Skip to content

Commit a333a46

Browse files
andraxyliaandraxylia
committed
Merge branch 'master' into fix_503
2 parents 8fbb5d1 + 25fd341 commit a333a46

File tree

16 files changed

+369
-189
lines changed

16 files changed

+369
-189
lines changed

.circleci/config.yml

Lines changed: 56 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -52,16 +52,28 @@ jobs:
5252
# Should only happen when re-running a job, and the workspace is gone
5353
time make build test-bins
5454
fi
55-
make docker.tag generate_yaml
55+
make docker.all generate_yaml
5656
- run: bin/testEnvRootMinikube.sh wait
5757
- run: docker images
58-
- run: PATH=$GOPATH/bin:$PATH make e2e_simple_run E2E_ARGS="--skip_cleanup -use_local_cluster -cluster_wide -test.v"
58+
- run: make test/minikube/noauth/e2e_simple
59+
- run:
60+
name: dumpsys
61+
when: always
62+
command: |
63+
mkdir -p /go/out/logs
64+
# TODO: move to a make target 'dumpsys'.
65+
kubectl get all -o wide --all-namespaces
66+
kubectl cluster-info dump > /go/out/logs/cluster-info.dump.txt
67+
kubectl describe pods -n istio-system > /go/out/logs/pods-system.txt
68+
/go/bin/go-junit-report </go/out/tests/test-report-noauth-simple.raw > /go/out/tests/test-report-noauth-simple.xml
5969
- store_artifacts:
6070
path: /home/circleci/logs
6171
- store_artifacts:
6272
path: /tmp
6373
- store_artifacts:
6474
path: /var/lib/localkube/
75+
- store_test_results:
76+
path: /go/out/tests
6577

6678
e2e-dashboard:
6779
<<: *integrationDefaults
@@ -90,7 +102,7 @@ jobs:
90102
# Should only happen when re-running a job, and the workspace is gone
91103
time make build test-bins
92104
fi
93-
make docker.tag generate_yaml
105+
make docker.all generate_yaml
94106
- run: bin/testEnvRootMinikube.sh wait
95107
- run: docker images
96108
- run: PATH=$GOPATH/bin:$PATH make e2e_dashboard E2E_ARGS="--skip_cleanup -use_local_cluster -test.v"
@@ -128,7 +140,7 @@ jobs:
128140
# Should only happen when re-running a job, and the workspace is gone
129141
time make build test-bins
130142
fi
131-
make docker.tag generate_yaml
143+
make docker.all generate_yaml
132144
- run: bin/testEnvRootMinikube.sh wait
133145
- run: docker images
134146
- run:
@@ -167,7 +179,7 @@ jobs:
167179
# Should only happen when re-running a job, and the workspace is gone
168180
time make build test-bins
169181
fi
170-
make docker.tag generate_yaml
182+
make docker.all generate_yaml
171183
- run: bin/testEnvRootMinikube.sh wait
172184
- run: docker images
173185
- run:
@@ -208,25 +220,20 @@ jobs:
208220
# Should only happen when re-running a job, and the workspace is gone
209221
time make build test-bins
210222
fi
211-
make docker.tag generate_yaml
223+
make docker.all generate_yaml
212224
- run: bin/testEnvRootMinikube.sh wait
213225
- run: docker images
214-
- run:
215-
command: |
216-
mkdir -p /go/out/tests
217-
#trap "go-junit-report </go/out/tests/go-test-report.out > /go/out/tests/go-test-report.xml" EXIT
218-
# Run the tests in env similar with recommended setup.
219-
make test/minikube/auth/e2e_pilot HUB="${HUB}" TAG="${TAG}" \
220-
| tee -a /go/out/tests/go-test-report.out
226+
- run: make test/minikube/noauth/e2e_pilot HUB="${HUB}" TAG="${TAG}"
221227
- run:
222228
name: dumpsys
223229
when: always
224230
command: |
225231
# TODO: move to a make target 'dumpsys'.
226232
kubectl get all -o wide --all-namespaces
227233
kubectl cluster-info dump > /go/out/logs/cluster-info.dump.txt
228-
kubectl describe pods -n istio-system > /go/out/logs/pods-system.txt
229-
kubectl describe pods -n istio-test > /go/out/logs/pods-test.txt
234+
kubectl describe pods -n pilot-noauth-system > /go/out/logs/pods-system.txt
235+
kubectl describe pods -n pilot-noauth > /go/out/logs/pods-test.txt
236+
/go/bin/go-junit-report </go/out/tests/test-report-noauth-pilot.raw > /go/out/tests/test-report-noauth-pilot.xml
230237
- store_artifacts:
231238
path: /go/out/tests
232239
- store_artifacts:
@@ -237,7 +244,7 @@ jobs:
237244
path: /go/out/tests
238245

