profile
viewpoint
Shane Utt shaneutt Michigan https://shaneutt.com Senior Software Engineer - Kubernetes @ D2IQ

mesosphere-backup/kubeaddons-configs 7

DEPRECATED: konvoy addons (see https://github.com/mesosphere/kubernetes-base-addons instead)

shaneutt/buffalo-kubernetes-security-middleware 2

Kubernetes security middleware for GoBuffalo

joejulian/gspdy 0

A hack of gorilla/websocket to see if I can do the same for spdy

joejulian/oxy 0

Go middlewares for HTTP servers & proxies

joejulian/traefik 0

The Cloud Native Edge Router

shaneutt/actix 0

Actor framework for Rust

shaneutt/actix-web 0

Actix web is a small, pragmatic, and extremely fast web framework for Rust.

shaneutt/addon-operator 0

A system to manage additional components for Kubernetes cluster in a simple, consistent and automated way.

shaneutt/ags 0

AGS editor and engine source code

shaneutt/akrobateo 0

Akrobateo is a simple Kubernetes operator to expose in-cluster LoadBalancer services as node hostPorts using DaemonSets.

startedrustacean-station/rustacean-station.org

started time in 6 hours

startedthinkst/opencanary

started time in 18 days

startedtsgates/rust.ko

started time in 21 days

startedbawejakunal/Intercept-System-Calls

started time in 21 days

pull request commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

thanks @shaneutt for the rebase the continuous-integration/teamcity build will fail as it tries to run go test still, which are present in master branch. Once this PR is in master, we should copy the KIND 1.17.5 build command of make kind-test

Yep, makes sense to me. Thanks for doing this work this is great!

Ready to merge, needs one more review from @mesosphere/sig-ksphere-catalog, @nfnt or @juliangieseke

zmalik

comment created time in a month

pull request commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

@zmalik it looks like dispatch was not suppose to be configured here yet. I have disabled it, you may want to rebase and squash some of the commits here now but everything should be :+1: once TC is done.

zmalik

comment created time in a month

push eventmesosphere/kubeaddons-enterprise

Zain Malik

commit sha 76199387734bb864d6691dd74c5fed8dc9b696c0

add zookeeper test using kuttl

view details

Zain Malik

commit sha fffdd02c9356dbc1c15720b467dd18fb10bda550

migrate all tests to kuttl

view details

Zain Malik

commit sha daa253c6039ead25c7f175cc9cd98dc0d97790cc

bump tests versions

view details

Zain Malik

commit sha c9c0620adfd1ecb38deac6f86f71d32da3bb694b

add mkdir dist

view details

Zain Malik

commit sha c9a008e67d9494327300a71d50717ddf7df55757

workaround for kubeaddons update bug

view details

Zain Malik

commit sha 3c4af201de71b6065fae74f36b4c71b896a0b323

remove operatorversion assert

view details

Zain Malik

commit sha 434576ae95d2749c62b77c27fdfcb166b0326a18

remove operatorversion workaround

view details

Zain Malik

commit sha 1a6e15c98f24b20d6fd6cdb1d2770f86fc46a018

increase timeout and decrease parallel tests

view details

Zain Malik

commit sha e7c27beca8f7f3a378e78d2ca6ba5a5b0b2229e5

remove SC manifest and use latest kind

view details

Zain Malik

commit sha 4021b389158df29e2204602426a3bcacf2f2f059

use kubernetes version 1.17.5 by default

view details

Zain Malik

commit sha 8da755c777b2f4eb86e084b3965916a1309cb166

add docs to CONTRIBUTING.md

view details

push time in a month

pull request commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

I'm reaching out in slack to try and get us some dispatch help.

zmalik

comment created time in a month

push eventgracedo/charts

Grace Do

commit sha 58a70488a420c60dd83fda339dfaf5fbeeed767e

chore: Modify kommander codeowners, add kubecost codeowners (#576)

view details

Shane Utt

commit sha 7b189ef4ba3a976a14ed15291ca8bd89547bd4f4

Merge branch 'master' into gracedo/grafana_clusterid_label_D2IQ-65414

view details

push time in a month

startedkadalu/kadalu

started time in a month

push eventgracedo/charts

Jared Rodriguez

commit sha 05430652f362459dd360e80c69f6898df75a52c6

fix(dka): D2IQ-67949 (#570) the context name should be profileName-clusterHostname Co-authored-by: Sebastian Brandt <sbrandt@d2iq.com>

view details

Shane Utt

commit sha 2f23c924869d9b71175a8cfa807e0b2d143c4f79

Merge branch 'master' into gracedo/kommander_upgrade_thanos_D2IQ-67855

view details

push time in a month

Pull request review commentmesosphere/charts

kommander-thanos: Upgrade thanos

 dependencies:   - name: thanos-    version: 0.3.9+    version: 0.3.20

Just double checking, we are jumping 11 versions yes? Have we done a spot check test to make sure that things look solid when doing this upgrade?

gracedo

comment created time in a month

Pull request review commentmesosphere/charts

kommander-thanos: Upgrade thanos

 thanos:     enabled: false   bucket:     enabled: false+  rule:

Just for my own edification what are we doing here?

gracedo

comment created time in a month

pull request commentistio/istio.io

Add Kind Example

@shaneutt If you are willing to write a test, I'm OK with putting it in the examples section, at least initially. If we end up restructuring the examples section in the future, it might have to be moved, but having a test that confirms it's working as written will always be great, even if it moves to blog (which have no guarantees) or moves somewhere else entirely. Eventually, some kind of "certified working" stamp on documents, based on the test: true attribute is our goal for docs on the site, regardless of where they live.

This sounds good to me, thank you @frankbu :+1:

For the moment I'm going to close this as I don't have cycles to do this in the next several days, but the intention will be to open/re-open in the future with the tests.

Thanks again everyone involved for your time. :)

shaneutt

comment created time in a month

PR closed istio/istio.io

Reviewers
Add Kind Example cla: yes kind/docs ok-to-test size/L

The purpose of this PR is to add an example of deploying Istio in KIND for testing Istio. The example covers using a LoadBalancer type Service in this environment as well as setting up certificates and configuring Istio gateways with SSL.

+391 -0

29 comments

2 changed files

shaneutt

pr closed time in a month

pull request commentistio/istio.io

Add Kind Example

I'm thinking that maybe option 1 is the easiest, and we can look at also doing number 3, where this blog would then be one of the links. Let me know what you guys think.

Also, most importantly, the article still needs to be updated to make sure it works with Istio 1.6, which will be the target for publishing it.

@frankbu Your comment seems to suggest that you would prefer 1 or 3, but personally I am in favor of number 2, updating this for 1.6 and then adding the necessary tests. What are your thoughts?

shaneutt

comment created time in a month

pull request commentistio/istio.io

Add Kind Example

/retest

shaneutt

comment created time in a month

pull request commentmesosphere/kubeaddons-enterprise

feat: add kudo generic application operator addon

@natmegs from CI:

[Step 1/1]     TestValidateUnhandledAddons: addons_test.go:90: the following addons are not handled as part of a testing group: [ generic-application-operator]

New addons need to have tests added for them for CI to pass. Let @mesosphere/sig-ksphere-catalog know if you have any questions or need any assistance in this regard.

natmegs

comment created time in a month

push eventmesosphere/kubeaddons-kommander

Julian Gieseke

commit sha dcbb2146dae10e175a58bed0055aaaf0e9f6c545

chore: remove kubernetes version overrride

view details

push time in a month

pull request commentmesosphere/kubeaddons-kommander

[1.0.x] Kommander 1.0.1 bits n pieces

@juliangieseke this is marked as wip but it looks ready is it ready?

juliangieseke

comment created time in a month

delete branch mesosphere/kubeaddons-kommander

delete branch : jg/k8s-versions

delete time in a month

push eventmesosphere/kubeaddons-kommander

Sebastian Brandt

commit sha 59d9e469474f3636dc8856e2c1a33596c2459829

chore: bump kommander chart version - new version 0.6.16 [D2IQ-67881] #comment kubeaddons-kommander updated [D2IQ-67881]: https://jira.d2iq.com/browse/D2IQ-67881

view details

Sebastian Brandt

commit sha 9a1c965ad279b96e919b517f9af368d02694ae21

Update addons/kommander/1.1.x/kommander.yaml Co-Authored-By: Julian Gieseke <juliangieseke@users.noreply.github.com>

