istio

package
v0.0.0-...-51e17a3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2025 License: Apache-2.0 Imports: 72 Imported by: 10

Documentation

Index

Constants

View Source
const (
	RetryDelay   = 2 * time.Second
	RetryTimeOut = 5 * time.Minute
)
View Source
const (
	// DefaultSystemNamespace default value for SystemNamespace
	DefaultSystemNamespace = "istio-system"

	// IntegrationTestDefaultsIOP is the path of the default IstioOperator spec to use
	// for integration tests
	IntegrationTestDefaultsIOP = "tests/integration/iop-integration-test-defaults.yaml"

	// IntegrationTestDefaultsIOPWithQUIC is the path of the default IstioOperator spec to
	// use for integration tests involving QUIC
	IntegrationTestDefaultsIOPWithQUIC = "tests/integration/iop-integration-test-defaults-with-quic.yaml"

	// IntegrationTestRemoteDefaultsIOP is the path of the default IstioOperator spec to use
	// on remote clusters for integration tests
	IntegrationTestRemoteDefaultsIOP = "tests/integration/iop-remote-integration-test-defaults.yaml"

	// BaseIOP is the path of the base IstioOperator spec
	BaseIOP = "tests/integration/base.yaml"

	// IntegrationTestRemoteGatewaysIOP is the path of the default IstioOperator spec to use
	// to install gateways on remote clusters for integration tests
	IntegrationTestRemoteGatewaysIOP = "tests/integration/iop-remote-integration-test-gateways.yaml"

	// IntegrationTestExternalIstiodPrimaryDefaultsIOP is the path of the default IstioOperator spec to use
	// on external istiod primary clusters for integration tests
	IntegrationTestExternalIstiodPrimaryDefaultsIOP = "tests/integration/iop-externalistiod-primary-integration-test-defaults.yaml"

	// IntegrationTestExternalIstiodConfigDefaultsIOP is the path of the default IstioOperator spec to use
	// on external istiod config clusters for integration tests
	IntegrationTestExternalIstiodConfigDefaultsIOP = "tests/integration/iop-externalistiod-config-integration-test-defaults.yaml"

	// IntegrationTestAmbientDefaultsIOP is the path of the default IstioOperator for ambient
	IntegrationTestAmbientDefaultsIOP = "tests/integration/iop-ambient-test-defaults.yaml"

	// IntegrationTestPeerMetadataDiscoveryDefaultsIOP is the path of the default IstioOperator to force WDS usage
	IntegrationTestPeerMetadataDiscoveryDefaultsIOP = "tests/integration/iop-wds.yaml"

	// DefaultEgressGatewayLabel is the default Istio label for the egress gateway.
	DefaultEgressGatewayIstioLabel = "egressgateway"

	// DefaultEgressGatewayServiceName is the default service name for the egress gateway.
	DefaultEgressGatewayServiceName = "istio-egressgateway"
)

Variables

This section is empty.

Functions

func ClaimSystemNamespace

func ClaimSystemNamespace(ctx resource.Context) (namespace.Instance, error)

ClaimSystemNamespace retrieves the namespace for the Istio system components from the environment.

func ClaimSystemNamespaceOrFail

func ClaimSystemNamespaceOrFail(t test.Failer, ctx resource.Context) namespace.Instance

ClaimSystemNamespaceOrFail calls ClaimSystemNamespace, failing the test if an error occurs.

func DefaultIngress

func DefaultIngress(ctx resource.Context) (ingress.Instance, error)

DefaultIngress returns the ingress installed in the default cluster. The ingress's service name will be "istio-ingressgateway" and the istio label will be "ingressgateway".

func DefaultIngressOrFail

func DefaultIngressOrFail(t test.Failer, ctx resource.Context) ingress.Instance

DefaultIngressOrFail calls DefaultIngress and fails if an error is encountered.

func FetchRootCert

func FetchRootCert(c kubernetes.Interface) (string, error)

func GetServiceAccountToken

func GetServiceAccountToken(c kubernetes.Interface, aud, ns, sa string) (string, error)

func Indent

func Indent(text, indent string) string

Indent indents a block of text with an indent string

func Ingresses

func Ingresses(ctx resource.Context) (ingress.Instances, error)