239246

240-
e2e-pilot-noauth:
247+
e2e-pilot-auth:
241248
<<: *integrationDefaults
242249
environment:
243250
- GOPATH: /go
@@ -264,12 +271,30 @@ jobs:
264271
# Should only happen when re-running a job, and the workspace is gone
265272
time make build test-bins
266273
fi
267-
make docker.tag generate_yaml
274+
make docker.all generate_yaml
268275
- run: bin/testEnvRootMinikube.sh wait
269276
- run: docker images
270-
- run: make e2e_pilot HUB="${HUB}" TAG="${TAG}" TESTOPTS="--skip-cleanup -mixer=true -auth_enable=false -errorlogsdir=/home/circleci/logs -use-sidecar-injector=false --core-files-dir=/home/circleci/logs"
277+
- run: make test/minikube/auth/e2e_pilot HUB="${HUB}" TAG="${TAG}"
278+
- run: make test/minikube/auth/e2e_pilot_alpha1 HUB="${HUB}" TAG="${TAG}"
279+
- run:
280+
name: dumpsys
281+
when: always
282+
command: |
283+
# TODO: move to a make target 'dumpsys'.
284+
kubectl get all -o wide --all-namespaces
285+
kubectl cluster-info dump > /go/out/logs/cluster-info.dump.txt
286+
kubectl describe pods -n pilot-auth > /go/out/logs/pods-system.txt
287+
kubectl describe pods -n pilot-auth-system > /go/out/logs/pods-test.txt
288+
/go/bin/go-junit-report </go/out/tests/test-report-auth-pilot.raw > /go/out/tests/test-report-auth-pilot.xml
289+
/go/bin/go-junit-report </go/out/tests/test-report-auth-pilot-v1.raw > /go/out/tests/test-report-auth-pilot-v1.xml
271290
- store_artifacts:
272-
path: /home/circleci/logs
291+
path: /go/out/tests
292+
- store_artifacts:
293+
path: /go/out/logs
294+
- store_artifacts:
295+
path: /tmp
296+
- store_test_results:
297+
path: /go/out/tests
273298

274299
e2e-pilot-v1alpha1-and-v1alpha3:
275300
<<: *integrationDefaults
@@ -300,7 +325,7 @@ jobs:
300325
# Should only happen when re-running a job, and the workspace is gone
301326
time make build test-bins
302327
fi
303-
make docker.tag generate_yaml
328+
make docker.all generate_yaml
304329
- run: bin/testEnvRootMinikube.sh wait
305330
- run: docker images
306331
- run: make e2e_pilot HUB="${HUB}" TAG="${TAG}" TESTOPTS="--skip-cleanup -mixer=true -auth_enable=true -v1alpha3=true -v1alpha1=true -errorlogsdir=/home/circleci/logs -use-sidecar-injector=false --core-files-dir=/home/circleci/logs"
@@ -445,7 +470,7 @@ jobs:
445470
- run:
446471
command: |
447472
cd /go/src/istio.io/istio
448-
make build test-bins
473+
make build test-bins /go/bin/go-junit-report
449474
- persist_to_workspace:
450475
root: /go
451476
paths:
@@ -481,7 +506,7 @@ jobs:
481506
# paths:
482507
# - /go/pkg
483508

