None

Description

Data type containing the info required for cross-model relations. None

Description

Class used for joining a service mesh. None

Methods

ServiceMeshConsumer. __init__( self , charm: CharmBase , mesh_relation_name: str , cross_model_mesh_requires_name: str , cross_model_mesh_provides_name: str , policies , auto_join: bool )

Class used for joining a service mesh.

Arguments

charm

The charm instantiating this object.

mesh_relation_name

The relation name as defined in metadata.yaml or charmcraft.yaml for the relation which uses the service_mesh interface.

cross_model_mesh_requires_name

The relation name as defined in metadata.yaml or charmcraft.yaml for the relation which requires the cross_model_mesh interface.

cross_model_mesh_provides_name

The relation name as defined in metadata.yaml or charmcraft.yaml for the relation which provides the cross_model_mesh interface.

policies

List of access policies this charm supports.

auto_join

Automatically join the mesh by applying labels to charm pods.

ServiceMeshConsumer. update_service_mesh( self )

Update the service mesh.

Description

Gathers information from all relations of the charm and updates the mesh appropriately to allow communication.

ServiceMeshConsumer. labels( self )

Description

Labels required for a pod to join the mesh. None

Description

Provide a service mesh to applications. None

Methods

ServiceMeshProvider. __init__( self , charm: CharmBase , labels , mesh_relation_name: str )

Class used to provide information needed to join the service mesh.

Arguments

charm

The charm instantiating this object.

mesh_relation_name

The relation name as defined in metadata.yaml or charmcraft.yaml for the relation which uses the service_mesh interface.

labels

The labels which related applications need to apply to use the mesh.

ServiceMeshProvider. update_relations( self )

Description

Update all relations with the labels needed to use the mesh. None

ServiceMeshProvider. mesh_info( self )

Description

Return the relation data that defines Policies requested by the related applications. None

Istio Beacon

charms.istio_beacon_k8s.v0.service_mesh

class Method

class Endpoint

class Policy

class MeshPolicy

class CMRData

class ServiceMeshConsumer

class ServiceMeshProvider