Ingresses returns all ingresses for "istio-ingressgateway" in each cluster.

func IngressesOrFail

func IngressesOrFail(t test.Failer, ctx resource.Context) ingress.Instances

IngressesOrFail calls Ingresses and fails if an error is encountered.

func Setup

func Setup(i *Instance, cfn SetupConfigFn, ctxFns ...SetupContextFn) resource.SetupFn

Setup is a setup function that will deploy Istio on Kubernetes environment

Types

type Cert

type Cert struct {
	ClientCert, Key, RootCert []byte
}

func CreateCertificate

func CreateCertificate(t framework.TestContext, i Instance, serviceAccount, namespace string) (Cert, error)

type Config

type Config struct {
	// The namespace where the Istio components (<=1.1) reside in a typical deployment (default: "istio-system").
	SystemNamespace string

	// The namespace in which kiali, tracing providers, graphana, prometheus are deployed.
	TelemetryNamespace string

	// The IstioOperator spec file to be used for Control plane cluster by default
	PrimaryClusterIOPFile string

	// The IstioOperator spec file to be used for Config cluster by default
	ConfigClusterIOPFile string

	// The IstioOperator spec file to be used for Remote cluster by default
	RemoteClusterIOPFile string

	// The IstioOperator spec file used as the base for all installs
	BaseIOPFile string

	// Override values specifically for the ICP crd
	// This is mostly required for cases where --set cannot be used
	// These values are applied to non-remote clusters
	ControlPlaneValues string

	// Override values specifically for the ICP crd
	// This is mostly required for cases where --set cannot be used
	// These values are only applied to remote clusters
	// Default value will be ControlPlaneValues if no remote values provided
	RemoteClusterValues string

	// Override values specifically for the ICP crd
	// This is mostly required for cases where --set cannot be used
	// These values are only applied to remote config clusters
	// Default value will be ControlPlaneValues if no remote values provided
	ConfigClusterValues string

	// Overrides for the Helm values file.
	Values map[string]string

	// Indicates that the test should deploy Istio into the target Kubernetes cluster before running tests.
	DeployIstio bool

	// Do not wait for the validation webhook before completing the deployment. This is useful for
	// doing deployments without Galley.
	SkipWaitForValidationWebhook bool

	// Indicates that the test should deploy Istio's east west gateway into the target Kubernetes cluster
	// before running tests.
	DeployEastWestGW bool

	// SkipDeployCrossClusterSecrets, if enabled, will skip creation of multi-cluster secrets for cross-cluster discovery.
	SkipDeployCrossClusterSecrets bool

	// DumpKubernetesManifests will cause Kubernetes YAML generated by istioctl install/generate to be dumped to artifacts.
	DumpKubernetesManifests bool

	// IstiodlessRemotes makes remote clusters run without istiod, using webhooks/ca from the primary cluster.
	// TODO we could set this per-cluster if istiod was smarter about patching remotes.
	IstiodlessRemotes bool

	// OperatorOptions overrides default operator configuration.
	OperatorOptions map[string]string

	// EnableCNI indicates the test should have CNI enabled.
	EnableCNI bool

	// custom deployment for ingress and egress gateway on remote clusters.
	GatewayValues string

	// Custom deployment for east-west gateway
	EastWestGatewayValues string

	// IngressGatewayServiceName is the service name to use to reference the ingressgateway
	// This field should only be set when DeployIstio is false
	IngressGatewayServiceName string

	// IngressGatewayServiceNamespace allows overriding the namespace of the ingressgateway service (defaults to SystemNamespace)
	// This field should only be set when DeployIstio is false
	IngressGatewayServiceNamespace string

	// IngressGatewayIstioLabel allows overriding the selector of the ingressgateway service (defaults to istio=ingressgateway)
	// This field should only be set when DeployIstio is false
	IngressGatewayIstioLabel string

	// EgressGatewayServiceName is the service name to use to reference the egressgateway
	// This field should only be set when DeployIstio is false
	EgressGatewayServiceName string

	// EgressGatewayServiceNamespace allows overriding the namespace of the egressgateway service (defaults to SystemNamespace)
	// This field should only be set when DeployIstio is false
	EgressGatewayServiceNamespace string