view details

Shane Utt

commit sha 40809545ea4325d4e9c5a3b74ff9954850d529a2

Merge branch 'master' into jg/release-docs

view details

push time in a month

pull request commentmesosphere/kubeaddons-kommander

document current release steps and add step by step guides

Checking in on this one

juliangieseke

comment created time in a month

delete branch mesosphere/kubeaddons-enterprise

delete branch : dependabot/go_modules/test/sigs.k8s.io/kind-0.8.1

delete time in a month

PR closed mesosphere/kubeaddons-enterprise

Bump sigs.k8s.io/kind from 0.7.0 to 0.8.1 in /test dependencies

Bumps sigs.k8s.io/kind from 0.7.0 to 0.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kubernetes-sigs/kind/releases">sigs.k8s.io/kind's releases</a>.</em></p> <blockquote> <h2>v0.8.1</h2> <p><strong>This is a tiny patch release to pick up the fix for <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1544">Can't create ipv4 clusters if ipv6 is disabled at kernel level</a>.</strong></p> <p><strong>For full release notes please see <a href="https://github.com/kubernetes-sigs/kind/releases/tag/v0.8.0">v0.8.0</a>.</strong></p> <p><strong>Most users will not need to upgrade to this release, this bug is only known to occur on hosts with the <code>ipv6.disable=1</code> kernel parameter.</strong></p> <h2>v0.8.0</h2> <p><code>v0.8.0</code> Most importantly brings persistent clusters that automatically come back up after <code>dockerd</code> / host restarts. It also brings a number of fixes to networking in general, experimental <code>podman</code> backend support, improved failure output, and more.</p> <h1 id="breaking-changes">Breaking Changes</h1> <ul> <li>The default node image is a Kubernetes <code>v1.18.2</code> image: <code>kindest/node:v1.18.2@sha256:7b27a6d0f2517ff88ba444025beae41491b016bc6af573ba467b70c5e8e0d85f</code></li> <li><strong>KIND <code>v0.8.0</code> requires node images built with <code>v0.8.0+</code></strong>. <ul> <li>These new images should be mostly backwards compatible for kind <code>v0.5.0+</code></li> </ul> </li> <li><strong>The default docker network for nodes is now <code>kind</code> instead of the default docker bridge</strong> <ul> <li>This enabled <em>many</em> fixes, however if you were running things alongside kind you may need to pass <code>--net=kind</code></li> <li>Your host DNS resolver should just work now :tm: in many cases</li> <li>IPv6 clusters no longer require modifying docker daemon config</li> <li>Docker networks must have a free IPv6 /64 in the [ULA] range, that is you may not create other docker networks consuming the entire ULA range. You can work around this by precreating the <code>kind</code> network with some totally other range if you wish.</li> </ul> </li> <li>You may need to migrate to the new <code>featureGates</code> config field when setting feature gates, this should be easier to use though!</li> </ul> <p><strong>NOTE</strong>: If you've been experimenting with kind > v0.7.0 installed from <code>HEAD</code>, you may need to <code>docker network rm kind</code> before creating IPv6 clusters.</p> <h1 id="new-features">New Features</h1> <ul> <li>Clusters should not be broken by dockerd restarts / restarting your host!</li> <li>Host DNS should just work :tm:</li> <li>IPv6 Clusters no longer require modifying docker daemon settings</li> <li>Kubernetes 1.18+ should work on hosts using the iptables nft backend</li> <li><code>kind delete clusters --all</code> for deleting all your clusters</li> <li>New top level <code>featureGates</code> field in Cluster config for enabling feature gates</li> <li>Upgraded dependencies broadly, including library packages, go, containerd, CNI, etc...</li> <li><code>NO_COLOR</code> ([no-color.org]) support</li> <li><em>Experimental</em> <code>podman</code> support <ul> <li>These clusters do <strong>not</strong> survive host reboots</li> <li>Requires rootful mode</li> <li>Experimental</li> </ul> </li> <li>Improved output on failures, including command output without needing to set <code>-v</code></li> <li>Experimentally cross-building the base image for AMD64 + ARM by default</li> <li>More Documentation! Guide to working with KIND offline, Ingress and more!</li> <li>New download host and experimental nightly builds</li> <li>Support for Dynamic PV in Kubernetes 1.11.X</li> <li>New top level <code>featureGates</code> config option for controlling cluster featuregates</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kubernetes-sigs/kind/commit/1170b6b2e2bded824a246bb85b128ceb22e69511"><code>1170b6b</code></a> version v0.8.1</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/e1388af6bb24b253bd18273f3fab8232aa51b8f0"><code>e1388af</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1545">#1545</a> from BenTheElder/ipv6-whee</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/903ad95c0cf8321fb78725f397efea2afd33b3a5"><code>903ad95</code></a> handle hosts that cannot create ipv6 networks by falling back to ipv4 only</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/1a93b0d1a7f22b89d381e873a3e7d4e8f2279969"><code>1a93b0d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1542">#1542</a> from BenTheElder/fix-registry</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/e05fb155ae41c87fc85597afaaf91ad3189335c7"><code>e05fb15</code></a> add tilt docs link</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/daa1c81eecff2683038bdecd40933ed5c16444fd"><code>daa1c81</code></a> simplify script for v0.8</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/4f9eca2de30c3da021a56217abdf5e339ca117aa"><code>4f9eca2</code></a> annotate nodes for tilt</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/ab3205d817c663dc7d35e408cc705ebc495c38ec"><code>ab3205d</code></a> fix kind-with-registry for v0.8</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/38f9bf5046a718d25d2aa0c547656d345acc9fa9"><code>38f9bf5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1528">#1528</a> from ameukam/update-base-image</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/ea8bec834171aeb4e6d49d62c1edb42f77aaade0"><code>ea8bec8</code></a> bump base image</li> <li>Additional commits viewable in <a href="https://github.com/kubernetes-sigs/kind/compare/v0.7.0...v0.8.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+22 -1

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentmesosphere/kubeaddons-enterprise

Bump sigs.k8s.io/kind from 0.7.0 to 0.8.1 in /test

We're not yet ready to update Kind, follow up is D2IQ-68123

dependabot-preview[bot]

comment created time in a month

delete branch mesosphere/kubeaddons-enterprise

delete branch : dependabot/go_modules/test/github.com/mesosphere/kubeaddons-0.14.1

delete time in a month

PR closed mesosphere/kubeaddons-enterprise

Bump github.com/mesosphere/kubeaddons from 0.13.0 to 0.14.1 in /test dependencies

Bumps github.com/mesosphere/kubeaddons from 0.13.0 to 0.14.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mesosphere/kubeaddons/releases">github.com/mesosphere/kubeaddons's releases</a>.</em></p> <blockquote> <h2>v0.14.1</h2> <h1>Minor Changes</h1> <ul> <li>fix: use labels for priority (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/842">#842</a>)</li> </ul> <h2>v0.14.0</h2> <h1>Dependency Updates</h1> <ul> <li>Bump github.com/kudobuilder/kudo from 0.11.1 to 0.12.0 (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/820">#820</a>)</li> <li>Bump k8s.io/helm from 2.16.5+incompatible to 2.16.6+incompatible (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/819">#819</a>)</li> </ul> <h1>Minor Changes</h1> <ul> <li>remove KUDO operator version from updates (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/830">#830</a>)</li> <li>Check for service unavailable when getting Helm status (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/826">#826</a>)</li> <li>Have the dispatch tests run on pull requests (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/821">#821</a>)</li> <li>Dispatch to kubeaddons (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/754">#754</a>)</li> <li>Fix 'run.kind' make target; fix builds on macOS (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/817">#817</a>)</li> <li>Run 'make manifests' to update 'role.yaml' (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/833">#833</a>)</li> <li>fix: make integration tests idempotent (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/840">#840</a>)</li> <li>chore: adds GINKGO_FOCUS and some testing documentation additions (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/837">#837</a>)</li> <li>chore: don't fail on NoErrAlreadyUpToDate when fetching (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/838">#838</a>)</li> <li>fix: make integration tests actually use fresh image (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/836">#836</a>)</li> <li>fix: Fail if addon release is not found in helm output list (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/827">#827</a>)</li> </ul> <h1>Major Changes</h1> <ul> <li>feat: Implement composite addon values (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/834">#834</a>)</li> <li>Add ValuesRemap to ChartReference spec (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/831">#831</a>)</li> <li>Add AddonCompositeValues feature flag (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/828">#828</a>)</li> </ul> <h1>Breaking Changes</h1> <p>None</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mesosphere/kubeaddons/commit/2005767b96423dbb33051ffe9ea37de1dc8fd58d"><code>2005767</code></a> fix: use labels for priority (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/842">#842</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/fa3b2db755d2ba4e01817b16cb2eb421984754ff"><code>fa3b2db</code></a> chore: publish master tag for testing (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/841">#841</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/c271cad3caa78a67b6615b3aca9a0159ae9ce39b"><code>c271cad</code></a> feat: Implement composite addon values (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/834">#834</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/90847148f6d2f5d7c6aca6a5fa71a813e4244fcf"><code>9084714</code></a> fix: make integration tests idempotent (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/840">#840</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/43f56d4880533625ab28069e7219667288f04f70"><code>43f56d4</code></a> chore: adds GINKGO_FOCUS and some testing documentation additions (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/837">#837</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/6adc3fc8570a5f4737f874de97801ac010ff878e"><code>6adc3fc</code></a> chore: don't fail on NoErrAlreadyUpToDate when fetching (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/838">#838</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/012e791b909c139850d16427570aa1fa3b69c6c5"><code>012e791</code></a> fix: make integration tests actually use fresh image (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/836">#836</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/c9049e7b607707f2dbcd9716d851acd822b027cd"><code>c9049e7</code></a> fix: Fail if addon release is not found in helm output list (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/827">#827</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/ebf9a51d3fd94f64930964c985dc23bd0924b2ed"><code>ebf9a51</code></a> Add ValuesRemap to ChartReference spec (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/831">#831</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/6be587303012ac1c494db351db277e4a3056ca2c"><code>6be5873</code></a> Run 'make manifests' to update 'role.yaml' (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/833">#833</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mesosphere/kubeaddons/compare/v0.13.0...v0.14.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+8 -1

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentmesosphere/kubeaddons-enterprise

Bump github.com/mesosphere/kubeaddons from 0.13.0 to 0.14.1 in /test

Soon this wont be needed when we switch to kuttl https://github.com/mesosphere/kubeaddons-enterprise/pull/52

dependabot-preview[bot]

