Istio version bump for 1.26
This commit is contained in:
parent
c181f3b011
commit
6c179fe978
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: kubezero-istio-gateway
|
name: kubezero-istio-gateway
|
||||||
description: KubeZero Umbrella Chart for Istio gateways
|
description: KubeZero Umbrella Chart for Istio gateways
|
||||||
type: application
|
type: application
|
||||||
version: 0.10.1
|
version: 0.18.2
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -19,4 +19,4 @@ dependencies:
|
|||||||
- name: gateway
|
- name: gateway
|
||||||
version: 1.18.2
|
version: 1.18.2
|
||||||
repository: https://istio-release.storage.googleapis.com/charts
|
repository: https://istio-release.storage.googleapis.com/charts
|
||||||
kubeVersion: ">= 1.25.0"
|
kubeVersion: ">= 1.26.0"
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: 1.17.2
|
appVersion: 1.18.2
|
||||||
description: Helm chart for deploying Istio gateways
|
description: Helm chart for deploying Istio gateways
|
||||||
icon: https://istio.io/latest/favicons/android-192x192.png
|
icon: https://istio.io/latest/favicons/android-192x192.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -7,6 +7,6 @@ keywords:
|
|||||||
- gateways
|
- gateways
|
||||||
name: gateway
|
name: gateway
|
||||||
sources:
|
sources:
|
||||||
- http://github.com/istio/istio
|
- https://github.com/istio/istio
|
||||||
type: application
|
type: application
|
||||||
version: 1.17.2
|
version: 1.18.2
|
||||||
|
@ -28,6 +28,15 @@ app.kubernetes.io/name: {{ include "gateway.name" . }}
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "gateway.podLabels" -}}
|
||||||
|
{{ include "gateway.selectorLabels" . }}
|
||||||
|
{{- range $key, $val := .Values.labels }}
|
||||||
|
{{- if not (or (eq $key "app") (eq $key "istio")) }}
|
||||||
|
{{ $key | quote }}: {{ $val | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- define "gateway.selectorLabels" -}}
|
{{- define "gateway.selectorLabels" -}}
|
||||||
{{- if hasKey .Values.labels "app" }}
|
{{- if hasKey .Values.labels "app" }}
|
||||||
{{- with .Values.labels.app }}app: {{.|quote}}
|
{{- with .Values.labels.app }}app: {{.|quote}}
|
||||||
|
@ -28,7 +28,7 @@ spec:
|
|||||||
{{- with .Values.revision }}
|
{{- with .Values.revision }}
|
||||||
istio.io/rev: {{ . }}
|
istio.io/rev: {{ . }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- include "gateway.selectorLabels" . | nindent 8 }}
|
{{- include "gateway.podLabels" . | nindent 8 }}
|
||||||
spec:
|
spec:
|
||||||
{{- with .Values.imagePullSecrets }}
|
{{- with .Values.imagePullSecrets }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
|
@ -0,0 +1,16 @@
|
|||||||
|
{{- if .Values.podDisruptionBudget }}
|
||||||
|
apiVersion: policy/v1
|
||||||
|
kind: PodDisruptionBudget
|
||||||
|
metadata:
|
||||||
|
name: {{ include "gateway.name" . }}
|
||||||
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
{{- include "gateway.labels" . | nindent 4}}
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
{{- include "gateway.selectorLabels" . | nindent 6 }}
|
||||||
|
{{- with .Values.podDisruptionBudget }}
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -5,6 +5,10 @@ kind: Role
|
|||||||
metadata:
|
metadata:
|
||||||
name: {{ include "gateway.serviceAccountName" . }}
|
name: {{ include "gateway.serviceAccountName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
{{- include "gateway.labels" . | nindent 4}}
|
||||||
|
annotations:
|
||||||
|
{{- .Values.annotations | toYaml | nindent 4 }}
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""]
|
- apiGroups: [""]
|
||||||
resources: ["secrets"]
|
resources: ["secrets"]
|
||||||
@ -15,6 +19,10 @@ kind: RoleBinding
|
|||||||
metadata:
|
metadata:
|
||||||
name: {{ include "gateway.serviceAccountName" . }}
|
name: {{ include "gateway.serviceAccountName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
|
labels:
|
||||||
|
{{- include "gateway.labels" . | nindent 4}}
|
||||||
|
annotations:
|
||||||
|
{{- .Values.annotations | toYaml | nindent 4 }}
|
||||||
roleRef:
|
roleRef:
|
||||||
apiGroup: rbac.authorization.k8s.io
|
apiGroup: rbac.authorization.k8s.io
|
||||||
kind: Role
|
kind: Role
|
||||||
|
@ -205,6 +205,21 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"podDisruptionBudget": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"minAvailable": {
|
||||||
|
"type": ["integer", "string"]
|
||||||
|
},
|
||||||
|
"maxUnavailable": {
|
||||||
|
"type": ["integer", "string"]
|
||||||
|
},
|
||||||
|
"unhealthyPodEvictionPolicy": {
|
||||||
|
"type": "string",
|
||||||
|
"enum": ["", "IfHealthyBudget", "AlwaysAllow"]
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -95,3 +95,33 @@ networkGateway: ""
|
|||||||
imagePullPolicy: ""
|
imagePullPolicy: ""
|
||||||
|
|
||||||
imagePullSecrets: []
|
imagePullSecrets: []
