profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/brian-avery/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Brian Avery brian-avery Red Hat Massachusetts

brian-avery/.vim 0

My .vim dotfiles and configurations.

brian-avery/agnosticd 0

Ansible Deployer for multiple Cloud Deployers

brian-avery/api 0

API definitions for the Istio project

brian-avery/bottestrepo 0

Used for testing the Istio bots

brian-avery/code-review-checklist 0

This code review checklist helps you be a more effective and efficient code reviewer.

brian-avery/community 0

Istio governance material.

brian-avery/community-operators 0

The canonical source for Kubernetes Operators that appear on OperatorHub.io, OpenShift Container Platform and OKD.

brian-avery/datasharing 0

The Leek group guide to data sharing

Pull request review commentmaistra/maistra-test-tool

Current status. Need to switch to environment variable for comparisons

+// Copyright Red Hat, Inc.+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//     http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package ossm++import (+	"strings"+	"testing"++	"github.com/maistra/maistra-test-tool/pkg/util"+)++var smcpOriginal string++func createProfiles(t *testing.T) {+	if _, err := util.Shell("cat <<EOF | kubectl apply -n %s -f - \n%s \nEOF", "openshift-operators", `{+		"apiVersion": "v1",+			"data": {+				"test1": "apiVersion: maistra.io/v1\nkind: ServiceMeshControlPlane\nmetadata:\n  name: auth-install\nspec:\n  tracing:\n    sampling: 1337\n",+				"test2": "apiVersion: maistra.io/v1\nkind: ServiceMeshControlPlane\nmetadata:\n  name: auth-install\nspec:\n  tracing:\n    sampling: 1338\n"+			},+			"kind": "ConfigMap",+			"metadata": {+				"name": "smcp-templates",+				"namespace": "openshift-operators"+			}+		}`); err != nil {+		t.Fatalf("Failed to create SMCP profiles: %s", err.Error())+	}+}++func removeProfiles(t *testing.T) {+	if _, err := util.Shell("kubectl delete -n %s configmap smcp-templates", "openshift-operators"); err != nil {+		t.Fatalf("Failed to clean up after test: %s", err.Error())+	}+}++func restoreOriginalSMCP(t *testing.T) {+	if err := util.KubeApply("istio-system", smcpV21); err != nil {+		t.Fatalf("Failed to apply SMCP: %s", err.Error())+	}+}++func TestSMCPProfile(t *testing.T) {+	t.Run("values_retrieved_from_profile", func(t *testing.T) {+		defer util.RecoverPanic(t)+		defer restoreOriginalSMCP(t)++		createProfiles(t)+		defer removeProfiles(t)++		util.Log.Info("Test that values can be retrieved from a profile")+		util.Shell(`kubectl -n %s patch --type=json smcp/basic -p='[{"op":"add","path":"/spec/profiles", "value":["default", "test1"]}]'`, "istio-system")++		_, err := util.Shell(`oc wait --for condition=Ready -n %s smcp/basic --timeout 180s`, "istio-system")+		if err != nil {+			t.Fatalf("Failed to set and SMCP with no specified profiles: %s", err.Error())+		}++		msg, _ := util.Shell(`kubectl get smcp -n %s -o yaml | grep sampling -m 1`, "istio-system")+		if !strings.Contains(msg, "test_one") {+			t.Fatalf("Failed to retrieve value from SMCP. Expected %s. Got %s", "test_one", msg)+		}+	})++	t.Run("values_override_smcp_profile", func(t *testing.T) {+		defer util.RecoverPanic(t)+		defer restoreOriginalSMCP(t)++		createProfiles(t)+		defer removeProfiles(t)++		util.Log.Info("Test that using a profile applies the smcp on top of the profile")+		util.Shell(`kubectl -n %s patch --type=json smcp/basic -p='[{"op":"add","path":"/spec/profiles", "value":["default", "test1"]}]'`, "istio-system")++		util.Shell(`kubectl -n %s patch --type=json smcp/basic -p='[{"op":"add","path":"/spec/techPreview", "value":{"sampling":"1339"}}]'`, "istio-system")+		defer util.Shell(`kubectl -n %s patch --type=json smcp/basic -p='[{"op":"add","path":"/spec/techPreview", "value":{"sampling":"test_three"}}]'`, "istio-system")++		_, err := util.Shell(`oc wait --for condition=Ready -n %s smcp/basic --timeout 180s`, "istio-system")+		if err != nil {+			t.Fatalf("Failed to set and SMCP with no specified profiles: %s", err.Error())+		}++		msg, _ := util.Shell(`kubectl get smcp -n %s -o yaml | grep maistra-test-value -m 1`, "istio-system")+		if !strings.Contains(msg, "test_three") {+			t.Fatalf("Failed to retrieve value from SMCP. Expected %s. Got %s", "test_three", msg)+		}+	})++	t.Run("no_profiles_picks_up_defaults", func(t *testing.T) {+		defer util.RecoverPanic(t)+		defer restoreOriginalSMCP(t)++		createProfiles(t)+		defer removeProfiles(t)++		util.Log.Info("Test that specifying no profile causes the SMCP to pick up the defaults (no errors)")+		util.Shell(`kubectl -n %s patch --type=json smcp/basic -p='[{"op":"replace","path":"/spec/profiles", "value":[]}]'`, "istio-system")+		_, err := util.Shell(`oc wait --for condition=Ready -n %s smcp/basic --timeout 180s`, "istio-system")+		if err != nil {+			t.Fatalf("Failed to set and SMCP with no specified profiles: %s", err.Error())+		}++	})++	/*t.Run("one_profile_specified_still_picks_up_defaults", func(t *testing.T) {