	// EgressGatewayIstioLabel allows overriding the selector of the egressgateway service (defaults to istio=egressgateway)
	// This field should only be set when DeployIstio is false
	EgressGatewayIstioLabel string

	// SharedMeshConfigName is the name of the user's local ConfigMap to be patched, which the user sets as the SHARED_MESH_CONFIG pilot env variable
	// upon installing Istio.
	// This field should only be set when DeployIstio is false.
	SharedMeshConfigName string
}

Config provide kube-specific Config from flags.

func DefaultConfig

func DefaultConfig(ctx resource.Context) (Config, error)

DefaultConfig creates a new Config from defaults, environments variables, and command-line parameters.

func DefaultConfigOrFail

func DefaultConfigOrFail(t test.Failer, ctx resource.Context) Config

DefaultConfigOrFail calls DefaultConfig and fails t if an error occurs.

func (*Config) IstioOperatorConfigYAML

func (c *Config) IstioOperatorConfigYAML(iopYaml string) string

func (*Config) OverridesYAML

func (c *Config) OverridesYAML(s *resource.Settings) string

func (*Config) String

func (c *Config) String() string

String implements fmt.Stringer

type Instance

type Instance interface {
	resource.Resource

	Settings() Config
	// Ingresses returns all ingresses for "istio-ingressgateway" in each cluster.
	Ingresses() ingress.Instances
	// IngressFor returns an ingress used for reaching workloads in the given cluster.
	// The ingress's service name will be "istio-ingressgateway" and the istio label will be "ingressgateway".
	IngressFor(cluster cluster.Cluster) ingress.Instance
	// EastWestGatewayFor returns an ingress used for east-west traffic and accessing the control plane
	// from outside of the cluster.
	EastWestGatewayFor(cluster cluster.Cluster) ingress.Instance
	// CustomIngressFor returns an ingress with a specific service name and "istio" label used for reaching workloads
	// in the given cluster.
	CustomIngressFor(cluster cluster.Cluster, service types.NamespacedName, istioLabel string) ingress.Instance

	// RemoteDiscoveryAddressFor returns the external address of the discovery server that controls
	// the given cluster. This allows access to the discovery server from
	// outside its cluster.
	RemoteDiscoveryAddressFor(cluster cluster.Cluster) (netip.AddrPort, error)
	// CreateRemoteSecret on the cluster with the given options.
	CreateRemoteSecret(ctx resource.Context, c cluster.Cluster, opts ...string) (string, error)
	// InternalDiscoveryAddressFor returns an internal (port-forwarded) address for an Istiod instance in the
	// cluster.
	InternalDiscoveryAddressFor(cluster cluster.Cluster) (string, error)

	// Return POD IPs for the pod with the specified label in the specified namespace
	PodIPsFor(cluster cluster.Cluster, namespace string, label string) ([]corev1.PodIP, error)

	// MeshConfig used by the Istio installation.
	MeshConfig() (*meshconfig.MeshConfig, error)
	MeshConfigOrFail(test.Failer) *meshconfig.MeshConfig
	// UpdateMeshConfig used by the Istio installation.
	UpdateMeshConfig(resource.Context, func(*meshconfig.MeshConfig) error, cleanup.Strategy) error
	UpdateMeshConfigOrFail(resource.ContextFailer, func(*meshconfig.MeshConfig) error, cleanup.Strategy)
	// PatchMeshConfig with the given patch yaml.
	PatchMeshConfig(resource.Context, string) error
	PatchMeshConfigOrFail(resource.ContextFailer, string)
	UpdateInjectionConfig(resource.Context, func(*inject.Config) error, cleanup.Strategy) error
	InjectionConfig() (*inject.Config, error)
}

Instance represents a deployed Istio instance

func Get

func Get(ctx resource.Context) (Instance, error)

Get returns the Istio component from the context. If there is none an error is returned.

func GetOrFail

func GetOrFail(t resource.ContextFailer) Instance

GetOrFail returns the Istio component from the context. If there is none the test is failed.

type SetupConfigFn

type SetupConfigFn func(ctx resource.Context, cfg *Config)

SetupConfigFn is a setup function that specifies the overrides of the configuration to deploy Istio.

type SetupContextFn

type SetupContextFn func(ctx resource.Context) error

SetupContextFn is a setup function that uses Context for configuration.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL