Create a Global Namespace

To create a global namespace with the Tanzu Service Mesh CLI, you must describe the configuration of the global namespace in a YAML file and then apply the configuration file.

You must describe the different configuration details of a global namespace in the following manifests:

Global namespace manifest. Contains the general details and namespace selection criteria about the global namespace.
Public service manifest. Contains general configuration details about a public service in the global namespace. For a GSLB-enabled public service, the public service manifest also contains the GSLB configuration parameters.
Public service route manifest. Defines the name of the internal service associated with the public service and the port of the internal service.
API discovery manifest. Contains the configuration details that are required to observe and monitor API traffic between the services in the GNS and configure API security policies.
PII discovery manifest. Contains the configuration details that are required to observe and monitor data in flight between services in the GNS and configure data security policies.

You must retrieve the templates of these manifests from the Tanzu Service Mesh API, combine them in a single YAML manifest file called global namespace configuration file, and provide values for the fields in the manifests.

Although the simplest approach is to have all of these manifests combined in a single file, it is not necessary. For example, if a different team manages the GSLB interaction, you can separate the public service GSLB configuration into a separate manifest file. However, all of these YAML manifest files must exist for a global namespace to function properly.

Prerequisites

Download and install the CLI.
Log in to the Tanzu Service Mesh CLI.
Be familiar with the concept of global namespace in Tanzu Service Service Mesh.
Be familiar with the concept of public service in Tanzu Service Mesh.
Be familiar with the concept of API discovery in Tanzu Service Mesh.
Be familiar with the concept of personal identifiable information (PII) discovery in Tanzu Service Mesh.
Be familiar with the Kubernetes YAML manifest format.
The current public service configuration requires that a health check ID and an external DNS ID exist and be referred to in the PublicService manifest, which is part of the GlobalNamespace manifest. Before applying the public service, you must add the health check ID and the DNS ID to the PublicService manifest. For information on how to get a health check ID and an external DNS ID, see Get a Health Check ID for a Public Namespace Configuration and Get an External DNS ID for a Public Namespace Configuration.

Procedure

Create a YAML manifest file to contain the global namespace configuration.

The steps below refer to this file as the global namespace configuration file.
To retrieve the template for each manifest that is included in the global namespace configuration, run the tanzu sm get spec CLI command.
1. To retrieve the global namespace manifest template, run the following command:
```
tanzu sm get spec globalnamespaces
```
  sm is the alias for the Tanzu Service Mesh plugin in the Tanzu CLI. You can replace sm with service-mesh.
2. To retrieve the public service manifest template, run the following command.
```
tanzu sm get spec publicservices
```
3. To retrieve the template for a public service route manifest, run the following command.
```
tanzu sm get spec publicserviceroutes
```
4. To retrieve the API discovery manifest template, run the following command:
```
tanzu sm get spec apidiscoveries
```
5. To retrieve the PII discovery manifest template, run the following command:
```
tanzu sm get spec piidiscoveries
```
Paste each returned manifest template into the global namespace configuration file that you created.
Important:
- Arrange the manifests in the following order in the file:
  - Global namespace manifest
  - Public service manifest
  - Public service route manifest
  - API discovery manifest
  - PII discovery manifest
- Make sure that you put --- at the end of each manifest in the file.
Provide values for the fields in the resultant global namespace configuration file.
- Add the health check ID to the public service manifest under healthcheck_ids.
- Add the external DNS ID to the public service manifest as the value of external_dns_id under public_domain.
Note:
For information about the meaning of the fields in the configuration and what value to provide for each field, see the schema of the appropriate API in API Explorer in Tanzu Service Mesh. Perform the following steps:
1. In Tanzu Service Mesh SaaS UI, click API Explorer on the bottom bar.
2. Go to the appropriate API in API Explorer.
3. In the API section, under Request Body, click Schema.
Save the changes in the file.

Results

For information about how to apply the global namespace configuration YAML file to your Tanzu Service Mesh tenant, see Apply a Configuration to Tanzu Service Mesh SaaS Using the CLI.

What to do next

Add the global namespace configuration file to the Git repository where you maintain all your manifest files.