Skip to content

Commit e1bb8e7

Browse files
stefanprodanstefanprodan
authored
Merge pull request #441 from weaveworks/istio-v1alpha3
Extend Istio traffic policy
2 parents 8c1166f + b4753f6 commit e1bb8e7

File tree

13 files changed

+1310
-757
lines changed

13 files changed

+1310
-757
lines changed

Makefile

+4
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,10 @@ test-codegen:
5454
test: test-fmt test-codegen
5555
go test ./...
5656

57+
crd:
58+
cat artifacts/flagger/crd.yaml > charts/flagger/crds/crd.yaml
59+
cat artifacts/flagger/crd.yaml > kustomize/base/flagger/crd.yaml
60+
5761
helm-package:
5862
cd charts/ && helm package ./*
5963
mv charts/*.tgz bin/

artifacts/flagger/crd.yaml

+203-42
Original file line numberDiff line numberDiff line change
@@ -155,42 +155,6 @@ spec:
155155
type: array
156156
items:
157157
type: string
158-
trafficPolicy:
159-
description: Istio mTLS traffic policy
160-
type: object
161-
properties:
162-
tls:
163-
description: TLS related settings for connections to the upstream service
164-
type: object
165-
properties:
166-
caCertificates:
167-
format: string
168-
type: string
169-
clientCertificate:
170-
description: REQUIRED if mode is `MUTUAL`.
171-
format: string
172-
type: string
173-
mode:
174-
enum:
175-
- DISABLE
176-
- SIMPLE
177-
- MUTUAL
178-
- ISTIO_MUTUAL
179-
type: string
180-
privateKey:
181-
description: REQUIRED if mode is `MUTUAL`.
182-
format: string
183-
type: string
184-
sni:
185-
description: SNI string to present to the server
186-
during TLS handshake.
187-
format: string
188-
type: string
189-
subjectAltNames:
190-
items:
191-
format: string
192-
type: string
193-
type: array
194158
match:
195159
description: URI match conditions
196160
type: array
@@ -279,8 +243,13 @@ spec:
279243
type: string
280244
type: object
281245
type: object
246+
gateways:
247+
description: The list of Istio gateway for this virtual service
248+
type: array
249+
items:
250+
type: string
282251
corsPolicy:
283-
description: Cross-Origin Resource Sharing policy (CORS)
252+
description: Istio Cross-Origin Resource Sharing policy (CORS)
284253
type: object
285254
properties:
286255
allowCredentials:
@@ -332,11 +301,203 @@ spec:
332301
type: array
333302
maxAge:
334303
type: string
335-
gateways:
336-
description: The list of Istio gateway for this virtual service
337-
type: array
338-
items:
339-
type: string
304+
trafficPolicy:
305+
description: Istio traffic policy
306+
type: object
307+
properties:
308+
connectionPool:
309+
properties:
310+
http:
311+
description: HTTP connection pool settings.
312+
type: object
313+
properties:
314+
h2UpgradePolicy:
315+
description: Specify if http1.1 connection should
316+
be upgraded to http2 for the associated destination.
317+
enum:
318+
- DEFAULT
319+
- DO_NOT_UPGRADE
320+
- UPGRADE
321+
type: string
322+
http1MaxPendingRequests:
323+
description: Maximum number of pending HTTP requests
324+
to a destination.
325+
format: int32
326+
type: integer
327+
http2MaxRequests:
328+
description: Maximum number of requests to a backend.
329+
format: int32
330+
type: integer
331+
idleTimeout:
332+
description: The idle timeout for upstream connection
333+
pool connections.
334+
type: string
335+
maxRequestsPerConnection:
336+
description: Maximum number of requests per connection
337+
to a backend.
338+
format: int32
339+
type: integer
340+
maxRetries:
341+
format: int32
342+
type: integer
343+
loadBalancer:
344+
description: Settings controlling the load balancer algorithms.
345+
type: object
346+
oneOf:
347+
- required:
348+
- simple
349+
- properties:
350+
consistentHash:
351+
oneOf:
352+
- required:
353+
- httpHeaderName
354+
- required:
355+
- httpCookie
356+
- required:
357+
- useSourceIp
358+
- required:
359+
- httpQueryParameterName
360+
required:
361+
- consistentHash
362+
properties:
363+
consistentHash:
364+
properties:
365+
httpCookie:
366+
description: Hash based on HTTP cookie.
367+
properties:
368+
name:
369+
description: Name of the cookie.
370+
format: string
371+
type: string