|
||||||
|
|
||||||
|
# This value is used to configure a Kubernetes PodDisruptionBudget for the gateway.
|
||||||
|
#
|
||||||
|
# By default, the `podDisruptionBudget` is disabled (set to `{}`),
|
||||||
|
# which means that no PodDisruptionBudget resource will be created.
|
||||||
|
#
|
||||||
|
# To enable the PodDisruptionBudget, configure it by specifying the
|
||||||
|
# `minAvailable` or `maxUnavailable`. For example, to set the
|
||||||
|
# minimum number of available replicas to 1, you can update this value as follows:
|
||||||
|
#
|
||||||
|
# podDisruptionBudget:
|
||||||
|
# minAvailable: 1
|
||||||
|
#
|
||||||
|
# Or, to allow a maximum of 1 unavailable replica, you can set:
|
||||||
|
#
|
||||||
|
# podDisruptionBudget:
|
||||||
|
# maxUnavailable: 1
|
||||||
|
#
|
||||||
|
# You can also specify the `unhealthyPodEvictionPolicy` field, and the valid values are `IfHealthyBudget` and `AlwaysAllow`.
|
||||||
|
# For example, to set the `unhealthyPodEvictionPolicy` to `AlwaysAllow`, you can update this value as follows:
|
||||||
|
#
|
||||||
|
# podDisruptionBudget:
|
||||||
|
# minAvailable: 1
|
||||||
|
# unhealthyPodEvictionPolicy: AlwaysAllow
|
||||||
|
#
|
||||||
|
# To disable the PodDisruptionBudget, you can leave it as an empty object `{}`:
|
||||||
|
#
|
||||||
|
# podDisruptionBudget: {}
|
||||||
|
#
|
||||||
|
podDisruptionBudget: {}
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -ex
|
set -ex
|
||||||
|
|
||||||
|
. ../../scripts/lib-update.sh
|
||||||
|
|
||||||
|
#login_ecr_public
|
||||||
|
update_helm
|
||||||
|
|
||||||
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="gateway") | .version' Chart.yaml)
|
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="gateway") | .version' Chart.yaml)
|
||||||
|
|
||||||
helm dep update
|
patch_chart gateway
|
||||||
|
|
||||||
# Patch
|
|
||||||
tar xf charts/gateway-$ISTIO_VERSION.tgz -C charts && rm -f charts/gateway-$ISTIO_VERSION.tgz
|
|
||||||
#diff -tubr charts/gateway.orig charts/gateway
|
|
||||||
patch -p0 -i zdt.patch --no-backup-if-mismatch
|
|
||||||
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: kubezero-istio
|
name: kubezero-istio
|
||||||
description: KubeZero Umbrella Chart for Istio
|
description: KubeZero Umbrella Chart for Istio
|
||||||
type: application
|
type: application
|
||||||
version: 0.10.1
|
version: 0.18.2
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -25,4 +25,4 @@ dependencies:
|
|||||||
version: "1.72.0"
|
version: "1.72.0"
|
||||||
repository: https://kiali.org/helm-charts
|
repository: https://kiali.org/helm-charts
|
||||||
condition: kiali-server.enabled
|
condition: kiali-server.enabled
|
||||||
kubeVersion: ">= 1.25.0"
|
kubeVersion: ">= 1.26.0"
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# kubezero-istio
|
# kubezero-istio
|
||||||
|
|
||||||
![Version: 0.10.0](https://img.shields.io/badge/Version-0.10.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
![Version: 0.18.2](https://img.shields.io/badge/Version-0.18.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
||||||
|
|
||||||
KubeZero Umbrella Chart for Istio
|
KubeZero Umbrella Chart for Istio
|
||||||
|
|
||||||
@ -16,14 +16,14 @@ Installs the Istio control plane
|
|||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
Kubernetes: `>= 1.25.0`
|
Kubernetes: `>= 1.26.0`
|
||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
|
||||||
| https://istio-release.storage.googleapis.com/charts | base | 1.17.2 |
|
| https://istio-release.storage.googleapis.com/charts | base | 1.18.2 |
|
||||||
| https://istio-release.storage.googleapis.com/charts | istiod | 1.17.2 |
|
| https://istio-release.storage.googleapis.com/charts | istiod | 1.18.2 |
|
||||||
| https://kiali.org/helm-charts | kiali-server | 1.66.0 |
|
| https://kiali.org/helm-charts | kiali-server | 1.72.0 |
|
||||||
|
|
||||||
## Values
|
## Values
|
||||||
|
|
||||||
|
@ -1,22 +1,22 @@
|
|||||||
# Revision 162 = 1.17
|
# https://grafana.com/grafana/dashboards/7645-istio-control-plane-dashboard/?tab=revisions
|
||||||
configmap: grafana-dashboards
|
configmap: grafana-dashboards
