Istio minor version bump
This commit is contained in:
parent
9ca8920387
commit
fc45e7fd0b
@ -2,8 +2,8 @@ apiVersion: v2
|
||||
name: kubezero-istio-ingress
|
||||
description: KubeZero Umbrella Chart for Istio based Ingress
|
||||
type: application
|
||||
version: 0.1.1
|
||||
appVersion: 1.8.1
|
||||
version: 0.1.2
|
||||
appVersion: 1.8.2
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
@ -1,7 +1,7 @@
|
||||
# Make sure these values match kuberzero-istio !!!
|
||||
global:
|
||||
hub: docker.io/istio
|
||||
tag: 1.8.1
|
||||
tag: 1.8.2
|
||||
|
||||
logAsJson: true
|
||||
jwtPolicy: first-party-jwt
|
||||
|
@ -2,8 +2,8 @@ apiVersion: v2
|
||||
name: kubezero-istio
|
||||
description: KubeZero Umbrella Chart for Istio
|
||||
type: application
|
||||
version: 0.4.1
|
||||
appVersion: 1.8.1
|
||||
version: 0.4.2
|
||||
appVersion: 1.8.2
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
@ -3048,7 +3048,6 @@ spec:
|
||||
- CUSTOM
|
||||
type: string
|
||||
provider:
|
||||
description: Specifies detailed configuration of the CUSTOM action.
|
||||
properties:
|
||||
name:
|
||||
description: Specifies the name of the extension provider.
|
||||
|
@ -3050,7 +3050,6 @@ spec:
|
||||
- CUSTOM
|
||||
type: string
|
||||
provider:
|
||||
description: Specifies detailed configuration of the CUSTOM action.
|
||||
properties:
|
||||
name:
|
||||
description: Specifies the name of the extension provider.
|
||||
@ -3537,7 +3536,9 @@ rules:
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
|
||||
# istio configuration
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io"]
|
||||
# removing CRD permissions can break older versions of Istio running alongside this control plane (https://github.com/istio/istio/issues/29382)
|
||||
# please proceed with caution
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io", "rbac.istio.io"]
|
||||
verbs: ["get", "watch", "list"]
|
||||
resources: ["*"]
|
||||
- apiGroups: ["networking.istio.io"]
|
||||
@ -3621,6 +3622,7 @@ rules:
|
||||
- "security.istio.io"
|
||||
- "networking.istio.io"
|
||||
- "authentication.istio.io"
|
||||
- "rbac.istio.io"
|
||||
resources: ["*"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
|
@ -17,11 +17,13 @@ rules:
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
|
||||
# istio configuration
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io"]
|
||||
# removing CRD permissions can break older versions of Istio running alongside this control plane (https://github.com/istio/istio/issues/29382)
|
||||
# please proceed with caution
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io", "rbac.istio.io"]
|
||||
verbs: ["get", "watch", "list"]
|
||||
resources: ["*"]
|
||||
{{- if .Values.global.istiod.enableAnalysis }}
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io"]
|
||||
- apiGroups: ["config.istio.io", "security.istio.io", "networking.istio.io", "authentication.istio.io", "rbac.istio.io"]
|
||||
verbs: ["update"]
|
||||
# TODO: should be on just */status but wildcard is not supported
|
||||
resources: ["*"]
|
||||
@ -115,6 +117,7 @@ rules:
|
||||
- "security.istio.io"
|
||||
- "networking.istio.io"
|
||||
- "authentication.istio.io"
|
||||
- "rbac.istio.io"
|
||||
resources: ["*"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: [""]
|
||||
|
@ -108,10 +108,18 @@ spec:
|
||||
value: |
|
||||
{}
|
||||
vm_config:
|
||||
{{- if .Values.telemetry.v2.metadataExchange.wasmEnabled }}
|
||||
runtime: envoy.wasm.runtime.v8
|
||||
allow_precompiled: true
|
||||
code:
|
||||
local:
|
||||
filename: /etc/istio/extensions/metadata-exchange-filter.compiled.wasm
|
||||
{{- else }}
|
||||
runtime: envoy.wasm.runtime.null
|
||||
code:
|
||||
local:
|
||||
inline_string: envoy.wasm.metadata_exchange
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: EnvoyFilter
|
||||
@ -339,10 +347,18 @@ spec:
|
||||
{{- end }}
|
||||
vm_config:
|
||||
vm_id: stats_outbound
|
||||
{{- if .Values.telemetry.v2.prometheus.wasmEnabled }}
|
||||
runtime: envoy.wasm.runtime.v8
|
||||
allow_precompiled: true
|
||||
code:
|
||||
local:
|
||||
filename: /etc/istio/extensions/stats-filter.compiled.wasm
|
||||
{{- else }}
|
||||
runtime: envoy.wasm.runtime.null
|
||||
code:
|
||||
local:
|
||||
inline_string: envoy.wasm.stats
|
||||
{{- end }}
|
||||
---
|
||||
# Note: tcp stats filter is wasm enabled only in sidecars.
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
@ -502,14 +518,20 @@ spec:
|
||||
{{- end }}
|
||||
vm_config:
|
||||
vm_id: tcp_stats_outbound
|
||||
{{- if .Values.telemetry.v2.prometheus.wasmEnabled }}
|
||||
runtime: envoy.wasm.runtime.v8
|
||||
allow_precompiled: true
|
||||
code:
|
||||
local:
|
||||
filename: /etc/istio/extensions/stats-filter.compiled.wasm
|
||||
{{- else }}
|
||||
runtime: envoy.wasm.runtime.null
|
||||
code:
|
||||
local:
|
||||
inline_string: "envoy.wasm.stats"
|
||||
---
|
||||
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- end }}
|
||||
{{- if .Values.telemetry.v2.stackdriver.enabled }}
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: EnvoyFilter
|
||||
@ -629,7 +651,6 @@ spec:
|
||||
code:
|
||||
local: { inline_string: envoy.wasm.null.stackdriver }
|
||||
---
|
||||
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: EnvoyFilter
|
||||
metadata:
|
||||
|
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
export ISTIO_VERSION=1.8.1
|
||||
export ISTIO_VERSION=1.8.2
|
||||
|
||||
if [ ! -d istio-$ISTIO_VERSION ]; then
|
||||
NAME="istio-$ISTIO_VERSION"
|
||||
|
@ -1,6 +1,6 @@
|
||||
global:
|
||||
hub: docker.io/istio
|
||||
tag: 1.8.0
|
||||
tag: 1.8.2
|
||||
|
||||
logAsJson: true
|
||||
jwtPolicy: first-party-jwt
|
||||
|
Loading…
Reference in New Issue
Block a user