Skip to content

Commit 8921d2c

Browse files
linsunlinsun
authored
some update to this page (istio#25374)
* some update to this page there is probably more to update * address morven's comment * avoid using same ns for gateway and operator
1 parent f9457c2 commit 8921d2c

File tree

1 file changed

+25
-23
lines changed

1 file changed

+25
-23
lines changed

operator/ARCHITECTURE.md

Lines changed: 25 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -56,17 +56,15 @@ The available features and the components that comprise each feature are as foll
5656

5757
| Feature | Components |
5858
|---------|------------|
59-
Base | CRDs
59+
CRDs, and other cluster wide configs | Base
6060
Traffic Management | Pilot
61-
Policy | Policy
62-
Telemetry | Telemetry
63-
Security | Citadel
64-
Security | Node agent
65-
Security | Cert manager
66-
Configuration management | Galley
61+
Security | Pilot
62+
Configuration management | Pilot
63+
AutoInjection | Pilot
6764
Gateways | Ingress gateway
6865
Gateways | Egress gateway
69-
AutoInjection | Sidecar injector
66+
Policy | Policy (deprecated)
67+
Telemetry | Telemetry (deprecated)
7068

7169
Features and components are defined in the
7270
[name](https://github.com/istio/operator/blob/e9097258cb4fbe59648e7da663cdad6f16927b8f/pkg/name/name.go#L44) package.
@@ -93,24 +91,27 @@ namespace is defined as:
9391
defaultNamespace: istio-system
9492
```
9593
96-
and namespaces are specialized for the security feature and one of the components:
94+
and namespaces are specialized for the gateway feature and its components:
9795
9896
```yaml
99-
security:
97+
apiVersion: install.istio.io/v1alpha1
98+
kind: IstioOperator
99+
metadata:
100+
namespace: istio-operator
101+
spec:
100102
components:
101-
namespace: istio-security
102-
citadel:
103-
policy:
104-
components:
105-
policy:
103+
ingressGateways:
104+
- name: istio-ingressgateway
105+
enabled: true
106+
namespace: istio-gateways
106107
```
107108
108109
the resulting namespaces will be:
109110
110111
| Component | Namespace |
111112
| --------- | :-------- |
112-
policy | istio-system
113-
citadel | istio-security
113+
ingressGateways | istio-gateways
114+
114115
These rules are expressed in code in the
115116
[name](https://github.com/istio/operator/blob/e9097258cb4fbe59648e7da663cdad6f16927b8f/pkg/name/name.go#L246) package.
116117
@@ -121,14 +122,15 @@ components are disabled, regardless of their component-level enablement. If a fe
121122
are enabled, unless they are individually disabled. For example:
122123
123124
```yaml
124-
security:
125-
enabled: true
126-
components:
127-
citadel:
128-
enabled: false
125+
telemetry:
126+
enabled: true
127+
v1:
128+
enabled: false
129+
v2:
130+
enabled: true
129131
```
130132
131-
will enable all components of the security feature except citadel.
133+
will enable telemetry v2 but disable telemetry v1.
132134
133135
These rules are expressed in code in the
134136
[name](https://github.com/istio/operator/blob/e9097258cb4fbe59648e7da663cdad6f16927b8f/pkg/name/name.go#L131) package.

0 commit comments

Comments
 (0)