ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 25 Packages Projects Releases Wiki Activity

feat: Final touches and latest dashboards for Istio 1.13.3

Browse Source
This commit is contained in:
Stefan Reimer 2022-04-21 00:57:45 +02:00
parent b42a0ab630
commit 07b2963661
4 changed files with 9 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
charts/kubezero-istio/dashboards.yaml
View File

@ -1,21 +1,22 @@
# Revision 115 = 1.13.3
configmap: grafana-dashboards configmap: grafana-dashboards
gzip: true gzip: true
folder: Istio folder: Istio
condition: 'index .Values "istio-discovery" "telemetry" "enabled"' condition: 'index .Values "istio-discovery" "telemetry" "enabled"'
dashboards: dashboards:
- name: istio-control-plane - name: istio-control-plane
url: https://grafana.com/api/dashboards/7645/revisions/82/download url: https://grafana.com/api/dashboards/7645/revisions/115/download
tags: tags:
- Istio - Istio
- name: istio-mesh - name: istio-mesh
url: https://grafana.com/api/dashboards/7639/revisions/82/download url: https://grafana.com/api/dashboards/7639/revisions/115/download
tags: tags:
- Istio - Istio
- name: istio-service - name: istio-service
url: https://grafana.com/api/dashboards/7636/revisions/82/download url: https://grafana.com/api/dashboards/7636/revisions/115/download
tags: tags:
- Istio - Istio
- name: istio-workload - name: istio-workload
url: https://grafana.com/api/dashboards/7630/revisions/82/download url: https://grafana.com/api/dashboards/7630/revisions/115/download
tags: tags:
- Istio - Istio

8
charts/kubezero-istio/templates/grafana-dashboards.yaml
View File

File diff suppressed because one or more lines are too long

16
charts/kubezero-istio/update.sh
View File

@ -1,27 +1,11 @@
#!/bin/bash #!/bin/bash
set -ex set -ex
### TODO
# - https://istio.io/latest/docs/ops/configuration/security/harden-docker-images/
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml) export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml)
export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml) export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml)
helm dep update helm dep update
# Patch
#exit 0
#diff -tubr istio istio.zdt/
#patch -p0 -i zdt.patch --no-backup-if-mismatch
# Create ingress charts
#rm -rf ../kubezero-istio-ingress/charts/istio-*
#cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/
#cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/istio-private-ingress
# Rename private chart
#sed -i -e 's/name: istio-ingress/name: istio-private-ingress/' ../kubezero-istio-ingress/charts/istio-private-ingress/Chart.yaml
# Get matching istioctl # Get matching istioctl
[ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; } [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; }

67
charts/kubezero-istio/zdt.patch
View File

@ -1,67 +0,0 @@
diff -tubr istio/manifests/charts/gateways/istio-ingress/templates/_affinity.tpl istio.zdt/manifests/charts/gateways/istio-ingress/templates/_affinity.tpl
--- istio/manifests/charts/gateways/istio-ingress/templates/_affinity.tpl 2021-07-15 07:32:30.000000000 +0200
+++ istio.zdt/manifests/charts/gateways/istio-ingress/templates/_affinity.tpl 2021-08-10 15:49:57.298616463 +0200
@@ -21,11 +21,16 @@
{{- end }}
{{- $nodeSelector := default .global.defaultNodeSelector .nodeSelector -}}
{{- range $key, $val := $nodeSelector }}
+ {{- if eq $val "Exists" }}
+ - key: {{ $key }}
+ operator: Exists
+ {{- else }}
- key: {{ $key }}
operator: In
values:
- {{ $val | quote }}
{{- end }}
+ {{- end }}
{{- end }}
{{- define "nodeAffinityPreferredDuringScheduling" }}
diff -tubr istio/manifests/charts/gateways/istio-ingress/templates/deployment.yaml istio.zdt/manifests/charts/gateways/istio-ingress/templates/deployment.yaml
--- istio/manifests/charts/gateways/istio-ingress/templates/deployment.yaml 2021-07-15 07:32:30.000000000 +0200
+++ istio.zdt/manifests/charts/gateways/istio-ingress/templates/deployment.yaml 2021-08-10 15:46:23.216421660 +0200
@@ -16,6 +16,8 @@
{{- if $gateway.replicaCount }}
replicas: {{ $gateway.replicaCount }}
{{- end }}
+ # Give the LB 120s to detect and take into service, should only be 40s by we are on AWS so ??
+ minReadySeconds: 120
{{- end }}
selector:
matchLabels:
@@ -65,6 +67,7 @@
{{- if .Values.global.priorityClassName }}
priorityClassName: "{{ .Values.global.priorityClassName }}"
{{- end }}
+ terminationGracePeriodSeconds: 120
{{- if .Values.global.proxy.enableCoreDump }}
initContainers:
- name: enable-core-dump
@@ -136,6 +139,11 @@
privileged: false
readOnlyRootFilesystem: true
{{- end }}
+ #This needs kube-proxy support coming with 1.22 hopefully, cilium ?
+ #lifecycle:
+ # preStop:
+ # exec:
+ # command: ["/bin/sh","-c","sleep 30"]
readinessProbe:
failureThreshold: 30
httpGet:
diff -tubr istio/manifests/charts/gateways/istio-ingress/templates/service.yaml istio.zdt/manifests/charts/gateways/istio-ingress/templates/service.yaml
--- istio/manifests/charts/gateways/istio-ingress/templates/service.yaml 2021-07-15 07:32:30.000000000 +0200
+++ istio.zdt/manifests/charts/gateways/istio-ingress/templates/service.yaml 2021-08-10 19:58:01.037876557 +0200
@@ -34,9 +34,11 @@
{{- range $key, $val := $gateway.ports }}
-
{{- range $pkey, $pval := $val }}
+ {{- if has $pkey (list "name" "nodePort" "port" "targetPort") }}
{{ $pkey}}: {{ $pval }}
{{- end }}
{{- end }}
+ {{- end }}
{{ range $app := $gateway.ingressPorts }}
-