comment created time in a month

delete branch mesosphere/kubernetes-base-addons

delete branch : dependabot/go_modules/test/sigs.k8s.io/kind-0.8.1

delete time in a month

PR closed mesosphere/kubernetes-base-addons

build(deps): bump sigs.k8s.io/kind from 0.7.0 to 0.8.1 in /test dependencies

Bumps sigs.k8s.io/kind from 0.7.0 to 0.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kubernetes-sigs/kind/releases">sigs.k8s.io/kind's releases</a>.</em></p> <blockquote> <h2>v0.8.1</h2> <p><strong>This is a tiny patch release to pick up the fix for <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1544">Can't create ipv4 clusters if ipv6 is disabled at kernel level</a>.</strong></p> <p><strong>For full release notes please see <a href="https://github.com/kubernetes-sigs/kind/releases/tag/v0.8.0">v0.8.0</a>.</strong></p> <p><strong>Most users will not need to upgrade to this release, this bug is only known to occur on hosts with the <code>ipv6.disable=1</code> kernel parameter.</strong></p> <h2>v0.8.0</h2> <p><code>v0.8.0</code> Most importantly brings persistent clusters that automatically come back up after <code>dockerd</code> / host restarts. It also brings a number of fixes to networking in general, experimental <code>podman</code> backend support, improved failure output, and more.</p> <h1 id="breaking-changes">Breaking Changes</h1> <ul> <li>The default node image is a Kubernetes <code>v1.18.2</code> image: <code>kindest/node:v1.18.2@sha256:7b27a6d0f2517ff88ba444025beae41491b016bc6af573ba467b70c5e8e0d85f</code></li> <li><strong>KIND <code>v0.8.0</code> requires node images built with <code>v0.8.0+</code></strong>. <ul> <li>These new images should be mostly backwards compatible for kind <code>v0.5.0+</code></li> </ul> </li> <li><strong>The default docker network for nodes is now <code>kind</code> instead of the default docker bridge</strong> <ul> <li>This enabled <em>many</em> fixes, however if you were running things alongside kind you may need to pass <code>--net=kind</code></li> <li>Your host DNS resolver should just work now :tm: in many cases</li> <li>IPv6 clusters no longer require modifying docker daemon config</li> <li>Docker networks must have a free IPv6 /64 in the [ULA] range, that is you may not create other docker networks consuming the entire ULA range. You can work around this by precreating the <code>kind</code> network with some totally other range if you wish.</li> </ul> </li> <li>You may need to migrate to the new <code>featureGates</code> config field when setting feature gates, this should be easier to use though!</li> </ul> <p><strong>NOTE</strong>: If you've been experimenting with kind > v0.7.0 installed from <code>HEAD</code>, you may need to <code>docker network rm kind</code> before creating IPv6 clusters.</p> <h1 id="new-features">New Features</h1> <ul> <li>Clusters should not be broken by dockerd restarts / restarting your host!</li> <li>Host DNS should just work :tm:</li> <li>IPv6 Clusters no longer require modifying docker daemon settings</li> <li>Kubernetes 1.18+ should work on hosts using the iptables nft backend</li> <li><code>kind delete clusters --all</code> for deleting all your clusters</li> <li>New top level <code>featureGates</code> field in Cluster config for enabling feature gates</li> <li>Upgraded dependencies broadly, including library packages, go, containerd, CNI, etc...</li> <li><code>NO_COLOR</code> ([no-color.org]) support</li> <li><em>Experimental</em> <code>podman</code> support <ul> <li>These clusters do <strong>not</strong> survive host reboots</li> <li>Requires rootful mode</li> <li>Experimental</li> </ul> </li> <li>Improved output on failures, including command output without needing to set <code>-v</code></li> <li>Experimentally cross-building the base image for AMD64 + ARM by default</li> <li>More Documentation! Guide to working with KIND offline, Ingress and more!</li> <li>New download host and experimental nightly builds</li> <li>Support for Dynamic PV in Kubernetes 1.11.X</li> <li>New top level <code>featureGates</code> config option for controlling cluster featuregates</li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kubernetes-sigs/kind/commit/1170b6b2e2bded824a246bb85b128ceb22e69511"><code>1170b6b</code></a> version v0.8.1</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/e1388af6bb24b253bd18273f3fab8232aa51b8f0"><code>e1388af</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1545">#1545</a> from BenTheElder/ipv6-whee</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/903ad95c0cf8321fb78725f397efea2afd33b3a5"><code>903ad95</code></a> handle hosts that cannot create ipv6 networks by falling back to ipv4 only</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/1a93b0d1a7f22b89d381e873a3e7d4e8f2279969"><code>1a93b0d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1542">#1542</a> from BenTheElder/fix-registry</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/e05fb155ae41c87fc85597afaaf91ad3189335c7"><code>e05fb15</code></a> add tilt docs link</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/daa1c81eecff2683038bdecd40933ed5c16444fd"><code>daa1c81</code></a> simplify script for v0.8</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/4f9eca2de30c3da021a56217abdf5e339ca117aa"><code>4f9eca2</code></a> annotate nodes for tilt</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/ab3205d817c663dc7d35e408cc705ebc495c38ec"><code>ab3205d</code></a> fix kind-with-registry for v0.8</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/38f9bf5046a718d25d2aa0c547656d345acc9fa9"><code>38f9bf5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/kubernetes-sigs/kind/issues/1528">#1528</a> from ameukam/update-base-image</li> <li><a href="https://github.com/kubernetes-sigs/kind/commit/ea8bec834171aeb4e6d49d62c1edb42f77aaade0"><code>ea8bec8</code></a> bump base image</li> <li>Additional commits viewable in <a href="https://github.com/kubernetes-sigs/kind/compare/v0.7.0...v0.8.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+26 -1

1 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentmesosphere/kubernetes-base-addons

build(deps): bump sigs.k8s.io/kind from 0.7.0 to 0.8.1 in /test

We're not yet ready to update Kind, follow up is D2IQ-68123

dependabot-preview[bot]

comment created time in a month

push eventmesosphere/kubernetes-base-addons

dependabot-preview[bot]

commit sha c150ef718699e19bf19bee15b0199ca8b9b1a1a7

build(deps): bump github.com/mesosphere/kubeaddons in /test (#238) Bumps [github.com/mesosphere/kubeaddons](https://github.com/mesosphere/kubeaddons) from 0.13.0 to 0.14.1. - [Release notes](https://github.com/mesosphere/kubeaddons/releases) - [Commits](https://github.com/mesosphere/kubeaddons/compare/v0.13.0...v0.14.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

view details

push time in a month

delete branch mesosphere/kubernetes-base-addons

delete branch : dependabot/go_modules/test/github.com/mesosphere/kubeaddons-0.14.1

delete time in a month

PR merged mesosphere/kubernetes-base-addons

build(deps): bump github.com/mesosphere/kubeaddons from 0.13.0 to 0.14.1 in /test dependencies

Bumps github.com/mesosphere/kubeaddons from 0.13.0 to 0.14.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mesosphere/kubeaddons/releases">github.com/mesosphere/kubeaddons's releases</a>.</em></p> <blockquote> <h2>v0.14.1</h2> <h1>Minor Changes</h1> <ul> <li>fix: use labels for priority (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/842">#842</a>)</li> </ul> <h2>v0.14.0</h2> <h1>Dependency Updates</h1> <ul> <li>Bump github.com/kudobuilder/kudo from 0.11.1 to 0.12.0 (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/820">#820</a>)</li> <li>Bump k8s.io/helm from 2.16.5+incompatible to 2.16.6+incompatible (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/819">#819</a>)</li> </ul> <h1>Minor Changes</h1> <ul> <li>remove KUDO operator version from updates (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/830">#830</a>)</li> <li>Check for service unavailable when getting Helm status (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/826">#826</a>)</li> <li>Have the dispatch tests run on pull requests (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/821">#821</a>)</li> <li>Dispatch to kubeaddons (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/754">#754</a>)</li> <li>Fix 'run.kind' make target; fix builds on macOS (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/817">#817</a>)</li> <li>Run 'make manifests' to update 'role.yaml' (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/833">#833</a>)</li> <li>fix: make integration tests idempotent (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/840">#840</a>)</li> <li>chore: adds GINKGO_FOCUS and some testing documentation additions (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/837">#837</a>)</li> <li>chore: don't fail on NoErrAlreadyUpToDate when fetching (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/838">#838</a>)</li> <li>fix: make integration tests actually use fresh image (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/836">#836</a>)</li> <li>fix: Fail if addon release is not found in helm output list (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/827">#827</a>)</li> </ul> <h1>Major Changes</h1> <ul> <li>feat: Implement composite addon values (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/834">#834</a>)</li> <li>Add ValuesRemap to ChartReference spec (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/831">#831</a>)</li> <li>Add AddonCompositeValues feature flag (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/828">#828</a>)</li> </ul> <h1>Breaking Changes</h1> <p>None</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mesosphere/kubeaddons/commit/2005767b96423dbb33051ffe9ea37de1dc8fd58d"><code>2005767</code></a> fix: use labels for priority (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/842">#842</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/fa3b2db755d2ba4e01817b16cb2eb421984754ff"><code>fa3b2db</code></a> chore: publish master tag for testing (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/841">#841</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/c271cad3caa78a67b6615b3aca9a0159ae9ce39b"><code>c271cad</code></a> feat: Implement composite addon values (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/834">#834</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/90847148f6d2f5d7c6aca6a5fa71a813e4244fcf"><code>9084714</code></a> fix: make integration tests idempotent (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/840">#840</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/43f56d4880533625ab28069e7219667288f04f70"><code>43f56d4</code></a> chore: adds GINKGO_FOCUS and some testing documentation additions (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/837">#837</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/6adc3fc8570a5f4737f874de97801ac010ff878e"><code>6adc3fc</code></a> chore: don't fail on NoErrAlreadyUpToDate when fetching (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/838">#838</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/012e791b909c139850d16427570aa1fa3b69c6c5"><code>012e791</code></a> fix: make integration tests actually use fresh image (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/836">#836</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/c9049e7b607707f2dbcd9716d851acd822b027cd"><code>c9049e7</code></a> fix: Fail if addon release is not found in helm output list (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/827">#827</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/ebf9a51d3fd94f64930964c985dc23bd0924b2ed"><code>ebf9a51</code></a> Add ValuesRemap to ChartReference spec (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/831">#831</a>)</li> <li><a href="https://github.com/mesosphere/kubeaddons/commit/6be587303012ac1c494db351db277e4a3056ca2c"><code>6be5873</code></a> Run 'make manifests' to update 'role.yaml' (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/833">#833</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mesosphere/kubeaddons/compare/v0.13.0...v0.14.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+18 -1

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentistio/istio.io

Add Kind Example

@frankbu & @howardjohn I have taken care of the CLA, this PR is ready for re-review.

I would appreciate if you could review my above comments and provide a path forward where I could make modifications to this documentation that for you would make it acceptable as example documentation as it was originally intended.

