Beyond a Single Cluster
A single cluster is a failure domain and a capacity ceiling. A multi cluster mesh joins several clusters into one logical mesh, so services discover and securely call each other across cluster boundaries.
What Must Be Shared
- Trust: clusters share a root of trust so mutual TLS works across boundaries. Identities issued in one cluster are verified in another.
- Discovery: each control plane learns endpoints in the other clusters, so a service sees remote replicas as just more endpoints.
- Connectivity: traffic reaches remote pods directly on a flat network, or through east west gateways when networks are separate.
Control Plane Topologies
The mesh can run a shared control plane that manages all clusters, or a replicated model where each cluster has its own control plane synced with peers. Replicated control planes remove a single point of failure but cost more coordination.
What You Gain
Cross cluster failover means a whole cluster can go down and traffic shifts to another. You also get location transparency. A caller does not know or care which cluster serves it, while keeping locality preferences for latency.
Key idea
A multi cluster mesh shares trust, discovery, and connectivity across clusters so services call each other transparently, giving cross cluster failover and removing the single cluster as a failure domain.