372+
path:
373+
description: Path to set for the cookie.
374+
format: string
375+
type: string
376+
ttl:
377+
description: Lifetime of the cookie.
378+
type: string
379+
type: object
380+
httpHeaderName:
381+
description: Hash based on a specific HTTP header.
382+
format: string
383+
type: string
384+
httpQueryParameterName:
385+
description: Hash based on a specific HTTP query parameter.
386+
format: string
387+
type: string
388+
minimumRingSize:
389+
type: integer
390+
useSourceIp:
391+
description: Hash based on the source IP address.
392+
type: boolean
393+
type: object
394+
localityLbSetting:
395+
properties:
396+
distribute:
397+
description: 'Optional: only one of distribute or
398+
failover can be set.'
399+
items:
400+
properties:
401+
from:
402+
description: Originating locality, '/' separated,
403+
e.g.
404+
format: string
405+
type: string
406+
to:
407+
additionalProperties:
408+
type: integer
409+
description: Map of upstream localities to traffic
410+
distribution weights.
411+
type: object
412+
type: object
413+
type: array
414+
enabled:
415+
description: enable locality load balancing, this
416+
is DestinationRule-level and will override mesh
417+
wide settings in entirety.
418+
type: boolean
419+
failover:
420+
description: 'Optional: only failover or distribute
421+
can be set.'
422+
items:
423+
properties:
424+
from:
425+
description: Originating region.
426+
format: string
427+
type: string
428+
to:
429+
format: string
430+
type: string
431+
type: object
432+
type: array
433+
type: object
434+
simple:
435+
enum:
436+
- ROUND_ROBIN
437+
- LEAST_CONN
438+
- RANDOM
439+
- PASSTHROUGH
440+
type: string
441+
outlierDetection:
442+
description: Settings controlling eviction of unhealthy hosts from the load balancing pool.
443+
type: object
444+
properties:
445+
baseEjectionTime:
446+
description: Minimum ejection duration.
447+
type: string
448+
consecutive5xxErrors:
449+
description: Number of 5xx errors before a host is ejected
450+
from the connection pool.
451+
type: integer
452+
consecutiveErrors:
453+
format: int32
454+
type: integer
455+
consecutiveGatewayErrors:
456+
description: Number of gateway errors before a host is
457+
ejected from the connection pool.
458+
format: int32
459+
type: integer
460+
interval:
461+
description: Time interval between ejection sweep analysis.
462+
type: string
463+
maxEjectionPercent:
464+
format: int32
465+
type: integer
466+
minHealthPercent:
467+
format: int32
468+
type: integer
469+
tls:
470+
description: Istio TLS related settings for connections to the upstream service
471+
type: object
472+
properties:
473+
caCertificates:
474+
format: string
475+
type: string
476+
clientCertificate:
477+
description: REQUIRED if mode is `MUTUAL`.
478+
format: string
479+
type: string
480+
mode:
481+
enum:
482+
- DISABLE
483+
- SIMPLE
484+
- MUTUAL
485+
- ISTIO_MUTUAL
486+
type: string
487+
privateKey:
488+
description: REQUIRED if mode is `MUTUAL`.
489+
format: string
490+
type: string
491+
sni:
492+
description: SNI string to present to the server
493+
during TLS handshake.
494+
format: string
495+
type: string
496+
subjectAltNames:
497+
items:
498+
format: string
499+
type: string
500+
type: array
340501
skipAnalysis:
341502
description: Skip analysis and promote canary
342503
type: boolean

charts/flagger/README.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ Parameter | Description | Default
9595
`ingressAnnotationsPrefix` | Annotations prefix for ingresses | `custom.ingress.kubernetes.io`
9696
`rbac.create` | If `true`, create and use RBAC resources | `true`
9797
`rbac.pspEnabled` | If `true`, create and use a restricted pod security policy | `false`
98-
`crd.create` | If `true`, create Flagger's CRDs | `true`
98+
`crd.create` | If `true`, create Flagger's CRDs (should be enabled for Helm v2 only) | `false`
9999
`resources.requests/cpu` | Pod CPU request | `10m`
100100
`resources.requests/memory` | Pod memory request | `32Mi`
101101
`resources.limits/cpu` | Pod CPU limit | `1000m`

0 commit comments

Comments
 (0)