Active-active Kubernetes architecture
Overview
Active-active replication between Kubernetes clusters is a strategy to ensure high availability and disaster recovery for applications. In this setup, multiple Kubernetes clusters, typically located in different geographical regions, run identical copies of an application simultaneously.
Prerequisites
- Install Astronetes Resiliency Operator.
- Create a namespace where to store the secrets and run the synchronization between clusters.
Setup
Import the first cluster
Import the first Kubernetes cluster as described in details here:
Save the kubeconfig file as
cluster-1-kubeconfig.yaml.Import the kubeconfig file as secret:
kubectl create secret generic cluster-1-kubeconfig --from-file=kubeconfig.yaml=cluster-1-kubeconfig.yamlCreate the KubernetesCluster resource manifest
cluster-1.yaml:apiVersion: assets.astronetes.io/v1alpha1 kind: KubernetesCluster metadata: name: cluster-1 spec: secretName: cluster-1-kubeconfigDeploy the resource with the following command:
kubectl create -f cluster-1.yaml
Import the second cluster
Import the first Kubernetes cluster as described in details here:
Save the kubeconfig file as
cluster-2-kubeconfig.yaml.Import the kubeconfig file as secret:
kubectl create secret generic cluster-2-kubeconfig --from-file=kubeconfig.yaml=cluster-2-kubeconfig.yamlCreate the KubernetesCluster resource manifest
cluster-2.yaml:apiVersion: assets.astronetes.io/v1alpha1 kind: KubernetesCluster metadata: name: cluster-2 spec: secretName: cluster-2-kubeconfigDeploy the resource with the following command:
kubectl create -f cluster-2.yaml
Synchronize the clusters
Create the configuration manifest to synchronize the clusters according to the full documentation is provided at Configure LiveSynchronization.
In the following examples there is a minimal configuration to synchronize namespaces labeled with sync=true:
Save the configuration file as
livesync.yamlwith the following content:apiVersion: automation.astronetes.io/v1alpha1 kind: LiveSynchronization metadata: name: active-active spec: plugin: kubernetes-objects-to-kubernetes suspend: false config: sourceName: cluster-1 destinationName: cluster-2 replication: resources: - group: apps version: v1 resource: deployments filters: namespaceSelector: matchLabels: sync: "true" - group: "" version: v1 resource: services filters: namespaceSelector: matchLabels: sync: "true" - group: "" version: v1 resource: secrets filters: namespaceSelector: matchLabels: sync: "true" - group: "rbac.authorization.k8s.io" version: v1 resource: roles filters: namespaceSelector: matchLabels: sync: "true" - group: "rbac.authorization.k8s.io" version: v1 resource: rolebindings filters: namespaceSelector: matchLabels: sync: "true" - group: "" version: v1 resource: serviceaccounts filters: namespaceSelector: matchLabels: sync: "true" nameSelector: excludeRegex: - "^(default|deployer|builder)$" - group: "networking.k8s.io" version: v1 resource: ingresses filters: namespaceSelector: matchLabels: sync: "true"Apply the configuration:
kubectl apply -f livesync.yaml
Operations
Pause the synchronization
The synchronization process can be paused with the following command:
kubectl patch livesynchronization active-active -p '{"spec":{"suspend":true}}' --type=merge
Resume the synchronization
The synchronization process can be paused with the following command:
kubectl patch livesynchronization active-active -p '{"spec":{"suspend":false}}' --type=merge