diff --git a/charts/kubezero-istio/README.md b/charts/kubezero-istio/README.md index 2079ded..945ea5c 100644 --- a/charts/kubezero-istio/README.md +++ b/charts/kubezero-istio/README.md @@ -32,19 +32,19 @@ Kubernetes: `>= 1.20.0` | global.defaultPodDisruptionBudget.enabled | bool | `false` | | | global.logAsJson | bool | `true` | | | global.priorityClassName | string | `"system-cluster-critical"` | | -| global.tag | string | `"1.11.5-distroless"` | | -| istio-discovery.meshConfig.accessLogEncoding | string | `"JSON"` | | -| istio-discovery.meshConfig.accessLogFile | string | `"/dev/stdout"` | | -| istio-discovery.meshConfig.tcpKeepalive.interval | string | `"60s"` | | -| istio-discovery.meshConfig.tcpKeepalive.time | string | `"120s"` | | -| istio-discovery.pilot.autoscaleEnabled | bool | `false` | | -| istio-discovery.pilot.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | -| istio-discovery.pilot.replicaCount | int | `1` | | -| istio-discovery.pilot.resources.requests.cpu | string | `"100m"` | | -| istio-discovery.pilot.resources.requests.memory | string | `"128Mi"` | | -| istio-discovery.pilot.tolerations[0].effect | string | `"NoSchedule"` | | -| istio-discovery.pilot.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | -| istio-discovery.telemetry.enabled | bool | `false` | | +| global.tag | string | `"1.13.3-distroless"` | | +| istiod.meshConfig.accessLogEncoding | string | `"JSON"` | | +| istiod.meshConfig.accessLogFile | string | `"/dev/stdout"` | | +| istiod.meshConfig.tcpKeepalive.interval | string | `"60s"` | | +| istiod.meshConfig.tcpKeepalive.time | string | `"120s"` | | +| istiod.pilot.autoscaleEnabled | bool | `false` | | +| istiod.pilot.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | +| istiod.pilot.replicaCount | int | `1` | | +| istiod.pilot.resources.requests.cpu | string | `"100m"` | | +| istiod.pilot.resources.requests.memory | string | `"128Mi"` | | +| istiod.pilot.tolerations[0].effect | string | `"NoSchedule"` | | +| istiod.pilot.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | +| istiod.telemetry.enabled | bool | `false` | | | kiali-server.auth.strategy | string | `"anonymous"` | | | kiali-server.deployment.ingress_enabled | bool | `false` | | | kiali-server.deployment.view_only_mode | bool | `true` | | diff --git a/charts/kubezero-istio/templates/grafana-dashboards.yaml b/charts/kubezero-istio/templates/grafana-dashboards.yaml index 687b357..1e63b28 100644 --- a/charts/kubezero-istio/templates/grafana-dashboards.yaml +++ b/charts/kubezero-istio/templates/grafana-dashboards.yaml @@ -1,4 +1,4 @@ -{{- if .Values.istiod.telemetry.enabled }} +{{- if index .Values "istio-discovery" "telemetry" "enabled" }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/kubezero-istio/update.sh b/charts/kubezero-istio/update.sh index 65c5a38..334a733 100755 --- a/charts/kubezero-istio/update.sh +++ b/charts/kubezero-istio/update.sh @@ -9,29 +9,18 @@ export KIALI_VERSION=$(yq eval '.dependencies[] | select(.name=="kiali-server") helm dep update -exit 0 - # Patch #exit 0 #diff -tubr istio istio.zdt/ -patch -p0 -i zdt.patch --no-backup-if-mismatch - -### Create kubezero istio charts - -# remove previous charts -rm -rf charts/base charts/istio-* - -# create istio main chart -cp -r istio/manifests/charts/base charts/ -cp -r istio/manifests/charts/istio-control/istio-discovery charts/ +#patch -p0 -i zdt.patch --no-backup-if-mismatch # Create ingress charts -rm -rf ../kubezero-istio-ingress/charts/istio-* -cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/ -cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/istio-private-ingress +#rm -rf ../kubezero-istio-ingress/charts/istio-* +#cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/ +#cp -r istio/manifests/charts/gateways/istio-ingress ../kubezero-istio-ingress/charts/istio-private-ingress # Rename private chart -sed -i -e 's/name: istio-ingress/name: istio-private-ingress/' ../kubezero-istio-ingress/charts/istio-private-ingress/Chart.yaml +#sed -i -e 's/name: istio-ingress/name: istio-private-ingress/' ../kubezero-istio-ingress/charts/istio-private-ingress/Chart.yaml # Get matching istioctl [ -x istioctl ] && [ "$(./istioctl version --remote=false)" == $ISTIO_VERSION ] || { curl -sL https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istioctl-${ISTIO_VERSION}-linux-amd64.tar.gz | tar xz; chmod +x istioctl; } diff --git a/charts/kubezero-istio/values.yaml b/charts/kubezero-istio/values.yaml index 2401445..54b0d91 100644 --- a/charts/kubezero-istio/values.yaml +++ b/charts/kubezero-istio/values.yaml @@ -1,6 +1,6 @@ global: # hub: docker.io/istio - tag: 1.11.5-distroless + tag: 1.13.3-distroless logAsJson: true @@ -16,8 +16,6 @@ istiod: nodeSelector: node-role.kubernetes.io/control-plane: "" - - # Not implemented, monkey patched in the chart itself tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master diff --git a/charts/kubezero-istio/zdt.patch b/charts/kubezero-istio/zdt.patch index 03169f1..638faf4 100644 --- a/charts/kubezero-istio/zdt.patch +++ b/charts/kubezero-istio/zdt.patch @@ -65,16 +65,3 @@ diff -tubr istio/manifests/charts/gateways/istio-ingress/templates/service.yaml {{ range $app := $gateway.ingressPorts }} - -diff -tubr istio/manifests/charts/istio-control/istio-discovery/templates/deployment.yaml istio.zdt/manifests/charts/istio-control/istio-discovery/templates/deployment.yaml ---- istio/manifests/charts/istio-control/istio-discovery/templates/deployment.yaml 2021-07-15 07:32:30.000000000 +0200 -+++ istio.zdt/manifests/charts/istio-control/istio-discovery/templates/deployment.yaml 2021-08-10 15:46:23.216421660 +0200 -@@ -60,6 +60,9 @@ - {{- end }} - securityContext: - fsGroup: 1337 -+ tolerations: -+ - effect: NoSchedule -+ key: node-role.kubernetes.io/master - containers: - - name: discovery - {{- if contains "/" .Values.pilot.image }}