Thank you for your time and considerations.

shaneutt

comment created time in a month

push eventshaneutt/istio.io

Adam Miller

commit sha 67319539611d36ab410f6cfe348793aac3ff4072

Add docs for Customizing Istio Metrics (#7137) * first draft * More updates * Remove experimental tag * Typos and linter fix * Deleted redundant file * Link to reference page * Address PR comments * Linter fix * Updated procedure * URL fix

view details

mandarjog

commit sha eda528964557a008a83eb80b7757e528c81178fb

Update upgrade instructions (#7177) * Update index.md * Update content/en/docs/setup/upgrade/index.md * Change verification to use istioctl proxy-config

view details

Jonh Wendell

commit sha 30ea242d0dde1441955353423e3b0b7eea1a9ce8

Use `sniHosts` instead of `sni_hosts` in examples (#7178) * Use `sniHosts` instead of `sni_hosts` in examples * Trigger netlify

view details

Eric Van Norman

commit sha d59b390a499740b3e09e7dd07b59f2ffbef3dcdd

Update lint_site to only check languages for files in current PR (#7133) * Update lint to only check languages for files in current PR * Default branch to master if undefined, lint fixes * Fix @ in Makefile.core.mk * Add pt-br support to language check * Review comments * Apply suggestions from code review Either BRANCH is specified or a language, else it fails. Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com> * Update scripts/lint_site.sh Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com> * Update Makefile.core.mk Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com> * Don't check languages for lint-fast if no languages are found Co-authored-by: Frank Budinsky <frankb@ca.ibm.com>

view details

John Howard

commit sha fc0147440f3992093bb5eafc5fd298bb2095741f

Fix removed folder reference (#7181) Fixes https://github.com/istio/istio/issues/23370

view details

John Howard

commit sha 0d9131bef9941a37f4c4a7a0dee1bac709d03d9c

Update install output (#7182)

view details

Eric Van Norman

commit sha 402f064f5ac6ff4cf0a4a07e20849ef2339f894d

Revert "Update lint_site to only check languages for files in current PR (#7133)" (#7185) This reverts commit d59b390a499740b3e09e7dd07b59f2ffbef3dcdd.

view details

Eric Van Norman

commit sha a95018f62e2c2cabaeed746b05f4c4c4ddce1fc5

Another Manual doc update (#7183)

view details

Istio Automation

commit sha ac9e4f5918829cfd46e44da75626351c1e614386

Automator: update common-files@master in istio/istio.io@master (#7180)

view details

Adam Miller

commit sha 737e8d90a385c64a261bdba8235da8f0a520be2b

Add docs for Classifying Metrics Based on Request or Response (#7150) * Add draft content * Corrections * Added verification and troubleshooting steps * Typo fix * Bash fix * Linter fixes * Fix PR feedback * Typo fix 5 * Linter fixes * Adjusted language * Using temp link for community testing day * Update content/en/docs/tasks/observability/metrics/classify-metrics/index.md Co-Authored-By: mandarjog <mandarjog@gmail.com> * Added indents * Update content/en/docs/tasks/observability/metrics/classify-metrics/index.md Co-Authored-By: Nupur Garg <37600866+gargnupur@users.noreply.github.com> * Update content/en/docs/tasks/observability/metrics/classify-metrics/index.md Co-Authored-By: Nupur Garg <37600866+gargnupur@users.noreply.github.com> * Update content/en/docs/tasks/observability/metrics/classify-metrics/index.md Co-Authored-By: Nupur Garg <37600866+gargnupur@users.noreply.github.com> * Update content/en/docs/tasks/observability/metrics/classify-metrics/index.md Co-Authored-By: Nupur Garg <37600866+gargnupur@users.noreply.github.com> * Linter fix 3 * Small change to trigger netlify * Replace temp link Co-authored-by: mandarjog <mandarjog@gmail.com> Co-authored-by: Nupur Garg <37600866+gargnupur@users.noreply.github.com>

view details

Mitch Connors

commit sha d6f3a40e15d7bdd587bb2be2f93d9e110c6a668f

Add namespace to gateway yaml for consistency (#7187) Fixes https://github.com/istio/istio/issues/23373

view details

Gregory Hanson

commit sha a83522e8195eb7a2c439b555771d22f3e39d43c3

cleanup a few of of the commands in egress examples (#7189)

view details

Istio Automation

commit sha c59ca25a026ad3fb024992672900bcc0eb4ba091

Automator: update istio.io@release-1.6 reference docs (#7191)

view details

Kenjiro Nakayama

commit sha c2dcbfb63b8a5932714d4bc03a16199c43e0c376

Fix format for warning message (#7193)

view details

Tariq Ibrahim

commit sha bc04196845949fd604fce2fc2f70251d663d09bf

account for istiod scenario when troubleshooting mutatingwebhooks (#7188) Force merge because PR is only blocked because of flaky netlify failure.

view details

jacob-delgado

commit sha 7cf02b617dac7270d3de19d36ea5699609cab1b6

Update Authentication page (#7198) Fixes https://github.com/istio/istio.io/issues/7194

view details

Istio Automation

commit sha b8feae656c75cb8f87375f41db1b5527f1f6f745

Automator: update common-files@master in istio/istio.io@master (#7207)

view details

Istio Automation

commit sha b95ec2ef548adfb84e2a73ed20acd99370ac2293

Automator: update istio.io@release-1.6 reference docs (#7210)

view details

Jonh Wendell

commit sha 2b6efc7aea3d9f2871e2fe20f6405cb9bda2eda7

Fix the link to the Operator API (#7205)

view details

Eric Van Norman

commit sha 835403f4410f685c5d59d1aabee1d7bf505b5633

Update automated test TAG to match go.mod istio commit (#7211)

view details

push time in a month

pull request commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

@shaneutt I'm getting a 404 on https://konvoy-staging.production.d2iq.cloud/dispatch/tekton/namespaces/dispatch/pipelineruns/dispatch-generate-pipeline-mesosphere-kubeaddons-enterpri-5dcrt which tests it's trying to run? if it's trying to find and run go tests those aren't there anymore.

:thinking: perhaps @faiq can help us out?

zmalik

comment created time in a month

push eventmesosphere/kubernetes-base-addons

Senthil Kumaran

commit sha 476346453054a512e9332618fc4122f7af487851

Exercise AWS tests only in Dispatch CI. (#230) * Exercise AWS tests only in Dispatch CI. * Update test/scripts/setup-konvoy.sh Co-Authored-By: Joe Julian <me@joejulian.name> * Address Review Comments. Co-authored-by: Joe Julian <me@joejulian.name> Co-authored-by: Shane Utt <shaneutt@users.noreply.github.com>

view details

push time in a month

PR merged mesosphere/kubernetes-base-addons

Exercise AWS tests only in Dispatch CI. issues-in-ci ready

What type of PR is this?

BUG

What this PR does/ why we need it:

Dispatch CI is a no-op at the moment because tests were not detected. Even if the tests were detected, the CI would have resulted in a failure due to known issues with kind on dispatch (tracked here - D2IQ-66356 Issues Running Kind in Dispatch .

The purpose of this PR is to fix the test recognition and exercise in dispatch CI. At the moment, we choose to run only the AWS tests as it does not have any kind dependency. This is mentioned in the test comment.

Once the kind issues in dispatch is identified and resolved, the entire test suite will be enabled.

Which issue(s) this PR fixes:

  • https://jira.d2iq.com/browse/D2IQ-65974 - Bug Fix - Fixes Dispatch CI Exercise.

The change was tested in this fork: https://github.com/orsenthil/kubernetes-base-addons/pull/15

Special notes for your reviewer:

Exercising one group (AWS) gives a benefit that test is exercised in more than one CI and we will should expect parity between CI in terms of performance and test result for the test suite.

Does this PR introduce a user-facing change?:

No

Checklist

  • [x] The commit message explains the changes and why are needed.
  • [x] The code builds and passes lint/style checks locally.
  • [x] The relevant subset of integration tests pass locally.
  • [x] The core changes are covered by tests.
  • [x] The documentation is updated where needed.
+76 -13

6 comments

5 changed files

orsenthil

pr closed time in a month

fork shaneutt/openapi-generator

OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)

https://openapi-generator.tech

fork in a month

startedOpenAPITools/openapi-generator

started time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha 8fbdaf2795ffb13d152e9c2b3c21866f1d4dd45d

Introduce ARM64 docker build file Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

Shane Utt

commit sha a48036a5753e1d02b43b97393f32f5e79a16185f

Add multi-platform build and push support to Makefile Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

push time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha 4aacf9a63abd59049ab7e8b614e67016c628cfe6

Update run_tests.sh

view details

push time in a month

pull request commentistio/istio.io

Add Kind Example

@googlebot I signed it!

shaneutt

comment created time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha f16cf166fd9a84f84fdd91b9cc9c76afc6a13239

Update test/run_tests.sh

view details

push time in a month

Pull request review commentkudobuilder/kudo

[Feature] Add ARM64 Support

 echo 'artifactsDir: /tmp/kudo-e2e-test' >> kudo-e2e-test.yaml.tmpl  # Pull the builder image with retries if it doesn't already exist. retries=0-builder_image=$(awk '/FROM/ {print $2}' test/Dockerfile)+builder_image=$(awk '/FROM/ {print $2}' test/Dockerfile.amd64)
builder_image=$(awk '/FROM/ {print $2}' test/Dockerfile)
shaneutt

comment created time in a month

pull request commentistio/istio.io

Add Kind Example

@googlebot I signed it!

shaneutt

comment created time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha 572d14a08a0c9bf423acdaf6fdb620c5f63477da

Update Dockerfile.arm64

view details

push time in a month

Pull request review commentkudobuilder/kudo

[Feature] Add ARM64 Support

+# Build the manager binary+FROM golang:1.13 as builder
FROM golang:1.14 as builder
shaneutt

comment created time in a month

Pull request review commentkudobuilder/kudo

[Feature] Add ARM64 Support

+# Build the manager binary+FROM golang:1.13 as builder

:+1:

shaneutt

comment created time in a month

pull request commentkudobuilder/kudo

[Feature] Add ARM64 Support

This is a great addition, just have small comments before approving. One drawback is that the ARM64 binaries aren't tested, but we already have the same situation with the Windows binaries, so I'm okay with that.

