Istio version bump for 1.26

This commit is contained in:
Stefan Reimer 2023-08-22 12:48:33 +00:00
parent c181f3b011
commit 6c179fe978
18 changed files with 122 additions and 33 deletions

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio-gateway name: kubezero-istio-gateway
description: KubeZero Umbrella Chart for Istio gateways description: KubeZero Umbrella Chart for Istio gateways
type: application type: application
version: 0.10.1 version: 0.18.2
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -19,4 +19,4 @@ dependencies:
- name: gateway - name: gateway
version: 1.18.2 version: 1.18.2
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
kubeVersion: ">= 1.25.0" kubeVersion: ">= 1.26.0"

View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.17.2 appVersion: 1.18.2
description: Helm chart for deploying Istio gateways description: Helm chart for deploying Istio gateways
icon: https://istio.io/latest/favicons/android-192x192.png icon: https://istio.io/latest/favicons/android-192x192.png
keywords: keywords:
@ -7,6 +7,6 @@ keywords:
- gateways - gateways
name: gateway name: gateway
sources: sources:
- http://github.com/istio/istio - https://github.com/istio/istio
type: application type: application
version: 1.17.2 version: 1.18.2

View File

@ -28,6 +28,15 @@ app.kubernetes.io/name: {{ include "gateway.name" . }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- define "gateway.podLabels" -}}
{{ include "gateway.selectorLabels" . }}
{{- range $key, $val := .Values.labels }}
{{- if not (or (eq $key "app") (eq $key "istio")) }}
{{ $key | quote }}: {{ $val | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- define "gateway.selectorLabels" -}} {{- define "gateway.selectorLabels" -}}
{{- if hasKey .Values.labels "app" }} {{- if hasKey .Values.labels "app" }}
{{- with .Values.labels.app }}app: {{.|quote}} {{- with .Values.labels.app }}app: {{.|quote}}

View File

@ -28,7 +28,7 @@ spec:
{{- with .Values.revision }} {{- with .Values.revision }}
istio.io/rev: {{ . }} istio.io/rev: {{ . }}
{{- end }} {{- end }}
{{- include "gateway.selectorLabels" . | nindent 8 }} {{- include "gateway.podLabels" . | nindent 8 }}
spec: spec:
{{- with .Values.imagePullSecrets }} {{- with .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:

View File

@ -0,0 +1,16 @@
{{- if .Values.podDisruptionBudget }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "gateway.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "gateway.labels" . | nindent 4}}
spec:
selector:
matchLabels:
{{- include "gateway.selectorLabels" . | nindent 6 }}
{{- with .Values.podDisruptionBudget }}
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

View File

@ -5,6 +5,10 @@ kind: Role
metadata: metadata:
name: {{ include "gateway.serviceAccountName" . }} name: {{ include "gateway.serviceAccountName" . }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels:
{{- include "gateway.labels" . | nindent 4}}
annotations:
{{- .Values.annotations | toYaml | nindent 4 }}
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["secrets"] resources: ["secrets"]
@ -15,6 +19,10 @@ kind: RoleBinding
metadata: metadata:
name: {{ include "gateway.serviceAccountName" . }} name: {{ include "gateway.serviceAccountName" . }}
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels:
{{- include "gateway.labels" . | nindent 4}}
annotations:
{{- .Values.annotations | toYaml | nindent 4 }}
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role

View File

@ -205,6 +205,21 @@
} }
} }
} }
},
"podDisruptionBudget": {
"type": "object",
"properties": {
"minAvailable": {
"type": ["integer", "string"]
},
"maxUnavailable": {
"type": ["integer", "string"]
},
"unhealthyPodEvictionPolicy": {
"type": "string",
"enum": ["", "IfHealthyBudget", "AlwaysAllow"]
}
}
} }
} }
} }

View File

@ -95,3 +95,33 @@ networkGateway: ""
imagePullPolicy: "" imagePullPolicy: ""
imagePullSecrets: [] imagePullSecrets: []
# This value is used to configure a Kubernetes PodDisruptionBudget for the gateway.
#
# By default, the `podDisruptionBudget` is disabled (set to `{}`),
# which means that no PodDisruptionBudget resource will be created.
#
# To enable the PodDisruptionBudget, configure it by specifying the
# `minAvailable` or `maxUnavailable`. For example, to set the
# minimum number of available replicas to 1, you can update this value as follows:
#
# podDisruptionBudget:
# minAvailable: 1
#
# Or, to allow a maximum of 1 unavailable replica, you can set:
#
# podDisruptionBudget:
# maxUnavailable: 1
#
# You can also specify the `unhealthyPodEvictionPolicy` field, and the valid values are `IfHealthyBudget` and `AlwaysAllow`.
# For example, to set the `unhealthyPodEvictionPolicy` to `AlwaysAllow`, you can update this value as follows:
#
# podDisruptionBudget:
# minAvailable: 1
# unhealthyPodEvictionPolicy: AlwaysAllow
#
# To disable the PodDisruptionBudget, you can leave it as an empty object `{}`:
#
# podDisruptionBudget: {}
#
podDisruptionBudget: {}

View File

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
set -ex set -ex
. ../../scripts/lib-update.sh
#login_ecr_public
update_helm
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="gateway") | .version' Chart.yaml) export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="gateway") | .version' Chart.yaml)
helm dep update patch_chart gateway
# Patch
tar xf charts/gateway-$ISTIO_VERSION.tgz -C charts && rm -f charts/gateway-$ISTIO_VERSION.tgz
#diff -tubr charts/gateway.orig charts/gateway
patch -p0 -i zdt.patch --no-backup-if-mismatch