|
||||||
gzip: true
|
gzip: true
|
||||||
folder: Istio
|
folder: Istio
|
||||||
condition: '.Values.istiod.telemetry.enabled'
|
condition: '.Values.istiod.telemetry.enabled'
|
||||||
dashboards:
|
dashboards:
|
||||||
- name: istio-control-plane
|
- name: istio-control-plane
|
||||||
url: https://grafana.com/api/dashboards/7645/revisions/162/download
|
url: https://grafana.com/api/dashboards/7645/revisions/174/download
|
||||||
tags:
|
tags:
|
||||||
- Istio
|
- Istio
|
||||||
- name: istio-mesh
|
- name: istio-mesh
|
||||||
url: https://grafana.com/api/dashboards/7639/revisions/162/download
|
url: https://grafana.com/api/dashboards/7639/revisions/174/download
|
||||||
tags:
|
tags:
|
||||||
- Istio
|
- Istio
|
||||||
- name: istio-service
|
- name: istio-service
|
||||||
url: https://grafana.com/api/dashboards/7636/revisions/162/download
|
url: https://grafana.com/api/dashboards/7636/revisions/174/download
|
||||||
tags:
|
tags:
|
||||||
- Istio
|
- Istio
|
||||||
- name: istio-workload
|
- name: istio-workload
|
||||||
url: https://grafana.com/api/dashboards/7630/revisions/162/download
|
url: https://grafana.com/api/dashboards/7630/revisions/174/download
|
||||||
tags:
|
tags:
|
||||||
- Istio
|
- Istio
|
||||||
|
File diff suppressed because one or more lines are too long
@ -1,11 +1,14 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -ex
|
set -ex
|
||||||
|
|
||||||
|
. ../../scripts/lib-update.sh
|
||||||
|
|
||||||
|
#login_ecr_public
|
||||||
|
update_helm
|
||||||
|
|
||||||
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml)
|
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml)
|
||||||
export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml)
|
export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml)
|
||||||
|
|
||||||
helm dep update
|
|
||||||
|
|
||||||
# Get matching istioctl
|
# Get matching istioctl
|
||||||
# [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; }
|
# [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; }
|
||||||
|
|
||||||
|
@ -5,6 +5,10 @@ gateway:
|
|||||||
|
|
||||||
{{- with index .Values "istio-ingress" "gateway" "replicaCount" }}
|
{{- with index .Values "istio-ingress" "gateway" "replicaCount" }}
|
||||||
replicaCount: {{ . }}
|
replicaCount: {{ . }}
|
||||||
|
{{- if gt (int .) 1 }}
|
||||||
|
podDisruptionBudget:
|
||||||
|
minAvailable: 1
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- if not (index .Values "istio-ingress" "gateway" "affinity") }}
|
{{- if not (index .Values "istio-ingress" "gateway" "affinity") }}
|
||||||
|
@ -5,6 +5,10 @@ gateway:
|
|||||||
|
|
||||||
{{- with index .Values "istio-private-ingress" "gateway" "replicaCount" }}
|
{{- with index .Values "istio-private-ingress" "gateway" "replicaCount" }}
|
||||||
replicaCount: {{ . }}
|
replicaCount: {{ . }}
|
||||||
|
{{- if gt (int .) 1 }}
|
||||||
|
podDisruptionBudget:
|
||||||
|
minAvailable: 1
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- if not (index .Values "istio-private-ingress" "gateway" "affinity") }}
|
{{- if not (index .Values "istio-private-ingress" "gateway" "affinity") }}
|
||||||
|
@ -59,13 +59,13 @@ storage:
|
|||||||
istio:
|
istio:
|
||||||
enabled: false
|
enabled: false
|
||||||
namespace: istio-system
|
namespace: istio-system
|
||||||
targetRevision: 0.10.0
|
targetRevision: 0.18.2
|
||||||
|
|
||||||
istio-ingress:
|
istio-ingress:
|
||||||
enabled: false
|
enabled: false
|
||||||
chart: kubezero-istio-gateway
|
chart: kubezero-istio-gateway
|
||||||
namespace: istio-ingress
|
namespace: istio-ingress
|
||||||
targetRevision: 0.10.0
|
targetRevision: 0.18.2
|
||||||
gateway:
|
gateway:
|
||||||
service: {}
|
service: {}
|
||||||
|
|
||||||
@ -73,7 +73,7 @@ istio-private-ingress:
|
|||||||
enabled: false
|
enabled: false
|
||||||
chart: kubezero-istio-gateway
|
chart: kubezero-istio-gateway
|
||||||
namespace: istio-ingress
|
namespace: istio-ingress
|
||||||
targetRevision: 0.10.0
|
targetRevision: 0.18.2
|
||||||
gateway:
|
gateway:
|
||||||
service: {}
|
service: {}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user