From 05050c950a9ea3b2e32c3b2c7c290f540f2684bf Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:30:15 +0200 Subject: [PATCH 1/7] Add missing fields to Istio destination rule - add ConsecutiveGatewayErrors, Consecutive5xxErrors and MinHealthPercent to OutlierDetection - add H2UpgradePolicy and IdleTimeout to ConnectionPool HTTPSettings --- pkg/apis/istio/v1alpha3/destination_rule.go | 58 +++++++++++++++++-- .../istio/v1alpha3/zz_generated.deepcopy.go | 14 ++++- 2 files changed, 66 insertions(+), 6 deletions(-) diff --git a/pkg/apis/istio/v1alpha3/destination_rule.go b/pkg/apis/istio/v1alpha3/destination_rule.go index 7f6de37af..5d76c3de2 100644 --- a/pkg/apis/istio/v1alpha3/destination_rule.go +++ b/pkg/apis/istio/v1alpha3/destination_rule.go @@ -351,19 +351,31 @@ type TCPSettings struct { // Settings applicable to HTTP1.1/HTTP2/GRPC connections. type HTTPSettings struct { - // Maximum number of pending HTTP requests to a destination. Default 1024. + // Specify if http1.1 connection should be upgraded to http2 for the associated destination. + // DEFAULT - Use the global default. + // DO_NOT_UPGRADE - Do not upgrade the connection to http2. + // UPGRADE - Upgrade the connection to http2. + H2UpgradePolicy string `json:"h2UpgradePolicy,omitempty"` + + // Maximum number of pending HTTP requests to a destination. Default 2^32-1. HTTP1MaxPendingRequests int32 `json:"http1MaxPendingRequests,omitempty"` - // Maximum number of requests to a backend. Default 1024. + // Maximum number of requests to a backend. Default 2^32-1. HTTP2MaxRequests int32 `json:"http2MaxRequests,omitempty"` // Maximum number of requests per connection to a backend. Setting this - // parameter to 1 disables keep alive. + // parameter to 1 disables keep alive. Default 0, meaning "unlimited", + // up to 2^29. MaxRequestsPerConnection int32 `json:"maxRequestsPerConnection,omitempty"` // Maximum number of retries that can be outstanding to all hosts in a - // cluster at a given time. Defaults to 3. + // cluster at a given time. Defaults to 2^32-1. MaxRetries int32 `json:"maxRetries,omitempty"` + + // The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in which there are no active requests. + // If not set, the default is 1 hour. When the idle timeout is reached the connection will be closed. + // Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. Applies to both HTTP1.1 and HTTP2 connections. + IdleTimeout string `json:"idleTimeout,omitempty"` } // A Circuit breaker implementation that tracks the status of each @@ -407,6 +419,35 @@ type OutlierDetection struct { // connection error/failure events qualify as an error. ConsecutiveErrors int32 `json:"consecutiveErrors,omitempty"` + // Number of gateway errors before a host is ejected from the connection pool. + // When the upstream host is accessed over HTTP, a 502, 503, or 504 return + // code qualifies as a gateway error. When the upstream host is accessed over + // an opaque TCP connection, connect timeouts and connection error/failure + // events qualify as a gateway error. + // This feature is disabled by default or when set to the value 0. + // + // Note that consecutive_gateway_errors and consecutive_5xx_errors can be + // used separately or together. Because the errors counted by + // consecutive_gateway_errors are also included in consecutive_5xx_errors, + // if the value of consecutive_gateway_errors is greater than or equal to + // the value of consecutive_5xx_errors, consecutive_gateway_errors will have + // no effect. + ConsecutiveGatewayErrors *uint32 `json:"consecutiveGatewayErrors,omitempty"` + + // Number of 5xx errors before a host is ejected from the connection pool. + // When the upstream host is accessed over an opaque TCP connection, connect + // timeouts, connection error/failure and request failure events qualify as a + // 5xx error. + // This feature defaults to 5 but can be disabled by setting the value to 0. + // + // Note that consecutive_gateway_errors and consecutive_5xx_errors can be + // used separately or together. Because the errors counted by + // consecutive_gateway_errors are also included in consecutive_5xx_errors, + // if the value of consecutive_gateway_errors is greater than or equal to + // the value of consecutive_5xx_errors, consecutive_gateway_errors will have + // no effect. + Consecutive5xxErrors *uint32 `json:"consecutive5xxErrors,omitempty"` + // Time interval between ejection sweep analysis. format: // 