484-
docker-push:
509+
nightly:
485510
<<: *defaults
486511
resource_class: xlarge
487512
environment:
@@ -491,12 +516,14 @@ jobs:
491516
at: /go
492517
- setup_remote_docker:
493518
docker_layer_caching: true
519+
- run: make istio-archive
494520
- run:
495521
command: |
496522
if [ ! -z "${DOCKER_USER}" ] ; then
497523
echo "Pushing docker images"
498524
docker login -u ${DOCKER_USER} -p ${DOCKER_PASS}
499-
make docker push
525+
# The xenail debug image is built first, will be used in the next steps
526+
make docker.push.basedebug docker.all push
500527
fi
501528
502529
goxbuild:
@@ -551,7 +578,7 @@ workflows:
551578
- e2e-pilot:
552579
requires:
553580
- test
554-
- e2e-pilot-noauth:
581+
- e2e-pilot-auth:
555582
requires:
556583
- test
557584
- benchcheck:
@@ -561,13 +588,13 @@ workflows:
561588
- goxbuild:
562589
requires:
563590
- test
564-
# Push to dockerhub
565-
- docker-push:
591+
# Nightly release
592+
- nightly:
566593
context: org-global
567594
requires:
568595
- e2e-simple
569596
- e2e-pilot
570-
- e2e-pilot-noauth
597+
- e2e-pilot-auth
571598

572599
periodic:
573600
triggers:
@@ -598,7 +625,7 @@ workflows:
598625
- e2e-pilot-v1alpha1-and-v1alpha3:
599626
requires:
600627
- build
601-
- e2e-pilot-noauth:
628+
- e2e-pilot-auth:
602629
requires:
603630
- build
604631
- benchcheck:
@@ -644,7 +671,7 @@ workflows:
644671
- e2e-pilot:
645672
requires:
646673
- build
647-
- e2e-pilot-noauth:
674+
- e2e-pilot-auth:
648675
requires:
649676
- build
650677
- e2e-simple:

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -341,6 +341,7 @@ $(SECURITY_GO_BINS):
341341
bin/gobuild.sh $@ istio.io/istio/pkg/version ./security/cmd/$(@F)
342342

343343
.PHONY: build
344+
# Build will rebuild the go binaries.
344345
build: depend $(PILOT_GO_BINS_SHORT) mixc mixs node_agent istio_ca flexvolume multicluster_ca istioctl
345346

346347
# The following are convenience aliases for most of the go targets

docker/Dockerfile.xenial_debug

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
FROM ubuntu:xenial
2+
# Base image for debug builds.
3+
# Built manually uploaded as "istionightly/base_debug"
4+
5+
# Do not add more stuff to this list that isn't small or critically useful.
6+
# If you occasionally need something on the container do
7+
# sudo apt-get update && apt-get whichever
8+
RUN apt-get update && \
9+
apt-get install --no-install-recommends -y \
10+
curl \
11+
iptables \
12+
iproute2 \
13+
iputils-ping \
14+
dnsutils \
15+
netcat \
16+
tcpdump \
17+
net-tools \
18+
libc6-dbg gdb \
19+
elvis-tiny \
20+
lsof \
21+
busybox \
22+
sudo && apt-get upgrade -y && \
23+
rm -rf /var/lib/apt/lists/*
24+

pilot/docker/Dockerfile.proxy_debug

Lines changed: 2 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,14 @@
1-
FROM ubuntu:xenial
2-
# Do not add more stuff to this list that isn't small or critically useful.
3-
# If you occasionally need something on the container do
4-
# sudo apt-get update && apt-get whichever
5-
RUN apt-get update && \
6-
apt-get install --no-install-recommends -y \
7-
curl \
8-
iptables \
9-
iproute2 \
10-
iputils-ping \
11-
dnsutils \
12-
netcat \
13-
tcpdump \
14-
net-tools \
15-
libc6-dbg gdb \
16-
elvis-tiny \
17-
lsof \
18-
busybox \
19-
sudo && \
20-
rm -rf /var/lib/apt/lists/*
1+
FROM istionightly/base_debug
212

223
# Install Envoy.
23-
ADD envoy-debug /usr/local/bin/envoy
4+
ADD envoy /usr/local/bin/envoy
245

256
ADD pilot-agent /usr/local/bin/pilot-agent
267

278
COPY envoy_pilot.json /etc/istio/proxy/envoy_pilot.json
289
COPY envoy_pilot_auth.json /etc/istio/proxy/envoy_pilot_auth.json
2910
COPY envoy_mixer.json /etc/istio/proxy/envoy_mixer.json
3011
COPY envoy_mixer_auth.json /etc/istio/proxy/envoy_mixer_auth.json
31-
# Use the same file as the deb file.
3212
COPY envoy_bootstrap_tmpl.json /var/lib/istio/envoy/envoy_bootstrap_tmpl.json
3313

