registration
Last updated
Was this helpful?
1.2
Last updated
Was this helpful?
When Proxies register with the control plane, they must and who/where they are.
Each Grey Matter Proxy connects to the Grey Matter Control server with a bi-directional gRPC stream. This connection is kept alive as long as both servers are up, and updates to configuration will flow every 30 seconds (default; but configurable) from gm-control to each connected gm-proxy.
To properly setup the connection, gm-proxy is run with the following two environment variables.
When connecting to the Envoy management server, proxies may also connect with TLS:
Repeated proxy log messages of the form below indicate that the connection to gm-control is failing. Usually this is because the address is incorrect or not addressable. If these logs do not appear, the connection is successful.
NOTE A single, or intermittent, occurrence of this error message often occurs during startup, and is not a concern.
When the proxy connects to control, it also sends an announcement that identifies itself to the control plane. This announcement information is used to isolate nodes into zones, determine which configuration options go to which proxy instance, etc.
NOTE the
zonethat the proxy announces must match the--api.zoneof thegm-controlinstance the proxy connects to. If these two are not in agreement, then the proxy is considered to be in a different zone and will receive no configuration.
NOTE This field is not currently used for any operations in the control plane. By default, each node will get a random ID, so it does not need to be set by the user.
Using the Grey Matter Proxy, the announcement info can be most easily set through the environment variables:
They can also be set directly at the command line when running the binary directly:
Inside of the Grey Matter Proxy, we provide templates to easily configure our envoy based sidecar. Some hardcoded values have been provided to simplify configuration and unify connection of all Grey Matter sidecars to the Grey Matter Control Plane.
xdsClusterName = xds_cluster is the statically defined cluster that all proxies use to connection to a control plane that implements the Envoy xDS APIs.
sdsClusterName = spire_agent is the statically defined cluster that all proxies use to connect to an Secret Discovery Service.
xdsRefreshDelaySecs = 30 is the statically defined refresh rate in seconds that Grey Matter Control will use to poll xDS APIs when using the REST v1 mode.
Grey Matter Control has these values statically defined as well due to a name match that Envoy uses when doing cluster lookups in its static_resource registry. If the names of static clusters do not match inside the Control server, then cluster lookups for RDS and EDS will fail.
The defines what type of service this proxy is serving. Examples would be "example-service", "user-service", "data", "catalog", etc. This field is used by the control plane to group together all proxies that share the same cluster so that they'll be properly routed and load-balanced as instances spin up or down.
The is the logical group that the proxy is running in. This can correlate to actual geographic regions, different slices of the network, or simply logical groups.
The is generally a unique identifier for this particular proxy instance, and can be used to take instance specific actions.
Each flag can also be set directly in the bootstrap config template in the section like shown below.