When you say tested, do you mean CI tests? I think that in the last community meeting it was found that github actions should support ARM based testing if that's something worth setting up here? cc @gerred :thinking:

shaneutt

comment created time in a month

Pull request review commentkudobuilder/kudo

[Feature] Add ARM64 Support

 cli-install: clean:  cli-clean test-clean manager-clean deploy-clean  .PHONY: docker-build-# Build the docker image+# Build the docker image for each supported platform docker-build: generate lint-	docker build --build-arg ldflags_arg="${LDFLAGS}" . -t ${DOCKER_IMG}:${DOCKER_TAG}-	docker tag ${DOCKER_IMG}:${DOCKER_TAG} ${DOCKER_IMG}:v${GIT_VERSION}-	docker tag ${DOCKER_IMG}:${DOCKER_TAG} ${DOCKER_IMG}:latest+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker build --build-arg ldflags_arg="$(LDFLAGS)" -f Dockerfile.$(arch) -t $(DOCKER_IMG)-$(arch):$(DOCKER_TAG) .;)+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker tag $(DOCKER_IMG)-$(arch):$(DOCKER_TAG) $(DOCKER_IMG)-$(arch):v$(GIT_VERSION);)+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker tag $(DOCKER_IMG)-$(arch):$(DOCKER_TAG) $(DOCKER_IMG)-$(arch):latest;)++.PHONY: docker-push-all-platforms+# Push the platform specific images for each supported arch+docker-push-platforms:+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker push $(DOCKER_IMG)-$(arch):$(DOCKER_TAG);)+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker push $(DOCKER_IMG)-$(arch):v$(GIT_VERSION);)+	$(foreach arch,$(SUPPORTED_PLATFORMS),docker push $(DOCKER_IMG)-$(arch):latest;)++.PHONY: docker-push-manifest+# Push the multi-arch image manifest+docker-push-manifests:

This is a simple implementation and others in the Kubernetes community utilize it for now while the support for multi-platform manifests generally matures. You can see similar examples in Velero: https://github.com/vmware-tanzu/velero/blob/master/Makefile#L186, so we wont be pioneers in this. I have also used docker buildx options but I find these to be a bit less simple to use and reason about at this time than simply directly creating the manifests.

From the end user perspective manifests are essentially just architecture-based links to other images such that every arch can docker run -it kudobuilder/kudo and under the hood it's a pointer to the -${ARCH} image (which with this PR we will start pushing as well), so even though technically the CLI functionality is "experimental" in recent versions of docker, any CI tests that deploy the controller container with the manifest image (e.g. kudobuilder/kudo) will be a valid test to make sure this is working properly.

shaneutt

comment created time in a month

Pull request review commentkudobuilder/kudo

[Feature] Add ARM64 Support

+# Build the manager binary+FROM golang:1.13 as builder

Sounds good, I was simply not wanting to stray from v1.13 which we were already using for amd64 builds. Should I update both?

shaneutt

comment created time in a month

Pull request review commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

+# create a kubernetes-in-docker cluster and replace the standard storage class with the local-path-provisioner.+# fsGroups are not supported in the standard storage class, so we use the rancher local-path-provisioner.+# This has been modified from https://github.com/rancher/local-path-provisioner/blob/v0.0.11/deploy/local-path-storage.yaml+# https://github.com/kubernetes/kubernetes/pull/39438+apiVersion: storage.k8s.io/v1+kind: StorageClass+metadata:+  name: standard+  annotations:+    storageclass.beta.kubernetes.io/is-default-class: "false"+    storageclass.kubernetes.io/is-default-class: "false"+provisioner: kubernetes.io/host-path+reclaimPolicy: Delete+volumeBindingMode: Immediate+---+apiVersion: v1+kind: Namespace+metadata:+  name: local-path-storage+---+apiVersion: v1+kind: ServiceAccount+metadata:+  name: local-path-provisioner-service-account+  namespace: local-path-storage+---+apiVersion: rbac.authorization.k8s.io/v1+kind: ClusterRole+metadata:+  name: local-path-provisioner-role+rules:+- apiGroups: [""]+  resources: ["nodes", "persistentvolumeclaims"]+  verbs: ["get", "list", "watch"]+- apiGroups: [""]+  resources: ["endpoints", "persistentvolumes", "pods"]+  verbs: ["*"]+- apiGroups: [""]+  resources: ["events"]+  verbs: ["create", "patch"]+- apiGroups: ["storage.k8s.io"]+  resources: ["storageclasses"]+  verbs: ["get", "list", "watch"]+---+apiVersion: rbac.authorization.k8s.io/v1+kind: ClusterRoleBinding+metadata:+  name: local-path-provisioner-bind+roleRef:+  apiGroup: rbac.authorization.k8s.io+  kind: ClusterRole+  name: local-path-provisioner-role+subjects:+- kind: ServiceAccount+  name: local-path-provisioner-service-account+  namespace: local-path-storage+---+apiVersion: apps/v1+kind: Deployment+metadata:+  name: local-path-provisioner

:+1: it should be the case for all newer releases:

$ kind create cluster
Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.17.0) 🖼
 ✓ Preparing nodes 📦  
 ✓ Writing configuration 📜 
 ✓ Starting control-plane 🕹️ 
 ✓ Installing CNI 🔌 
 ✓ Installing StorageClass 💾 
Set kubectl context to "kind-kind"
You can now use your cluster with:

kubectl cluster-info --context kind-kind

Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community 🙂
$ k -n local-path-storage get pods
NAME                                      READY   STATUS    RESTARTS   AGE
local-path-provisioner-7745554f7f-w9lz6   1/1     Running   0          22m
$ k get sc
NAME                 PROVISIONER             RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
standard (default)   rancher.io/local-path   Delete          WaitForFirstConsumer   false                  22m
zmalik

comment created time in a month

Pull request review commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

+apiVersion: kudo.dev/v1beta1+kind: TestStep+commands:+  - command: kubectl apply -f ./../../../zookeeper/0.x/zookeeper-3.yaml

It looks like currently we're going to have to remember to manually change these every time we add new revisions. I would suggest we do something about this now if possible, OR create a JIRA documenting this so that we can plan some improvements (my first thought is that a catalog CLI which can simply feed you the latest revision would be nice)

zmalik

comment created time in a month

Pull request review commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

+# create a kubernetes-in-docker cluster and replace the standard storage class with the local-path-provisioner.+# fsGroups are not supported in the standard storage class, so we use the rancher local-path-provisioner.+# This has been modified from https://github.com/rancher/local-path-provisioner/blob/v0.0.11/deploy/local-path-storage.yaml+# https://github.com/kubernetes/kubernetes/pull/39438+apiVersion: storage.k8s.io/v1+kind: StorageClass+metadata:+  name: standard+  annotations:+    storageclass.beta.kubernetes.io/is-default-class: "false"+    storageclass.kubernetes.io/is-default-class: "false"+provisioner: kubernetes.io/host-path+reclaimPolicy: Delete+volumeBindingMode: Immediate+---+apiVersion: v1+kind: Namespace+metadata:+  name: local-path-storage+---+apiVersion: v1+kind: ServiceAccount+metadata:+  name: local-path-provisioner-service-account+  namespace: local-path-storage+---+apiVersion: rbac.authorization.k8s.io/v1+kind: ClusterRole+metadata:+  name: local-path-provisioner-role+rules:+- apiGroups: [""]+  resources: ["nodes", "persistentvolumeclaims"]+  verbs: ["get", "list", "watch"]+- apiGroups: [""]+  resources: ["endpoints", "persistentvolumes", "pods"]+  verbs: ["*"]+- apiGroups: [""]+  resources: ["events"]+  verbs: ["create", "patch"]+- apiGroups: ["storage.k8s.io"]+  resources: ["storageclasses"]+  verbs: ["get", "list", "watch"]+---+apiVersion: rbac.authorization.k8s.io/v1+kind: ClusterRoleBinding+metadata:+  name: local-path-provisioner-bind+roleRef:+  apiGroup: rbac.authorization.k8s.io+  kind: ClusterRole+  name: local-path-provisioner-role+subjects:+- kind: ServiceAccount+  name: local-path-provisioner-service-account+  namespace: local-path-storage+---+apiVersion: apps/v1+kind: Deployment+metadata:+  name: local-path-provisioner

Recent versions of kind now include local-path-provisioner by default, is there some reason we need this special one or can it be dropped?

zmalik

comment created time in a month

Pull request review commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

+kind: Cluster+apiVersion: kind.sigs.k8s.io/v1alpha3+nodes:+- role: control-plane+  image: kindest/node:v1.17.2

Do we need to override the image, instead of using the latest version that comes with our version of kind?

zmalik

comment created time in a month

fork shaneutt/chocolate-doom

Chocolate Doom is a Doom source port that is minimalist and historically accurate.

https://www.chocolate-doom.org/

fork in a month

startedchocolate-doom/chocolate-doom

started time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha bde7c446d8a1ea40bc16fd41f71d11333a349143

Introduce ARM64 docker build file Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

Shane Utt

commit sha c9523ed9973302d6c932d1ea084011c7bb4f0c60

Add multi-platform build and push support to Makefile Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

push time in a month

push eventkubernetes-arm/www

Shane Utt

commit sha 8e2a9c68a5ce24d75e60fa485dbf751bf5f41753

Initial commit

view details

push time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha feb95514320fc7c31a168a5948c3828d7c9d9652

Increase golangci-lint timeout from 1m to 3m I found that on lower powered ARM machines when trying to build Kudo a longer timeout was needed to complete. Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

Shane Utt

commit sha b294779dc5c9bfadb4c62d0f2548cecbc7ee1a09

Introduce ARM64 docker build file Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

Shane Utt

commit sha d3a77fa0a52afd3a6259ecd9198ccf859de494c1

Add multi-platform build and push support to Makefile Signed-off-by: Shane Utt <shaneutt@linux.com>

view details

push time in a month

PR opened kudobuilder/kudo

Reviewers
[Feature] Add ARM64 Support

What this PR does / why we need it:

The purpose of this PR is to add multi-platform builds and pushes from the Makefile and add support for the ARM64 platform to the Kudo controller.