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio name: kubezero-istio
description: KubeZero Umbrella Chart for Istio description: KubeZero Umbrella Chart for Istio
type: application type: application
version: 0.10.1 version: 0.18.2
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -25,4 +25,4 @@ dependencies:
version: "1.72.0" version: "1.72.0"
repository: https://kiali.org/helm-charts repository: https://kiali.org/helm-charts
condition: kiali-server.enabled condition: kiali-server.enabled
kubeVersion: ">= 1.25.0" kubeVersion: ">= 1.26.0"

View File

@ -1,6 +1,6 @@
# kubezero-istio # kubezero-istio
![Version: 0.10.0](https://img.shields.io/badge/Version-0.10.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.18.2](https://img.shields.io/badge/Version-0.18.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Umbrella Chart for Istio KubeZero Umbrella Chart for Istio
@ -16,14 +16,14 @@ Installs the Istio control plane
## Requirements ## Requirements
Kubernetes: `>= 1.25.0` Kubernetes: `>= 1.26.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://istio-release.storage.googleapis.com/charts | base | 1.17.2 | | https://istio-release.storage.googleapis.com/charts | base | 1.18.2 |
| https://istio-release.storage.googleapis.com/charts | istiod | 1.17.2 | | https://istio-release.storage.googleapis.com/charts | istiod | 1.18.2 |
| https://kiali.org/helm-charts | kiali-server | 1.66.0 | | https://kiali.org/helm-charts | kiali-server | 1.72.0 |
## Values ## Values

View File

@ -1,22 +1,22 @@
# Revision 162 = 1.17 # https://grafana.com/grafana/dashboards/7645-istio-control-plane-dashboard/?tab=revisions
configmap: grafana-dashboards configmap: grafana-dashboards
gzip: true gzip: true
folder: Istio folder: Istio
condition: '.Values.istiod.telemetry.enabled' condition: '.Values.istiod.telemetry.enabled'
dashboards: dashboards:
- name: istio-control-plane - name: istio-control-plane
url: https://grafana.com/api/dashboards/7645/revisions/162/download url: https://grafana.com/api/dashboards/7645/revisions/174/download
tags: tags:
- Istio - Istio
- name: istio-mesh - name: istio-mesh
url: https://grafana.com/api/dashboards/7639/revisions/162/download url: https://grafana.com/api/dashboards/7639/revisions/174/download
tags: tags:
- Istio - Istio
- name: istio-service - name: istio-service
url: https://grafana.com/api/dashboards/7636/revisions/162/download url: https://grafana.com/api/dashboards/7636/revisions/174/download
tags: tags:
- Istio - Istio
- name: istio-workload - name: istio-workload
url: https://grafana.com/api/dashboards/7630/revisions/162/download url: https://grafana.com/api/dashboards/7630/revisions/174/download
tags: tags:
- Istio - Istio

File diff suppressed because one or more lines are too long

View File

@ -1,11 +1,14 @@
#!/bin/bash #!/bin/bash
set -ex set -ex
. ../../scripts/lib-update.sh
#login_ecr_public
update_helm
export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml) export ISTIO_VERSION=$(yq eval '.dependencies[] | select(.name=="base") | .version' Chart.yaml)
export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml) export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") | .version' Chart.yaml)
helm dep update
# Get matching istioctl # Get matching istioctl
# [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; } # [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; }

View File

@ -5,6 +5,10 @@ gateway:
{{- with index .Values "istio-ingress" "gateway" "replicaCount" }} {{- with index .Values "istio-ingress" "gateway" "replicaCount" }}
replicaCount: {{ . }} replicaCount: {{ . }}
{{- if gt (int .) 1 }}
podDisruptionBudget:
minAvailable: 1
{{- end }}
{{- end }} {{- end }}
{{- if not (index .Values "istio-ingress" "gateway" "affinity") }} {{- if not (index .Values "istio-ingress" "gateway" "affinity") }}

View File

@ -5,6 +5,10 @@ gateway:
{{- with index .Values "istio-private-ingress" "gateway" "replicaCount" }} {{- with index .Values "istio-private-ingress" "gateway" "replicaCount" }}
replicaCount: {{ . }} replicaCount: {{ . }}
{{- if gt (int .) 1 }}
podDisruptionBudget:
minAvailable: 1
{{- end }}
{{- end }} {{- end }}
{{- if not (index .Values "istio-private-ingress" "gateway" "affinity") }} {{- if not (index .Values "istio-private-ingress" "gateway" "affinity") }}

View File

@ -59,13 +59,13 @@ storage:
istio: istio:
enabled: false enabled: false
namespace: istio-system namespace: istio-system
targetRevision: 0.10.0 targetRevision: 0.18.2
istio-ingress: istio-ingress:
enabled: false enabled: false
chart: kubezero-istio-gateway chart: kubezero-istio-gateway
namespace: istio-ingress namespace: istio-ingress
targetRevision: 0.10.0 targetRevision: 0.18.2
gateway: gateway:
service: {} service: {}
@ -73,7 +73,7 @@ istio-private-ingress:
enabled: false enabled: false
chart: kubezero-istio-gateway chart: kubezero-istio-gateway
namespace: istio-ingress namespace: istio-ingress
targetRevision: 0.10.0 targetRevision: 0.18.2
gateway: gateway:
service: {} service: {}