3414
# Sudoers used to allow tcpdump and other debug utilities.

pilot/pkg/bootstrap/server.go

Lines changed: 39 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@ import (
3333
multierror "github.com/hashicorp/go-multierror"
3434
// TODO(nmittler): Remove this
3535
_ "github.com/golang/glog"
36+
"k8s.io/api/core/v1"
37+
meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
3638
"k8s.io/client-go/kubernetes"
3739

3840
meshconfig "istio.io/api/mesh/v1alpha1"
@@ -72,6 +74,8 @@ const (
7274
EurekaRegistry ServiceRegistry = "Eureka"
7375
// CloudFoundryRegistry environment flag
7476
CloudFoundryRegistry ServiceRegistry = "CloudFoundry"
77+
// ConfigMapKey should match the expected MeshConfig file name
78+
ConfigMapKey = "mesh"
7579
)
7680

7781
var (
@@ -215,15 +219,15 @@ func NewServer(args PilotArgs) (*Server, error) {
215219
if err := s.initMonitor(&args); err != nil {
216220
return nil, err
217221
}
218-
if err := s.initMesh(&args); err != nil {
219-
return nil, err
220-
}
221222
if err := s.initClusterRegistries(&args); err != nil {
222223
return nil, err
223224
}
224225
if err := s.initKubeClient(&args); err != nil {
225226
return nil, err
226227
}
228+
if err := s.initMesh(&args); err != nil {
229+
return nil, err
230+
}
227231
if err := s.initAdmissionController(&args); err != nil {
228232
return nil, err
229233
}
@@ -288,6 +292,33 @@ func (s *Server) initClusterRegistries(args *PilotArgs) (err error) {
288292
return err
289293
}
290294

295+
// GetMeshConfig fetches the ProxyMesh configuration from Kubernetes ConfigMap.
296+
func GetMeshConfig(kube kubernetes.Interface, namespace, name string) (*v1.ConfigMap, *meshconfig.MeshConfig, error) {
297+
298+
if kube == nil {
299+
defaultMesh := model.DefaultMeshConfig()
300+
return nil, &defaultMesh, nil
301+
}
302+
303+
config, err := kube.CoreV1().ConfigMaps(namespace).Get(name, meta_v1.GetOptions{})
304+
if err != nil {
305+
return nil, nil, err
306+
}
307+
308+
// values in the data are strings, while proto might use a different data type.
309+
// therefore, we have to get a value by a key
310+
cfgYaml, exists := config.Data[ConfigMapKey]
311+
if !exists {
312+
return nil, nil, fmt.Errorf("missing configuration map key %q", ConfigMapKey)
313+
}
314+
315+
mesh, err := model.ApplyMeshConfigDefaults(cfgYaml)
316+
if err != nil {
317+
return nil, nil, err
318+
}
319+
return config, mesh, nil
320+
}
321+
291322
// initMesh creates the mesh in the pilotConfig from the input arguments.
292323
func (s *Server) initMesh(args *PilotArgs) error {
293324
// If a config file was specified, use it.
@@ -302,9 +333,12 @@ func (s *Server) initMesh(args *PilotArgs) error {
302333
}
303334

304335
if mesh == nil {
336+
var err error
305337
// Config file either wasn't specified or failed to load - use a default mesh.
306-
defaultMesh := model.DefaultMeshConfig()
307-
mesh = &defaultMesh
338+
if _, mesh, err = GetMeshConfig(s.kubeClient, kube.IstioNamespace, kube.IstioConfigMap); err != nil {
339+
log.Warnf("failed to read mesh configuration: %v", err)
340+
return err
341+
}
308342

309343
// Allow some overrides for testing purposes.
310344
if args.Mesh.MixerAddress != "" {

pilot/pkg/serviceregistry/kube/controller.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,8 @@ const (
3838
NodeZoneLabel = "failure-domain.beta.kubernetes.io/zone"
3939
// IstioNamespace used by default for Istio cluster-wide installation
4040
IstioNamespace = "istio-system"
41+
// IstioConfigMap is used by default
42+
IstioConfigMap = "istio"
4143
)
4244

4345
// ControllerOptions stores the configurable attributes of a Controller.

0 commit comments

Comments
 (0)