I tested these changes locally on both an amd64 and arm64 machine the results of my testing are the following repository for your review:

https://hub.docker.com/repository/docker/armk8s/kudo-controller

Fixes #1447

+48 -10

0 comment

3 changed files

pr created time in a month

push eventkubernetes-arm/kudo

Shane Utt

commit sha 015c989a36b2bffb5438a6f91a8e9e300fa76131

Increase golangci-lint timeout from 1m to 3m I found that on lower powered ARM machines when trying to build Kudo a longer timeout was needed to complete.

view details

Shane Utt

commit sha 1652a7c6b1e1a5f69bbed034708f68e4b9ad472c

Introduce ARM64 docker build file

view details

Shane Utt

commit sha 00eb447448243c4514c676ea2464257163a6a076

Add multi-platform build and push support to Makefile

view details

push time in a month

create barnchkubernetes-arm/kudo

branch : shaneutt/add-arm64-support

created branch time in a month

delete branch mesosphere/kubernetes-base-addons

delete branch : dependabot/go_modules/test/github.com/mesosphere/kubeaddons-0.13.1

delete time in a month

PR closed mesosphere/kubernetes-base-addons

build(deps): bump github.com/mesosphere/kubeaddons from 0.13.0 to 0.13.1 in /test dependencies

Bumps github.com/mesosphere/kubeaddons from 0.13.0 to 0.13.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mesosphere/kubeaddons/commit/09e3a3cd922a62111eba2dd24e2b87f75bfee7bd"><code>09e3a3c</code></a> chore: don't fail on NoErrAlreadyUpToDate when fetching (<a href="https://github-redirect.dependabot.com/mesosphere/kubeaddons/issues/839">#839</a>)</li> <li>See full diff in <a href="https://github.com/mesosphere/kubeaddons/compare/v0.13.0...v0.13.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -1

2 comments

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentmesosphere/kubernetes-base-addons

build(deps): bump github.com/mesosphere/kubeaddons from 0.13.0 to 0.13.1 in /test

we can wait for v0.14.0 which is out now anyway

dependabot-preview[bot]

comment created time in a month

push eventmesosphere/kubernetes-base-addons

Julian Gieseke

commit sha 12610ad514e360368be9d6151dabb0b3e458bc05

chore: bump chart 0.3.5 -> 0.3.11

view details

Shane Utt

commit sha 9e385df025f80fd0071387be8172f0338cf71316

Merge branch 'master' into dependabot/go_modules/test/github.com/mesosphere/kubeaddons-0.13.1

view details

push time in a month

fork shaneutt/krustlet

Kubernetes Rust Kubelet

fork in a month

starteddeislabs/krustlet

started time in a month

pull request commentistio/istio.io

Add Kind Example

The real difference for us, as John pointed out, is that a blog can be outdated and stop working in a future release. If we make it an example, somebody would now be responsible for testing and updating it in future releases of Istio. The 1.6 incompatibility that I noticed, above, is an example of what may happen next release again.

Could this problem not be solved another way? Can the guarantee of backwards compatibility be made with the other examples that already exist? Could perhaps documentation have to be specifically tagged with the versions it's been tested with, and only display for the versions provided? To me it seems that you would want to test these things continue to work in newer versions, no?

shaneutt

comment created time in a month

pull request commentistio/istio.io

Add Kind Example

I don't think this documentation is appropriate here. If there is additional context on why it is can you add it to the PR description?

This documentation was very intentionally created as an "example" as per the bar set for what examples seems to come from the tagline:

"A variety of fully working example uses for Istio that you can experiment with."

In this context "fully working" seems to suggest that it represents something with end-to-end functionality, and as you can see from the documentation provided the "that you can experiment with" was taken very obviously in spirit, but also practically exampled through some basic tests you can run on the deployment.

From my review the contents of this example do not seem to stray far from the scope established by other examples like bookinfo, wherein your ultimate goal is to access a web app (in this case more simple just an NGinx instance) and providing all the resources and configurations prescriptively along the way needed to reach that goal.

* We already document how to setup kind, and other platforms, at https://istio.io/docs/setup/platform-setup/kind/

Yes, but that documentation isn't exactly "fully working" in the sense that you can't route HTTPS traffic through Istio into the cluster. This documentation makes specific reference to that documentation to point out that we're using kind very pointedly for the purposes of this example, but suggests reviewing that documentation as well.

* MetalLB is completely orthogonal to Istio. At best we should link to metalLB's documentation. There are many applications that "extend" Istio, and we cannot maintain full documentation for all of them. Instead we should be documenting what Istio specific changes are needed to integrate with these products (in metal lb case - there is none). Please see https://preliminary.istio.io/docs/ops/integrations/ for some existing examples.

MetalLB (as stated in the document) is a means to an end. In other examples the provisioning of LoadBalancer type Service resources is a given, but in a kind cluster it is not. This was the chosen implemented to enable a "fully working" example, but unlike the other integrations you've linked this isn't related directly to Istio but instead to Kubernetes.

Should people writing examples not feel free to include setup for components that don't directly relate to Istio itself, but relate ultimately to the ecosystem that is being exampled that Istio is being used in? There seems to be precent with MySQL and some other components throughout examples.

* Same comment for cert-manager. We should be documenting Istio, not cert-manager. The documentation on how to integrate Istio with cert-manager can be found in the link above

The reason for not simply linking directly to the existing documentation is that without specifics this wont be a "fully working" example, in the sense that the user would need to figure out cert-manager from the cert-manager documentation, and make choices based on the options available there. This provides a solution that should work in any environment, and even provides tips about how one could experiment beyond what's provided. I would like to submit that the specificity provided here is key to making this example simple and quick and allows them to get the desired result quickly, and go back and investigate how the underlying bits work later if desired.

* We are re-documenting how to install Istio. We already have an install document, we don't need to duplicate this just because we are now documenting `kind` - it is the same steps for any platform. If there were kind specific settings, they would belong in the platform setup page

This makes specific choices relevant to the goal of having fully working HTTPS gateways upon completion. Is it not valid to provide something that can be learned about elsewhere in example documentation? Is there not some way I could improve this section such that it would be more prescriptive or informational?

* Next we go on to document a bunch of stuff about traffic routing, which is covered already in https://istio.io/docs/tasks/traffic-management/

That documentation is great in the case that an end-user is coming to the docs trying to very specifically understand how traffic routing is done. But in this case a more prescriptive example is provided. Is that not basically the spirit of "example" documentation, such as to provide a specific implementation for a higher-level goal?

Look at this part of the bookinfo example for instance. In this example specific destination rules are provided could you not also argue that would be a place where we could have instead linked to existing documentation and/or expanded that documentation to cover the needs here? But then would it not be harder to follow for the person who wants to start with an end result (a working webserver) and then work back through the implementation as opposed to needing to know how to come up with these manifests themselves?

Note the above is my opinion - others may disagree. I appreciate the work you have put in here but I feel like it would be better spent by enhancing existing documents rather than creating a brand new one.

@shaneutt Could you please move this from Examples to Blog. The only significant difference is that you'll need to add your name as author.

The real difference for us, as John pointed out, is that a blog can be outdated and stop working in a future release. If we make it an example, somebody would now be responsible for testing and updating it in future releases of Istio. The 1.6 incompatibility that I noticed, above, is an example of what may happen next release again.

I would submit that "example" documentation takes a high level goal and provides a very specific set of implementations to reach that goal. To that end, I believe what I have submitted qualifies as an example and if possible I would like to keep this as an example rather than a blog post.

If you are not persuaded by my explanations and comparisons above, could you please help me to better understand what qualifies as an example and under what conditions you would accept something as example documentation?

If there's a criteria I have not met for what an example ultimately is, and what it takes to get one accepted here, I would like to know what that is so that I can have the opportunity to contribute real examples, if somehow different from what I've provided so far here.

shaneutt

comment created time in a month

push eventshaneutt/kudo

Jan Schlicht

commit sha 5c256adb9dd0e6bdda33178cf0bdcbf558fdd234

Makefile silence failing version checks (#1458) If the respective binaries aren't available in '$PATH', this will no longer be printed out. Due to the way Makefiles work, this would have been printed even when using targets that don't depend on these version checks (e.g. when running 'make cli-fast'). Signed-off-by: Jan Schlicht <jan@d2iq.com>

view details

Ken Sipe

commit sha 16d2c5024116a5e1bf512735df4c0fbf47063258

Package verify to verify all the versions in operator.yaml (#1460) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Ken Sipe

commit sha c8e429576d6c7fc8167efb64bba267694fb8847d

Man's Search for Operators (#1462) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Ken Sipe

commit sha bf5c0907fd4deee47e09cef2e635813d17a5e414

Waiting For a Plan to Finish (#1461) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Jan Schlicht

commit sha 9eaad411ee065e2a210c0fb4d797c4cfb44bf831

Update third-party dependencies and use Go 1.14 (#1456) Signed-off-by: Jan Schlicht <jan@d2iq.com>

view details

Ken Sipe

commit sha 247677627ec1f2b3c7d50b3a682116ab5eeeb225

Always Docker Push on Release Including RC (#1468) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Aleksey Dukhovniy

commit sha e6bae641ef2c2015414da6994ad49befc2b4b235

Add kudo init `--unsafe-self-signed-webhook-ca` option (#1459) Summary: added a new `kudo init ... --unsafe-self-signed-webhook-ca` option which can be used when installing KUDO with enabled instance admission webhook (`kudo init --webhook InstanceValidation`) to avoid the cert-manager dependency. When using this option a certificate signed by a self-signed CA is used by the webhook server. This option is meant to be used for local development, testing, and demos and is **not meant to be used in production.** Signed-off-by: Aleksey Dukhovniy <alex.dukhovniy@googlemail.com> Co-authored-by: alenkacz <avarkockova@mesosphere.com>

view details

Ken Sipe

commit sha 3a22e56cd6fc51e99a295cbf55b00d70223e2ae5

Better Wait Handling on Installs (#1469) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Ken Sipe

commit sha 1009a8391beae5bec71befe121fd89393395e539

docker publish updates (#1471) Signed-off-by: Ken Sipe <kensipe@gmail.com>

view details

Murilo Pereira

commit sha 5ca644e5794851438f2a860caf78331d66d911a2

KEP-22: Diagnostics Bundle (#1310) Co-Authored-By: Gerred Dillon <hello@gerred.org> Co-Authored-By: Aleksey Dukhovniy <alex.dukhovniy@googlemail.com> Co-Authored-By: Andreas Neumann <aneumann@mesosphere.com> Co-Authored-By: Marcin Owsiany <mowsiany@D2iQ.com> Signed-off-by: Vasilii Emelin <vasilii_emelin@epam.com>

