Distributed traffic cross clusters #777
Description
I have 2 clusters c1 and c2 join into the same Lattice service network. review app is deployed in both clusters:
apiVersion: apps/v1
kind: Deployment
metadata:
name: review
namespace: demo
labels:
app: review
spec:
replicas: 2
selector:
matchLabels:
app: review
template:
metadata:
labels:
app: review
spec:
containers:
- name: aug24-review
image: public.ecr.aws/x2j8p8w7/http-server:latest
env:
- name: PodName
value: "review c1" # <= change to `c2` when deployed in cluster c2
---
apiVersion: v1
kind: Service
metadata:
name: review
namespace: demo
spec:
selector:
app: review
ports:
- protocol: TCP
port: 80
targetPort: 8090
---
apiVersion: application-networking.k8s.aws/v1alpha1
kind: ServiceExport
metadata:
name: review
namespace: demo
annotations:
application-networking.k8s.aws/federation: "amazon-vpc-lattice"Then ONLY in cluster c1, create ServiceImport and HTTPRoute
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: review
namespace: demo
spec:
parentRefs:
- name: my-hotel
sectionName: http
rules:
- backendRefs:
- name: review
kind: ServiceImport
---
apiVersion: application-networking.k8s.aws/v1alpha1
kind: ServiceImport
metadata:
name: review
namespace: demo
spec:
type: ClusterSetIP
ports:
- port: 80
protocol: TCPWhat I expected is traffic is distributed to review service in BOTH clusters, but it only sent to one cluster
while true; do curl http://review-demo-0833fb844c53faa83.7d67968.vpc-lattice-svcs.ap-southeast-1.on.aws; done
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-2fvn2): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Requsting to Pod(review-76978c5ddc-l6qnt): review c2
Only a target group is associated with Lattice service:
aws vpc-lattice list-target-groups --output=json
{
"items": [
{
"arn": "arn:aws:vpc-lattice:ap-southeast-1:<account_id>:targetgroup/tg-049d500097172a647",
"createdAt": "2025-07-02T07:13:44.975000+00:00",
"id": "tg-049d500097172a647",
"ipAddressType": "IPV4",
"lastUpdatedAt": "2025-07-02T07:13:44.975000+00:00",
"name": "k8s-demo-review-iebniqqsdb",
"port": 80,
"protocol": "HTTP",
"serviceArns": [
"arn:aws:vpc-lattice:ap-southeast-1:<account_id>:service/svc-0833fb844c53faa83"
],
"status": "ACTIVE",
"type": "IP",
"vpcIdentifier": "vpc-0e296da2065d30703"
},
{
"arn": "arn:aws:vpc-lattice:ap-southeast-1:<account_id>:targetgroup/tg-089edac66225da09a",
"createdAt": "2025-07-02T07:13:38.700000+00:00",
"id": "tg-089edac66225da09a",
"ipAddressType": "IPV4",
"lastUpdatedAt": "2025-07-02T07:13:38.700000+00:00",
"name": "k8s-demo-review-qyilpffebc",
"port": 80,
"protocol": "HTTP",
"serviceArns": [],
"status": "ACTIVE",
"type": "IP",
"vpcIdentifier": "vpc-01054789f4f5ba088"
}
]
}