openshift-docs/modules/ossm-federation-create-export.adoc

////
This module included in the following assemblies:
* service_mesh/v2x/ossm-federation.adoc
////

:_mod-docs-content-type: PROCEDURE
[id="ossm-federation-create-export_{context}"]
= Creating an ExportedServiceSet

You create an `ExportedServiceSet` resource to explicitly declare the services that you want to be available to a mesh peer.

Services are exported as `<export-name>.<export-namespace>.svc.<ServiceMeshPeer.name>-exports.local` and will automatically route to the target service.  This is the name by which the exported service is known in the exporting mesh. When the ingress gateway receives a request destined for this name, it will be routed to the actual service being exported. For example, if a service named `ratings.red-mesh-bookinfo` is exported to `green-mesh` as `ratings.bookinfo`, the service will be exported under the name `ratings.bookinfo.svc.green-mesh-exports.local`, and traffic received by the ingress gateway for that hostname will be routed to the `ratings.red-mesh-bookinfo` service.

[NOTE]
====
When you set the `importAsLocal` parameter to `true` to aggregate the remote endpoint with local services, you must use an alias for the service. When you set the parameter `false`, no alias is required.
====

.Prerequisites

* The cluster and `ServiceMeshControlPlane` have been configured for mesh federation.
* An account with the `cluster-admin` role.

[NOTE]
====
You can configure services for export even if they do not exist yet. When a service that matches the value specified in the ExportedServiceSet is deployed, it will be automatically exported.
====

////
.Procedure from the Console
This is conjecture about what the flow might look like.

Follow this procedure to create an `ExportedServiceSet` with the web console. This example shows the red-mesh exporting the ratings service from the bookinfo application to the green-mesh.

. Log in to the {product-title} web console as a user with the cluster-admin role.
. Navigate to *Ecosystem* -> *Installed Operators*.
. Click the *Project* menu and select the project where you installed the {SMProductShortName} control plane for the mesh that will export services. For example, `red-mesh-system`.
. Click the {SMProductName} Operator, then click *Istio Service Mesh ExportedServiceSet*.
. On the *Istio Service Mesh ExportedServiceSet* tab, click *Create ExportedServiceSet*.
. On the *Create ExportedServiceSet* page, click *YAML* to modify your configuration.
. Modify the default configuration with values for your export.
. Click *Create*. The Operator creates the export based on your configuration parameters.
. To verify the `ExportedServiceSet` resource was created, click the *Istio Service Mesh ExportedServiceSet* tab.
.. Click the name of the new `ExportedServiceSet`; for example, `export-to-green-mesh`.
.. Click the *Resources* tab to see the `ExportedServiceSet` resource the Operator created and configured.
////

.Procedure from the CLI

Follow this procedure to create an `ExportedServiceSet` from the command line.

. Log in to the {product-title} CLI as a user with the `cluster-admin` role. Enter the following command. Then, enter your username and password when prompted.
+
[source,terminal]
----
$ oc login --username=<NAMEOFUSER> <API token> https://<HOSTNAME>:6443
----
+
. Change to the project where you installed the {SMProductShortName} control plane; for example, `red-mesh-system`.
+
[source,terminal]
----
$ oc project red-mesh-system
----
+
. Create an `ExportedServiceSet` file based on the following example where `red-mesh` is exporting services to `green-mesh`.
+
.Example ExportedServiceSet resource from red-mesh to green-mesh
[source,yaml]
----
apiVersion: federation.maistra.io/v1
kind: ExportedServiceSet
metadata:
  name: green-mesh
  namespace: red-mesh-system
spec:
  exportRules:
  - type: NameSelector
    nameSelector:
      namespace: red-mesh-bookinfo
      name: ratings
      alias:
        namespace: bookinfo
        name: red-ratings
  - type: NameSelector
    nameSelector:
      namespace: red-mesh-bookinfo
      name: reviews
----
+
. Run the following command to upload and create the `ExportedServiceSet` resource in the red-mesh-system namespace.
+
[source,terminal]
----
$ oc create -n <ControlPlaneNamespace> -f <ExportedServiceSet.yaml>
----
+
For example:
+
[source,terminal]
----
$ oc create -n red-mesh-system -f export-to-green-mesh.yaml
----
+
. Create additional `ExportedServiceSets` as needed for each mesh peer in your federated mesh.

.Verification

//TODO - Add sample output after the validation
* Run the following command to validate the services the red-mesh exports to share with green-mesh:
+
[source,terminal]
----
$ oc get exportedserviceset <PeerMeshExportedTo> -o yaml
----
+
For example:
+
[source,terminal]
----
$ oc -n red-mesh-system get exportedserviceset green-mesh -o yaml
----
+
.Example validating the services exported from the red mesh that are shared with the green mesh.
[source,yaml]
----
  status:
    exportedServices:
    - exportedName: red-ratings.bookinfo.svc.green-mesh-exports.local
      localService:
        hostname: ratings.red-mesh-bookinfo.svc.cluster.local
        name: ratings
        namespace: red-mesh-bookinfo
    - exportedName: reviews.red-mesh-bookinfo.svc.green-mesh-exports.local
      localService:
        hostname: reviews.red-mesh-bookinfo.svc.cluster.local
        name: reviews
        namespace: red-mesh-bookinfo
----
The `status.exportedServices` array lists the services that are currently exported (these services matched the export rules in the `ExportedServiceSet object`). Each entry in the array indicates the name of the exported service and details about the local service that is exported.
+
If a service that you expected to be exported is missing, confirm the Service object exists, its name or labels match the `exportRules` defined in the `ExportedServiceSet` object, and that the Service object's namespace is configured as a member of the service mesh using the `ServiceMeshMemberRoll` or `ServiceMeshMember` object.