view details

Aleksey Dukhovniy

commit sha f181a858e78f746bd0b16bba924b309003ae5663

Activating instance admission controller for the e2e tests (#1473) Summary: when initializing KUDO manager for the e2e tests we now use the `--webhook InstanceValidation --unsafe-self-signed-webhook-ca` options that activate the instance admission controller (IAC) using the self-signed webhook CA bundle. We must ensure that KUDO manager runs before we begin executing test steps, otherwise, IAC `MutatingWebhookConfiguration` will fail `CREATE` and `UPDATE` requests to the `Instance` resources if the webhook server is not up and running. To achieve this, I added first step to all e2e steps ensuring the `kudo-controller-manager` pod is `Running`. Signed-off-by: Aleksey Dukhovniy <alex.dukhovniy@googlemail.com>

view details

Aleksey Dukhovniy

commit sha 62921fc9d1165329aafd73ac666106bbbcbe5b7d

KEP-29: Operator dependencies (#1454) This KEP aims to improve operator user and developer experience by introducing operator dependencies. Signed-off-by: Aleksey Dukhovniy <alex.dukhovniy@googlemail.com> Co-authored-by: Marcin Owsiany <marcin@owsiany.pl>

view details

Andreas Neumann

commit sha 2eecbfe868293b12d077881047b8c9429841374e

KEP-27: Detailed Control for Pod Restarts (#1449) Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>

view details

Aleksey Dukhovniy

commit sha b92b50ccdb1fdf5f7d9de28b7dab346a1e19d748

Add possibility for pipe-tasks to pipe env-files (#1484) Summary: When creating `ConfigMap`s or `Secret`s k8s allows for taking an env-file using the `--from-env-file` option. Env-files contain a list of environment variables. These syntax rules apply: - Each line in an env file has to be in VAR=VAL format. - Lines beginning with # (i.e. comments) are ignored. - Blank lines are ignored. - There is no special handling of quotation marks (i.e. they will be part of the ConfigMap value)) New pipe-task `fnvFile` field can be used instead of `file` to signal that the pipe-file should be treated as an env-file: ```yaml spec: pipe: - envFile: /tmp/foo.env kind: ConfigMap key: foo ``` Note, that **either** `file` or `envFile` can be used but not both. For more information on env-files see [k8s documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#create-configmaps-from-files) Fixes: #1394 Signed-off-by: Aleksey Dukhovniy <alex.dukhovniy@googlemail.com>

view details

push time in a month

delete branch shaneutt/kudo

delete branch : shaneutt/add-arm64-support

delete time in a month

push eventshaneutt/kudo

Shane Utt

commit sha 3a7a5af160909bd6a85134a54755ac81a5a5be04

Add ARM64 Build

view details

push time in a month

create barnchshaneutt/kudo

branch : shaneutt/add-arm64-support

created branch time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha 99aafd458a621746e92abcb4bfbe60a2715d4227

Update content/en/docs/examples/local-testing-with-kind/index.md Co-Authored-By: Frank Budinsky <frankb@ca.ibm.com>

view details

push time in a month

push eventmesosphere/kubeaddons-kommander

Shane Utt

commit sha ed0dfe9bf83bee4e239f39c5d6358cff3de9432a

Update README.md Co-Authored-By: Julian Gieseke <juliangieseke@users.noreply.github.com>

view details

push time in a month

pull request commentistio/istio.io

Add Kind Example

@Rachael-Graham & @frankbu I re-ran my original tests and it appears that in the latest version of istioctl the name of the default gateway changed from istio-system/ingressgateway to istio-system/istio-ingressgateway since I last tested this. As such I've updated the documentation and tested this again and it's working properly. All other sections worked properly in my test.

shaneutt

comment created time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha 13b76de9e56731634415019aad37c33cd28db6a1

Add Kind Example

view details

push time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha e03e984e35c35058505e3d60da73c7958c837cc6

Update index.md

view details

push time in a month

fork shaneutt/jq

Command-line JSON processor

http://stedolan.github.io/jq/

fork in a month

startedstedolan/jq

started time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha d9397650b9057efda4bab9cd23adc6706d343d47

Update index.md

view details

push time in a month

pull request commentistio/istio.io

Add Kind Example

@shaneutt The doc LGTM now. Only thing missing is you still need to sign the CLA: #7155 (comment).

I'm working on the CLA right now, we have a corporate one I'm trying to get added to so I'll try to get that taken care of asap.

Also, before merging an example, we need confirmation that it has been tested by somebody manually or with a test program. Alternatively, we can move it to the blog, but personally I'd like to keep it in the examples section.

I have tested this manually and ran it, I'll do another testing pass now that we've made some tweaks just to make sure everything is looking :100:

shaneutt

comment created time in a month

push eventmesosphere/kubernetes-base-addons

dependabot-preview[bot]

commit sha d8782aa8cd8564785e3d141c43a34b5e84ccbd0a

build(deps): bump k8s.io/helm in /test (#228) Bumps [k8s.io/helm](https://github.com/kubernetes/helm) from 2.16.5+incompatible to 2.16.6+incompatible. - [Release notes](https://github.com/kubernetes/helm/releases) - [Commits](https://github.com/kubernetes/helm/compare/v2.16.5...v2.16.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Shane Utt <shaneutt@users.noreply.github.com>

view details

Shane Utt

commit sha 24f3808aa1ce9ce8bac695dc95c79c6f09cb3445

Merge branch 'master' into dependabot/go_modules/test/github.com/mesosphere/kubeaddons-0.13.1

view details

push time in a month

pull request commentmesosphere/kubeaddons-kommander

remove k8s version override from ui

@shaneutt UI doesnt consume that var anymore, it was removed a while back. your point is valid, but should be solved in KCL utility server. I'll figure out what the status is +1

Ok, sounds good :+1:

juliangieseke

comment created time in a month

pull request commentmesosphere/charts

chore: test dispatch webhook

This has been sitting for some time. Is it safe to close this PR, or is follow-up intended?

@shaneutt, thanks for looking into this. This PR is basically a showcase for Dispatch posting the wrong links in status checks, i.e. it posts the ELB address instead of the configured CNAME. As long as that's still happening, I'd like to keep this PR open to see whether anything changes on Dispatch side.

Ok sounds good thanks for checking in :+1:

makkes

comment created time in a month

pull request commentmesosphere/kubeaddons-enterprise

Use KUTTL for testing

@shaneutt its still using last released version, so let's wait for today's release of 0.13.1 and I will update the PR status

Sounds good, thanks @zmalik

zmalik

comment created time in a month

push eventorsenthil/kubernetes-base-addons

dependabot-preview[bot]

commit sha d8782aa8cd8564785e3d141c43a34b5e84ccbd0a

build(deps): bump k8s.io/helm in /test (#228) Bumps [k8s.io/helm](https://github.com/kubernetes/helm) from 2.16.5+incompatible to 2.16.6+incompatible. - [Release notes](https://github.com/kubernetes/helm/releases) - [Commits](https://github.com/kubernetes/helm/compare/v2.16.5...v2.16.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Shane Utt <shaneutt@users.noreply.github.com>

view details

Shane Utt

commit sha 265c74c37e31bf82f435ba53440916e873fc0ef5

Merge branch 'master' into D2IQ-65974

view details

push time in a month

push eventmesosphere/kubernetes-base-addons

dependabot-preview[bot]

commit sha d8782aa8cd8564785e3d141c43a34b5e84ccbd0a

build(deps): bump k8s.io/helm in /test (#228) Bumps [k8s.io/helm](https://github.com/kubernetes/helm) from 2.16.5+incompatible to 2.16.6+incompatible. - [Release notes](https://github.com/kubernetes/helm/releases) - [Commits](https://github.com/kubernetes/helm/compare/v2.16.5...v2.16.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Shane Utt <shaneutt@users.noreply.github.com>

view details

push time in a month

delete branch mesosphere/kubernetes-base-addons

delete branch : dependabot/go_modules/test/k8s.io/helm-2.16.6incompatible

delete time in a month

PR merged mesosphere/kubernetes-base-addons

build(deps): bump k8s.io/helm from 2.16.5+incompatible to 2.16.6+incompatible in /test dependencies

