In-cluster service communication between subsystems

Key points and limitations of in-cluster inter-subsystem communication.

In-cluster communication is only possible between subsystems that are in the same cluster.
In-cluster communication cannot be used in two data center disaster recovery deployments, Two data center warm-standby deployment on Kubernetes and OpenShift.
If you are adding new subsystems to an upgraded deployment you can set the subsystems to use in-cluster communication, but you must use different certificates and secrets for the subsystem endpoints. The default certificate and secret names for the subsystem endpoints are:
- Analytics: ai-endpoint.
- Portal: portal-admin.
- Gateway: gwv6-manager-endpoint or gw-gateway-manager
Do not use these same certificate and secret names if your additional subsystems are in the same namespace.
If you customize any TLS certificates used for inter-subsystem communication, then to use in-cluster communication the TLS certificates must include the service hostname in the DNS section of the SAN, for example:
```
X509v3 Subject Alternative Name: critical
                DNS: ptladmin.mydomain.com, DNS: portal.apic.svc, DNS: portal.apic.svc.cluster.local
```
On Cloud Pak for Integration, all subsystems are registered automatically during deployment with external communication specified.