Skip to content
This repository was archived by the owner on Aug 6, 2021. It is now read-only.

Commit

Permalink
Istio 1.7 support (#30)
Browse files Browse the repository at this point in the history 
* Istio 1.7 support
  • Loading branch information
@pbochynski
pbochynski authored Oct 30, 2020
1 parent 612c2a8 commit 13b8cea
Show file tree
Hide file tree
Showing 8 changed files with 48 additions and 56 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/app-connector-e2e-k3s.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,12 @@ name: Tests on k3s

on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
branches:
- main
schedule:
- cron: '0 * * * *' # every hour

Expand Down
21 changes: 2 additions & 19 deletions config-istio-nodeport.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,27 +1,10 @@
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
addonComponents:
grafana:
enabled: false
istiocoredns:
enabled: false
kiali:
enabled: false
prometheus:
enabled: false
tracing:
enabled: false
components:
citadel:
enabled: false
cni:
enabled: false
egressGateways:
- enabled: false
name: istio-egressgateway
galley:
enabled: false
ingressGateways:
- enabled: true
k8s:
Expand All @@ -44,10 +27,10 @@ spec:
nodePort: 30002
- name: http2
port: 80
targetPort: 80
targetPort: 8080
nodePort: 30000
- name: https
port: 443
targetPort: 443
targetPort: 8443
nodePort: 30001
name: istio-ingressgateway
17 changes: 0 additions & 17 deletions config-istio.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,7 @@
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
addonComponents:
grafana:
enabled: false
istiocoredns:
enabled: false
kiali:
enabled: false
prometheus:
enabled: false
tracing:
enabled: false
components:
citadel:
enabled: false
cni:
enabled: false
egressGateways:
- enabled: false
name: istio-egressgateway
galley:
enabled: false
10 changes: 6 additions & 4 deletions download-kyma-charts.sh
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
curl -s https://codeload.github.com/kyma-project/kyma/zip/master --output kyma-master.zip
unzip -qq kyma-master.zip kyma-master/resources/*
REPO=${1:-kyma-project/kyma}
BRANCH=${2:-master}
curl -s https://codeload.github.com/${REPO}/zip/${BRANCH} --output kyma-src.zip
unzip --qq -d ./tmp kyma-src.zip
rm -rf ./resources
mv kyma-master/resources .
rm -Rf ./kyma-master*
mv ./tmp/*/resources ./
rm -rf ./tmp
15 changes: 13 additions & 2 deletions ingress-dns-cert/templates/certificate.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if eq .Values.global.ingress.domainName "local.kyma.dev" }}
{{- if eq .Values.global.ingress.domainName "local.kyma.dev" }}
---
apiVersion: v1
kind: Secret
Expand All @@ -10,4 +10,15 @@ metadata:
data:
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURQVENDQWlXZ0F3SUJBZ0lSQVByWW0wbGhVdUdkeVNCTHo4d3g5VGd3RFFZSktvWklodmNOQVFFTEJRQXcKTURFVk1CTUdBMVVFQ2hNTVkyVnlkQzF0WVc1aFoyVnlNUmN3RlFZRFZRUURFdzVzYjJOaGJDMXJlVzFoTFdSbApkakFlRncweU1EQTNNamt3T1RJek5UTmFGdzB6TURBM01qY3dPVEl6TlROYU1EQXhGVEFUQmdOVkJBb1RER05sCmNuUXRiV0Z1WVdkbGNqRVhNQlVHQTFVRUF4TU9iRzlqWVd3dGEzbHRZUzFrWlhZd2dnRWlNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDemE4VEV5UjIyTFRKN3A2aXg0M2E3WTVVblovRkNicGNOQkdEbQpxaDRiRGZLcjFvMm1CYldWdUhDbTVBdTBkeHZnbUdyd0tvZzJMY0N1bEd5UXVlK1JLQ0RIVFBJVjdqZEJwZHJhCkNZMXQrNjlJMkJWV0xiblFNVEZmOWw3Vy8yZFFFU0ExZHZQajhMZmlrcEQvUEQ5ekdHR0FQa2hlenVNRU80dUwKaUxXSloyYmpYK1dtaGZXb0lrOG5oak5YNVBFN2l4alMvNnB3QU56eXk2NW95NDJPaHNuYXlDR1grbmhFVk5SRApUejEraEMvdjJaOS9lRG1OdHdjT1hJSk4relZtUTJ4VHh2Sm0rbDUwYzlnenZTY3YzQXg0dUJsOTk3UnVlcUszCmdZMVRmVklFQ0FOTE9hb29jRG5kcW1FY1lBb25SeGJKK0M2U1RJYlhuUVAyMmYxQkFnTUJBQUdqVWpCUU1BNEcKQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBVEFNQmdOVkhSTUJBZjhFQWpBQQpNQnNHQTFVZEVRUVVNQktDRUNvdWJHOWpZV3d1YTNsdFlTNWtaWFl3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCkFBUnVOd0VadW1PK2h0dDBZSWpMN2VmelA3UjllK2U4NzJNVGJjSGtyQVhmT2hvQWF0bkw5cGhaTHhKbVNpa1IKY0tJYkJneDM3RG5ka2dPY3doNURTT2NrdHBsdk9sL2NwMHMwVmFWbjJ6UEk4Szk4L0R0bEU5bVAyMHRLbE90RwpaYWRhdkdrejhXbDFoRzhaNXdteXNJNWlEZHNpajVMUVJ6Rk04YmRGUUJiRGkxbzRvZWhIRTNXbjJjU3NTUFlDCkUxZTdsM00ySTdwQ3daT2lFMDY1THZEeEszWFExVFRMR2oxcy9hYzRNZUxCaXlEN29qb25MQmJNYXRiaVJCOUIKYlBlQS9OUlBaSHR4TDArQ2Nvb1JndmpBNEJMNEtYaFhxZHZzTFpiQWlZc0xTWk0yRHU0ZWZ1Q25SVUh1bW1xNQpVNnNOOUg4WXZxaWI4K3B1c0VpTUttND0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBczJ2RXhNa2R0aTB5ZTZlb3NlTjJ1Mk9WSjJmeFFtNlhEUVJnNXFvZUd3M3lxOWFOCnBnVzFsYmh3cHVRTHRIY2I0SmhxOENxSU5pM0FycFJza0xudmtTZ2d4MHp5RmU0M1FhWGEyZ21OYmZ1dlNOZ1YKVmkyNTBERXhYL1plMXY5blVCRWdOWGJ6NC9DMzRwS1EvencvY3hoaGdENUlYczdqQkR1TGk0aTFpV2RtNDEvbApwb1gxcUNKUEo0WXpWK1R4TzRzWTB2K3FjQURjOHN1dWFNdU5qb2JKMnNnaGwvcDRSRlRVUTA4OWZvUXY3OW1mCmYzZzVqYmNIRGx5Q1RmczFaa05zVThieVp2cGVkSFBZTTcwbkw5d01lTGdaZmZlMGJucWl0NEdOVTMxU0JBZ0QKU3ptcUtIQTUzYXBoSEdBS0owY1d5Zmd1a2t5RzE1MEQ5dG45UVFJREFRQUJBb0lCQUJwVmYvenVFOWxRU3UrUgpUUlpHNzM5VGYybllQTFhtYTI4eXJGSk90N3A2MHBwY0ZGQkEyRVVRWENCeXFqRWpwa2pSdGlobjViUW1CUGphCnVoQ0g2ZHloU2laV2FkWEVNQUlIcU5hRnZtZGRJSDROa1J3aisvak5yNVNKSWFSbXVqQXJRMUgxa3BockZXSkEKNXQwL1o0U3FHRzF0TnN3TGk1QnNlTy9TOGVvbnJ0Q3gzSmxuNXJYdUIzT1hSQnMyVGV6dDNRRlBEMEJDY2c3cgpBbEQrSDN6UjE0ZnBLaFVvb0J4S0VacmFHdmpwVURFeThSSy9FemxaVzBxMDB1b2NhMWR0c0s1V1YxblB2aHZmCjBONGRYaUxuOE5xY1k0c0RTMzdhMWhYV3VJWWpvRndZa0traFc0YS9LeWRKRm5acmlJaDB0ZU81Q0I1ZnpaVnQKWklOYndyMENnWUVBd0gzeksvRTdmeTVpd0tJQnA1M0YrUk9GYmo1a1Y3VUlkY0RIVjFveHhIM2psQzNZUzl0MQo3Wk9UUHJ6eGZ4VlB5TVhnOEQ1clJybkFVQk43cE5xeWxHc3FMOFA1dnZlbVNwOGNKU0REQWN4RFlqeEJLams5CldtOXZnTGpnaERSUFN1Um50QXNxQVVqcWhzNmhHUzQ4WUhMOVI2QlI5dmY2U2xWLzN1NWMvTXNDZ1lFQTdwM1UKRDBxcGNlM1liaiszZmppVWFjcTRGcG9rQmp1MTFVTGNvREUydmZFZUtEQldsM3BJaFNGaHYvbnVqaUg2WWJpWApuYmxKNVRlSnI5RzBGWEtwcHNLWW9vVHFkVDlKcFp2QWZGUzc2blZZaUJvMHR3VzhwMGVCS3QyaUFyejRYRmxUCnpRSnNOS1dsRzBzdGJmSzNqdUNzaWJjYTBUd09lbTdSdjdHV0dLTUNnWUJjZmFoVVd1c2RweW9vS1MvbVhEYisKQVZWQnJaVUZWNlVpLzJoSkhydC9FSVpEY3V2Vk56UW8zWm9Jc1R6UXRXcktxOW56VmVxeDV4cnkzd213SXExZwpCMFlVQVhTRlAvV1ZNWEtTbkhWVzdkRUs2S3pmSHZYTitIRjVSbHdLNmgrWGVyd2hsS093VGxyeVAyTEUrS1JtCks1cHJ5aXJZSWpzUGNKbXFncG9IbFFLQmdCVWVFcTVueFNjNERYZDBYQ0Rua1BycjNlN2lKVjRIMnNmTTZ3bWkKVVYzdUFPVTlvZXcxL2tVSjkwU3VNZGFTV3o1YXY5Qk5uYVNUamJQcHN5NVN2NERxcCtkNksrWEVmQmdUK0swSQpNcmxGT1ZpU09TZ1pjZUM4QzBwbjR2YXJFcS9abC9rRXhkN0M2aUhJUFhVRmpna3ZDUllIQm5DT0NCbjl4TUphClRSWlJBb0dBWS9QYSswMFo1MHYrUU40cVhlRHFrS2FLZU80OFUzOHUvQUJMeGFMNHkrZkJpUStuaXh5ZFUzOCsKYndBR3JtMzUvSU5VRTlkWE44d21XRUlXVUZ3YVR2dHY5NXBpcWNKL25QZkFiY2pDeU8wU3BJWCtUYnFRSkljbgpTVjlrKzhWUFNiRUJ5YXRKVTdIQ3FaNUNTWEZuUnRNanliaWNYYUFKSWtBQm4zVjJ3OFk9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
{{ end }}
{{- end }}