Bumps k8s.io/helm from 2.16.5+incompatible to 2.16.6+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kubernetes/helm/releases">k8s.io/helm's releases</a>.</em></p> <blockquote> <p>Helm v2.16.6 is a patch release. Users are encouraged to upgrade for the best experience.</p> <p>This release was signed with <code>4614 49C2 5E36 B98E</code> and can be found at <a href="https://github.com/mattfarina">@mattfarina</a> <a href="https://keybase.io/mattfarina">keybase account</a>. Please use the attached signatures for verifying this release using <code>gpg</code>.</p> <p>The community keeps growing, and we'd love to see you there!</p> <ul> <li>Join the discussion in <a href="https://kubernetes.slack.com">Kubernetes Slack</a>: <ul> <li><code>#helm-users</code> for questions and just to hang out</li> <li><code>#helm-dev</code> for discussing PRs, code, and bugs</li> </ul> </li> <li>Hang out at the Public Developer Call: Thursday, 9:30 Pacific via <a href="https://zoom.us/j/696660622">Zoom</a></li> <li>Test, debug, and contribute charts: <a href="https://github.com/helm/charts">GitHub/helm/charts</a></li> </ul> <h2>Installation and Upgrading</h2> <p>Download Helm 2.16.6. The common platform binaries are here:</p> <ul> <li><a href="https://get.helm.sh/helm-v2.16.6-darwin-amd64.tar.gz">MacOS amd64</a> (<a href="https://get.helm.sh/helm-v2.16.6-darwin-amd64.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz">Linux amd64</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-arm.tar.gz">Linux arm</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-arm.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-arm64.tar.gz">Linux arm64</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-arm64.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-386.tar.gz">Linux i386</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-386.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-ppc64le.tar.gz">Linux ppc64le</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-ppc64le.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-linux-s390x.tar.gz">Linux s390x</a> (<a href="https://get.helm.sh/helm-v2.16.6-linux-s390x.tar.gz.sha256">checksum</a>)</li> <li><a href="https://get.helm.sh/helm-v2.16.6-windows-amd64.zip">Windows amd64</a> (<a href="https://get.helm.sh/helm-v2.16.6-windows-amd64.zip.sha256">checksum</a>)</li> </ul> <p>Once you have the client installed, upgrade Tiller with <code>helm init --upgrade</code>.</p> <p>The <a href="https://docs.helm.sh/using_helm/#quickstart-guide">Quickstart Guide</a> will get you going from there. For <strong>upgrade instructions</strong> or detailed installation notes, check the <a href="https://docs.helm.sh/using_helm/#installing-helm">install guide</a>. You can also use a <a href="https://raw.githubusercontent.com/helm/helm/master/scripts/get">script to install</a> on any system with <code>bash</code>.</p> <h2>What's Next</h2> <ul> <li>v2.16.7 will contain only bug fixes.</li> </ul> <h2>Changelog</h2> <ul> <li>Fix nul pointer error dd2e5695da88625b190e6b22e9542550ab503a47 (Matt Farina)</li> <li>fix: fixes for Go 1.14 (<a href="https://github-redirect.dependabot.com/kubernetes/helm/issues/7848">#7848</a>) 288b521d5eda8a3bde7fef81a462bf7b22d2d873 (Matt Butcher)</li> </ul> <h2>Helm v2.8.0 - Kubernetes 1.9 Support</h2> <p>Helm 2.8.0 is a feature release. This version of Helm now has support for Kubernetes 1.9 resources which includes support for the new apps/v1 workloads API, selector immutability, and rollingUpdate as the default update strategy for all workloads from the apps/v1 and extensions/v1beta2 APIs.</p> <p>This release contains a metric tonne of fixes and new features. We would like to take the time to thank everyone who contributed to this release. We cannot thank you enough for your time and hard work debugging issues, submitting tickets, contributing patches or crafting new features that extend Helm's usefulness. :heart:</p> <p>The community keeps growing, and we'd love to see you there.</p> <ul> <li>Join the discussion in <a href="https://slack.k8s.io/">Kubernetes Slack</a>: <ul> <li><code>#helm-users</code> for questions and just to hang out</li> <li><code>#helm-dev</code> for discussing PRs, code, and bugs</li> <li><code>#charts</code> for discussing about the official Kubernetes Charts repository</li> </ul> </li> <li>Hang out at the Public Developer Call: Thursday, 9:30 Pacific via <a href="https://zoom.us/j/4526666954">Zoom</a></li> <li>Test, debug, and contribute charts: <a href="https://github.com/kubernetes/charts">GitHub/kubernetes/charts</a></li> </ul> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/helm/helm/commit/dd2e5695da88625b190e6b22e9542550ab503a47"><code>dd2e569</code></a> Fix nul pointer error</li> <li><a href="https://github.com/helm/helm/commit/288b521d5eda8a3bde7fef81a462bf7b22d2d873"><code>288b521</code></a> fix: fixes for Go 1.14 (<a href="https://github-redirect.dependabot.com/kubernetes/helm/issues/7848">#7848</a>)</li> <li>See full diff in <a href="https://github.com/kubernetes/helm/compare/v2.16.5...v2.16.6">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+3 -1

0 comment

2 changed files

dependabot-preview[bot]

pr closed time in a month

pull request commentistio/istio.io

Add Kind Example

I believe I have addressed all your feedback @Rachael-Graham, thank you for it! Let me know what you think.

shaneutt

comment created time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha 9bd22168fe1432db35d2c3303855d67d0098fa38

Apply suggestions from code review Thank you for the feedback! Co-Authored-By: Rachael Graham <rachael.graham@ibm.com>

view details

push time in a month

Pull request review commentistio/istio.io

Add Kind Example

+---+title: Testing Istio Locally With Kubernetes In Docker+description: Example of deploying Istio locally using Kubernetes In Docker for testing and evaluation.+weight: 10+keywords:+- kubernetes+- kind+- metallb+- cert-manager+- ingress+---++This example uses Kubernetes In Docker ([KIND][kind]) to deploy Istio locally. The cluster produced is intended to be used for further testing, evaluation and experimentation with Istio.++## Before You Begin++Sections in this example provide a walk through of deploying a `kind` cluster similar to how the [Istio Kind Documentation](/docs/setup/platform-setup/kind) recommends, but with several important follow up steps to deploy certificate management and Istio gateways with TLS. Familiarize yourself with that documentation and `kind` itself to make sure you have a general working knowledge of `kind` before proceeding.++## Deploying Kubernetes++Create a default Kubernetes cluster using `kind` with a single node:++{{< text bash >}}+$ kind create cluster --name istio-testing+{{< /text >}}++{{< tip >}}+If you're interested in building a multi-node cluster, or otherwise further customizing the cluster setup (e.g. different Kubernetes versions, more worker nodes) then be sure to check the [Kind Cluster Configuration Documentation](https://kind.sigs.k8s.io/docs/user/quick-start#configuring-your-kind-cluster) which will help you explore the available options.+{{< /tip >}}++Once the cluster has completed deployment switch your [kubectl][kubectl] context to start using it:++{{< text bash >}}+$ kubectl cluster-info --context kind-istio-testing+{{< /text >}}++And then test access to the cluster by retrieving resources to make sure everything is working (e.g. `kubectl get all -A`).++## Enabling External Load Balancers++By default Istio will create a [Load Balancer Service][servicelb] which will be resolved with an external address. For the purposes of this example use [MetalLB][metallb] to resolve these to an address available on the docker network from the host machine.++{{< tip >}}+For this example assume that the default docker network is used with an IP range of `172.17.255.1-172.17.255.250` (if you ran `kind` with no specific configuration, this should be the default). If however you are using an alternative network configuration, you'll need to make the appropriate updates to the `addresses` field in the below MetalLB configuration before deploying.+{{< /tip >}}++First pick the latest release and deploy the MetalLB components:++{{< text bash >}}+$ export LATEST_METALLB_RELEASE="$(curl -s https://api.github.com/repos/metallb/metallb/releases/latest | jq -r '.tag_name')"+$ kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/${LATEST_METALLB_RELEASE}/manifests/namespace.yaml+$ kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/${LATEST_METALLB_RELEASE}/manifests/metallb.yaml+{{< /text >}}++We need to generate a secret for MetalLB:++{{< text bash >}}+$ kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"+{{< /text >}}++And add a configuration file for MetalLB so it knows what protocol to use and what address range is available to it:++{{< text bash >}}+$ kubectl apply -f - <<EOF+apiVersion: v1+kind: ConfigMap+metadata:+  name: config+  namespace: metallb-system+data:+  config: |+    address-pools:+    - name: default+      protocol: layer2+      addresses:+      - 172.17.255.1-172.17.255.250+EOF+{{< /text >}}++Now the external IP addresses for `LoadBalancer` type `Service` resources can be provisioned.++## Certificates++A default deployment of Istio will only serve HTTP traffic, which can be very limiting for testing. For this example use [Cert Manager][certmanager] to provide a `ClusterIssuer` which can sign certificates for us for testing HTTPS ingress through our gateways.++{{< tip >}}+This example uses a self-signed certificate for simplicity (all testing is done over the local network). If you're adapting the examples here to a different kind of environment keep in mind that you'll need to change what kind of issuer you use. You may want to review other documentation such as the [Ingress With Cert Manager Task](/docs/ops/integrations/certmanager/) for your own adaptations.+{{< /tip >}}++First deploy the Cert Manager components themselves:++{{< text bash >}}+$ export LATEST_CERTMANAGER_RELEASE="$(curl -s https://api.github.com/repos/jetstack/cert-manager/releases/latest | jq -r '.tag_name')"+$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/${LATEST_CERTMANAGER_RELEASE}/cert-manager.yaml+{{< /text >}}++{{< tip >}}+Make sure to wait for all `Deployments` in the `cert-manager` namespace to be `READY`, if you try to create a `ClusterIssuer` and the webhook manager is not `READY`, you may receive 500 errors from the API until it's resolved.+{{< /tip >}}++Now let's provide a `ClusterIssuer` for our certs:++{{< text bash >}}+$ kubectl apply -f - <<EOF+apiVersion: cert-manager.io/v1alpha2+kind: ClusterIssuer+metadata:+  name: selfsigned-issuer+spec:+  selfSigned: {}+EOF+{{< /text >}}++All set! Now certificates for `Gateway` resources can be more easily managed.++## Deploying Istio++All the setup is done, it's time to deploy Istio.++{{< tip >}}+Make sure you have `istoctl` [installed](/docs/ops/diagnostic-tools/istioctl/#before-you-begin)!+{{< /tip >}}++We'll start by using `istioctl` to deploy the base Istio installation with [SDS](/docs/tasks/traffic-management/ingress/secure-ingress/), [Ingress with HTTPS](/docs/ops/integrations/certmanager/) enabled:++{{< text bash >}}+$ istioctl manifest apply \+  --set values.gateways.istio-ingressgateway.sds.enabled=true \+  --set values.global.k8sIngress.enabled=true \+  --set values.global.k8sIngress.enableHttps=true \+  --set values.global.k8sIngress.gatewayName=ingressgateway+{{< /text >}}++Since HTTPS is enabled for the ingress `Gateway` make sure to create a `Certificate` for it:++{{< text bash >}}+$ kubectl apply -f - <<EOF+apiVersion: cert-manager.io/v1alpha2+kind: Certificate+metadata:+  name: ingress-cert+  namespace: istio-system+spec:+  secretName: ingress-cert+  issuerRef:+    name: selfsigned-issuer+    kind: ClusterIssuer+  commonName: examples.istio.io+  dnsNames:+  - '*.istio.io'+EOF+{{< /text >}}++And patch the ingress `Gateway` to configure it for the `Certificate`:++{{< text bash >}}+$ kubectl -n istio-system patch gateway istio-autogenerated-k8s-ingress --type=json \+  -p='[{"op": "replace", "path": "/spec/servers/1/tls", "value": {"credentialName": "ingress-cert", "mode": "SIMPLE", "privateKey": "sds", "serverCertificate": "sds"}}]'+{{< /text >}}++If all went well, you could be able to reach the default `Gateway` over both HTTP and HTTPS (you'll receive a 404):

Hopefully this clarifies:

At this point you should be able to reach the default `Gateway` over both HTTP and HTTPS (but note, that you'll receive a 404 from the `Gateway` at this point, not a 200):

Let me know what you think?

shaneutt

comment created time in a month

push eventshaneutt/istio.io

Shane Utt

commit sha 597bc2c6d7988aa66b09bc75ea10d3f50cf3be64

Add Kind Example

view details

push time in a month

more