This is broken by https://issues.redhat.com/browse/OSSM-675?filter=-2

brian-avery

comment created time in 6 hours

PullRequestReviewEvent

create barnchbrian-avery/maistra-test-tool

branch : smcpTest

created branch time in 6 hours

fork brian-avery/maistra-test-tool

A Testing tool for running maistra tasks on OpenShift

fork in 6 hours

PullRequestReviewEvent

Pull request review commentistio/tools

Adding cosign to build-tools

 RUN set -eux; \     ${OUTDIR}/usr/local/google-cloud-sdk/bin/gcloud components install alpha --quiet; \     rm -rf /usr/local/google-cloud-sdk/.install/.backup +# Install cosign (for signing build artifacts) and verify signature+SHELL ["/bin/bash", "-o", "pipefail", "-c"]+RUN set -eux; \+    ${OUTDIR}/usr/local/google-cloud-sdk/bin/gsutil -q cp gs://cosign-releases/${COSIGN_VERSION}/cosign-linux-amd64 /tmp/cosign \

Advantage to this is we can verify the binary before it's installed.

stewartbutler

comment created time in 3 days

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

pull request commentistio/community

Update T&R WG Lead, alphabetize list by last name

This is correct, but https://github.com/istio/community/blob/master/org/teams.yaml should be updated as well.

ericvn

comment created time in 4 days

pull request commentistio/istio

[release-1.11] Env Var allowing proxies to utilize OS CA Cert (#33472)

The cherrypick confused me at first as well. This was originally merged into master in https://github.com/istio/istio/pull/33472. This adds it to 1.11.

The goal in the original design doc for this was to ship it in 1.9 and 1.10. In that time, 1.11 was published and it makes sense to me to merge it here as well.

This behavior is also disabled by default and must be enabled using the VERIFY_CERTIFICATE_AT_CLIENT flag.

Kmoneal

comment created time in 7 days

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

PR opened maistra/prometheus

Maistra 2.1 4.7

I've updated maistra/prometheus/maistra-2.1 to match the OpenShift release-4.7 branch. This cherrypicks all of our Prometheus commits on top of that. In the process:

XNS Informers has replaced the multilistwatcher code lots of dependencies have been updated in go.mod The SimonPasquier logging library that Prometheus uses is not compatible with the Kubernetes logger that Istio uses (they implement different interfaces). It's hacky, but the best solution I could find was to create an adapter to satisfy the interfaces. See logwrapper.go for more detail To test this, I've deployed a 2.1 control plane with bookinfo, pushed traffic through and confirmed that I'm able to fetch metrics using the Prometheus UI. I then updated this to my image containing these changes and pushed more traffic through, again confirming that it shows up on the Prometheus UI

The multitenancy commit didn't apply cleanly (refactoring of discovery.go and manager.go), but switching to XNS informers helped. Other issues where go.mod had to be massaged. This picks up 2 years worth of Prometheus commits as well.

Make test detects leaks in:

klog-v2 -- known issue here gorutine leak during tests kubernetes/client-go#900 and here go routine created on flush logs has a leak. kubernetes/klog#188 go.opencensus.io -- known issue here goroutine leak detected census-instrumentation/opencensus-go#1191 The go.census issue lists a workaround that I will add to our code.

+463483 -19398

0 comment

2409 changed files

pr created time in 14 days

Pull request review commentmaistra/prometheus

[MAISTRA-2096] Update Prometheus to 2.24 (OpenShift 4.7 version)

 func (d *Discovery) Run(ctx context.Context, ch chan<- []*targetgroup.Group) { 			go eps.podInf.Run(ctx.Done()) 		} 	case RoleEndpoint:-		for _, namespace := range namespaces {-			e := d.client.CoreV1().Endpoints(namespace)-			elw := &cache.ListWatch{-				ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {-					options.FieldSelector = d.selectors.endpoints.field

Thanks. All of the Prometheus tests as well as my own manual testing are passing right now. Lets merge for now and we can optimize for that in the future. That would probably make future merges easier if the code changes.

brian-avery

comment created time in 14 days

PullRequestReviewEvent
PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentmaistra/prometheus

[MAISTRA-2096] Update Prometheus to 2.24 (OpenShift 4.7 version)

 func (d *Discovery) Run(ctx context.Context, ch chan<- []*targetgroup.Group) { 			go eps.podInf.Run(ctx.Done()) 		} 	case RoleEndpoint:-		for _, namespace := range namespaces {-			e := d.client.CoreV1().Endpoints(namespace)-			elw := &cache.ListWatch{-				ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {-					options.FieldSelector = d.selectors.endpoints.field-					options.LabelSelector = d.selectors.endpoints.label-					return e.List(ctx, options)-				},-				WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {-					options.FieldSelector = d.selectors.endpoints.field-					options.LabelSelector = d.selectors.endpoints.label-					return e.Watch(ctx, options)-				},-			}-			s := d.client.CoreV1().Services(namespace)-			slw := &cache.ListWatch{-				ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {-					options.FieldSelector = d.selectors.service.field-					options.LabelSelector = d.selectors.service.label-					return s.List(ctx, options)-				},-				WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {-					options.FieldSelector = d.selectors.service.field-					options.LabelSelector = d.selectors.service.label-					return s.Watch(ctx, options)-				},-			}-			p := d.client.CoreV1().Pods(namespace)-			plw := &cache.ListWatch{-				ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {-					options.FieldSelector = d.selectors.pod.field-					options.LabelSelector = d.selectors.pod.label-					return p.List(ctx, options)-				},-				WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {-					options.FieldSelector = d.selectors.pod.field-					options.LabelSelector = d.selectors.pod.label-					return p.Watch(ctx, options)-				},-			}-			eps := NewEndpoints(-				log.With(d.logger, "role", "endpoint"),-				cache.NewSharedInformer(slw, &apiv1.Service{}, resyncPeriod),-				cache.NewSharedInformer(elw, &apiv1.Endpoints{}, resyncPeriod),-				cache.NewSharedInformer(plw, &apiv1.Pod{}, resyncPeriod),-			)-			d.discoverers = append(d.discoverers, eps)-			go eps.endpointsInf.Run(ctx.Done())-			go eps.serviceInf.Run(ctx.Done())-			go eps.podInf.Run(ctx.Done())+		if d.memberRollController != nil {+			d.memberRollController.Register(kubeFactory, "kubernetes-informers") 		}+		epInformer := kubeFactory.Core().V1().Endpoints().Informer()+		svcInformer := kubeFactory.Core().V1().Services().Informer()+		pInformer := kubeFactory.Core().V1().Pods().Informer()+		eps := NewEndpoints(+			log.With(d.logger, "role", "endpoint"),+			svcInformer,+			epInformer,+			pInformer,+		)+		d.discoverers = append(d.discoverers, eps)+		go eps.endpointsInf.Run(ctx.Done())+		go eps.serviceInf.Run(ctx.Done())+		go eps.podInf.Run(ctx.Done())

Done. Thanks.

brian-avery

comment created time in 14 days

pull request commentmaistra/prometheus

[MAISTRA-2096] Update Prometheus to 2.24 (OpenShift 4.7 version)

/test prometheus-test

brian-avery

comment created time in 14 days

push eventbrian-avery/prometheus

Brian Avery

commit sha 141e90fb5d7c2dcbef1794597779dc2ef3354e69

Remove mergify

view details

Brian Avery

commit sha 11e4f080e49ddf996e6ad7a6fdf45d7e05d89be3

PR comments

view details

Brian Avery

commit sha 9c448e1915dc3853ea16d72766e88ca043db7ef3

Merge branch 'maistra-2.1-4.7' of https://github.com/brian-avery/prometheus into maistra-2.1-4.7

view details

push time in 14 days

PR closed istio/bots

Update README.md size/XS cla: yes area/test and release kind/docs area/environments area/networking area/perf and scalability area/security area/user experience
  • [x] Configuration Infrastructure
  • [x] Docs
  • [x] Installation
  • [x] Networking
  • [x] Performance and Scalability
  • [x] Policies and Telemetry
  • [x] Security
  • [x] Test and Release
  • [x] User Experience
  • [x] Developer Infrastructure
+1 -1

2 comments

1 changed file

brian-avery

pr closed time in 14 days

PullRequestReviewEvent

push eventbrian-avery/tools

Brian Avery

commit sha c88d7ca21bbfcbb84d4aeadd4ff80f05e230fdca

Add docs evaluation tooling

view details

push time in 15 days

push eventbrian-avery/tools

Brian Avery

commit sha c7871ffd754fa7f461b0485f2a85ede0e97eea81

Add docs evaluation tooling

view details

push time in 15 days