{{- if .Values.global.environment.gardener }}
apiVersion: cert.gardener.cloud/v1alpha1
kind: Certificate
metadata:
name: kyma-gateway-cert
namespace: istio-system
spec:
commonName: "*.{{ .Values.global.ingress.domainName }}"
secretName: "kyma-gateway-certs"
{{- end }}
6 changes: 3 additions & 3 deletions install-istio.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
set -e

# Instal istio
if [[ ! -f istio-1.5.10/bin/istioctl ]]; then
curl -sL https://istio.io/downloadIstio | ISTIO_VERSION=1.5.10 sh -
if [[ ! -f istio-1.7.4/bin/istioctl ]]; then
curl -sL https://istio.io/downloadIstio | ISTIO_VERSION=1.7.4 sh -
fi
istio-1.5.10/bin/istioctl manifest apply --set profile=demo $@
istio-1.7.4/bin/istioctl install --set profile=demo $@
6 changes: 6 additions & 0 deletions install-kyma-gardener.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
export KYMA_DOMAIN=$(kubectl get cm shoot-info -n kube-system -ojsonpath='{.data.domain}')
export REGISTRY_VALUES="dockerRegistry.enableInternal=true"
export REGISTRY_IP=127.0.0.1
export GARDENER=true

./install-kyma.sh
25 changes: 14 additions & 11 deletions install-kyma.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,14 @@
set -o errexit

SECONDS=0
export DOMAIN=local.kyma.dev
export OVERRIDES=global.isLocalEnv=false,global.ingress.domainName=$DOMAIN,global.environment.gardener=false,global.domainName=$DOMAIN,global.tlsCrt=ZHVtbXkK
GARDENER=${GARDENER:-false}
export DOMAIN=${KYMA_DOMAIN:-local.kyma.dev}
export OVERRIDES=global.isLocalEnv=false,global.ingress.domainName=$DOMAIN,global.environment.gardener=$GARDENER,global.domainName=$DOMAIN,global.tlsCrt=ZHVtbXkK
export ORY=global.ory.hydra.persistence.enabled=false,global.ory.hydra.persistence.postgresql.enabled=false,hydra.hydra.autoMigrate=false,hydra.deployment.resources.requests.cpu=10m,oathkeeper.deployment.resources.requests.cpu=10m
# export REGISTRY_VALUES="dockerRegistry.username=$REGISTRY_USER,dockerRegistry.password=$REGISTRY_PASS,dockerRegistry.enableInternal=false,dockerRegistry.serverAddress=ghcr.io,dockerRegistry.registryAddress=ghcr.io/$REGISTRY_USER"
export REGISTRY_VALUES="dockerRegistry.enableInternal=false,dockerRegistry.serverAddress=registry.localhost:5000,dockerRegistry.registryAddress=registry.localhost:5000"
if [[ -z $REGISTRY_VALUES ]]; then
export REGISTRY_VALUES="dockerRegistry.enableInternal=false,dockerRegistry.serverAddress=registry.localhost:5000,dockerRegistry.registryAddress=registry.localhost:5000"
fi

# Wait until number of background jobs is less than $1, try every $2 second(s)
function waitForJobs() {
Expand Down Expand Up @@ -45,8 +48,8 @@ set +e
rm resources/core/charts/gateway/templates/kyma-gateway-certs.yaml

# apiserver-proxy dependencies are not required (cannot be disabled by values yet):
rm resources/apiserver-proxy/requirements.yaml
rm -R resources/apiserver-proxy/charts
# rm resources/apiserver-proxy/requirements.yaml
# rm -R resources/apiserver-proxy/charts

set -e

Expand Down Expand Up @@ -94,23 +97,23 @@ kubectl -n kube-system patch cm coredns --patch "$(cat coredns-patch.yaml)"
kubectl apply -f resources/cluster-essentials/files -n kyma-system
helm_install pod-preset resources/cluster-essentials/charts/pod-preset kyma-system
helm_install testing resources/testing kyma-system

helm_install ingress-dns-cert ingress-dns-cert istio-system --set $OVERRIDES &
helm_install ingress-dns-cert ingress-dns-cert istio-system --set global.ingress.domainName=$DOMAIN,global.environment.gardener=$GARDENER &

helm_install dex resources/dex kyma-system --set $OVERRIDES --set resources.requests.cpu=10m &
helm_install ory resources/ory kyma-system --set $OVERRIDES --set $ORY &
helm_install api-gateway resources/api-gateway kyma-system --set $OVERRIDES --set deployment.resources.requests.cpu=10m &

helm_install rafter resources/rafter kyma-system --set $OVERRIDES &

helm_install service-catalog resources/service-catalog kyma-system --set $OVERRIDES --set catalog.webhook.resources.requests.cpu=10m,catalog.controllerManager.resources.requests.cpu=10m &
helm_install service-catalog-addons resources/service-catalog-addons kyma-system --set $OVERRIDES &
helm_install helm-broker resources/helm-broker kyma-system --set $OVERRIDES &
# helm_install helm-broker resources/helm-broker kyma-system --set $OVERRIDES &

helm_install core resources/core kyma-system --set $OVERRIDES&
helm_install core resources/core kyma-system --set $OVERRIDES &
helm_install console resources/console kyma-system --set $OVERRIDES &
helm_install cluster-users resources/cluster-users kyma-system --set $OVERRIDES &
helm_install apiserver-proxy resources/apiserver-proxy kyma-system --set $OVERRIDES &
helm_install serverless resources/serverless kyma-system --set $REGISTRY_VALUES &
# helm_install apiserver-proxy resources/apiserver-proxy kyma-system --set $OVERRIDES &
helm_install serverless resources/serverless kyma-system --set $REGISTRY_VALUES,global.ingress.domainName=$DOMAIN &
helm_install logging resources/logging kyma-system --set $OVERRIDES &
helm_install tracing resources/tracing kyma-system --set $OVERRIDES &

Expand Down

0 comments on commit 13b8cea

Please sign in to comment.