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s. Interval string `json:"interval,omitempty"` @@ -421,6 +462,15 @@ type OutlierDetection struct { // Maximum % of hosts in the load balancing pool for the upstream // service that can be ejected. Defaults to 10%. MaxEjectionPercent int32 `json:"maxEjectionPercent,omitempty"` + + // Outlier detection will be enabled as long as the associated load balancing + // pool has at least min_health_percent hosts in healthy mode. When the + // percentage of healthy hosts in the load balancing pool drops below this + // threshold, outlier detection will be disabled and the proxy will load balance + // across all hosts in the pool (healthy and unhealthy). The threshold can be + // disabled by setting it to 0%. The default is 0% as it's not typically + // applicable in k8s environments with few pods per service. + MinHealthPercent int32 `json:"minHealthPercent,omitempty"` } // SSL/TLS related settings for upstream connections. See Envoy's [TLS diff --git a/pkg/apis/istio/v1alpha3/zz_generated.deepcopy.go b/pkg/apis/istio/v1alpha3/zz_generated.deepcopy.go index 86f585a36..3f7fa490e 100644 --- a/pkg/apis/istio/v1alpha3/zz_generated.deepcopy.go +++ b/pkg/apis/istio/v1alpha3/zz_generated.deepcopy.go @@ -619,6 +619,16 @@ func (in *LoadBalancerSettings) DeepCopy() *LoadBalancerSettings { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OutlierDetection) DeepCopyInto(out *OutlierDetection) { *out = *in + if in.ConsecutiveGatewayErrors != nil { + in, out := &in.ConsecutiveGatewayErrors, &out.ConsecutiveGatewayErrors + *out = new(uint32) + **out = **in + } + if in.Consecutive5xxErrors != nil { + in, out := &in.Consecutive5xxErrors, &out.Consecutive5xxErrors + *out = new(uint32) + **out = **in + } return } @@ -665,7 +675,7 @@ func (in *PortTrafficPolicy) DeepCopyInto(out *PortTrafficPolicy) { if in.OutlierDetection != nil { in, out := &in.OutlierDetection, &out.OutlierDetection *out = new(OutlierDetection) - **out = **in + (*in).DeepCopyInto(*out) } if in.TLS != nil { in, out := &in.TLS, &out.TLS @@ -790,7 +800,7 @@ func (in *TrafficPolicy) DeepCopyInto(out *TrafficPolicy) { if in.OutlierDetection != nil { in, out := &in.OutlierDetection, &out.OutlierDetection *out = new(OutlierDetection) - **out = **in + (*in).DeepCopyInto(*out) } if in.TLS != nil { in, out := &in.TLS, &out.TLS From acce3a9c13a68d1edf07f206711be5210e3d843b Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:31:59 +0200 Subject: [PATCH 2/7] Add Istio traffic policy validation schema to CRD --- artifacts/flagger/crd.yaml | 245 ++++++++++++++++++++++++++++++------- 1 file changed, 203 insertions(+), 42 deletions(-) diff --git a/artifacts/flagger/crd.yaml b/artifacts/flagger/crd.yaml index 5bbd94def..2b6269a8c 100644 --- a/artifacts/flagger/crd.yaml +++ b/artifacts/flagger/crd.yaml @@ -155,42 +155,6 @@ spec: type: array items: type: string - trafficPolicy: - description: Istio mTLS traffic policy - type: object - properties: - tls: - description: TLS related settings for connections to the upstream service - type: object - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server - during TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array match: description: URI match conditions type: array @@ -279,8 +243,13 @@ spec: type: string type: object type: object + gateways: + description: The list of Istio gateway for this virtual service + type: array + items: + type: string corsPolicy: - description: Cross-Origin Resource Sharing policy (CORS) + description: Istio Cross-Origin Resource Sharing policy (CORS) type: object properties: allowCredentials: @@ -332,11 +301,203 @@ spec: type: array maxAge: type: string - gateways: - description: The list of Istio gateway for this virtual service - type: array - items: - type: string + trafficPolicy: + description: Istio traffic policy + type: object + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + type: object + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + loadBalancer: + description: Settings controlling the load balancer algorithms. + type: object + oneOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to traffic + distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + outlierDetection: + description: Settings controlling eviction of unhealthy hosts from the load balancing pool. + type: object + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host is + ejected from the connection pool. + format: int32 + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + tls: + description: Istio TLS related settings for connections to the upstream service + type: object + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array skipAnalysis: description: Skip analysis and promote canary type: boolean From 57b1732b678264de84c221e67aeb09987336e242 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:34:18 +0200 Subject: [PATCH 3/7] Add crds dir to Helm chart Allow installing the CRDs with Helm v3 --- charts/flagger/crds/crd.yaml | 813 ++++++++++++++++++++++++++++++ charts/flagger/templates/crd.yaml | 658 +----------------------- 2 files changed, 818 insertions(+), 653 deletions(-) create mode 100644 charts/flagger/crds/crd.yaml diff --git a/charts/flagger/crds/crd.yaml b/charts/flagger/crds/crd.yaml new file mode 100644 index 000000000..2b6269a8c --- /dev/null +++ b/charts/flagger/crds/crd.yaml @@ -0,0 +1,813 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: canaries.flagger.app + annotations: + helm.sh/resource-policy: keep +spec: + group: flagger.app + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true + - name: v1alpha3 + served: true + storage: false + - name: v1alpha2 + served: false + storage: false + - name: v1alpha1 + served: false + storage: false + names: + plural: canaries + singular: canary + kind: Canary + categories: + - all + scope: Namespaced + subresources: + status: {} + additionalPrinterColumns: + - name: Status + type: string + JSONPath: .status.phase + - name: Weight + type: string + JSONPath: .status.canaryWeight + - name: FailedChecks + type: string + JSONPath: .status.failedChecks + priority: 1 + - name: Interval + type: string + JSONPath: .spec.canaryAnalysis.interval + priority: 1 + - name: Mirror + type: boolean + JSONPath: .spec.canaryAnalysis.mirror + priority: 1 + - name: StepWeight + type: string + JSONPath: .spec.canaryAnalysis.stepWeight + priority: 1 + - name: MaxWeight + type: string + JSONPath: .spec.canaryAnalysis.maxWeight + priority: 1 + - name: LastTransitionTime + type: string + JSONPath: .status.lastTransitionTime + validation: + openAPIV3Schema: + properties: + spec: + required: + - targetRef + - service + - canaryAnalysis + properties: + provider: + description: Traffic managent provider + type: string + metricsServer: + description: Prometheus URL + type: string + progressDeadlineSeconds: + description: Deployment progress deadline + type: number + targetRef: + description: Target selector + type: object + required: ["apiVersion", "kind", "name"] + properties: + apiVersion: + type: string + kind: + type: string + enum: + - Deployment + - Service + name: + type: string + autoscalerRef: + description: HPA selector + type: object + required: ["apiVersion", "kind", "name"] + properties: + apiVersion: + type: string + kind: + type: string + enum: + - HorizontalPodAutoscaler + name: + type: string + ingressRef: + description: NGINX ingress selector + type: object + required: ["apiVersion", "kind", "name"] + properties: + apiVersion: + type: string + kind: + type: string + enum: + - Ingress + name: + type: string + service: + description: Kubernetes Service spec + type: object + required: ["port"] + properties: + name: + description: Kubernetes service name + type: string + port: + description: Container port number + type: number + portName: + description: Container port name + type: string + targetPort: + description: Container target port name + anyOf: + - type: string + - type: number + portDiscovery: + description: Enable port dicovery + type: boolean + timeout: + description: HTTP or gRPC request timeout + type: string + meshName: + description: AppMesh mesh name + type: string + backends: + description: AppMesh backend array + type: array + items: + type: string + hosts: + description: The list of host names for this service + type: array + items: + type: string + match: + description: URI match conditions + type: array + items: + type: object + properties: + uri: + type: object + oneOf: + - required: ["exact"] + - required: ["prefix"] + - required: ["suffix"] + - required: ["regex"] + properties: + exact: + format: string + type: string + prefix: + format: string + type: string + suffix: + format: string + type: string + regex: + format: string + type: string + retries: + description: Retry policy for HTTP requests + type: object + properties: + attempts: + description: Number of retries for a given request + format: int32 + type: integer + perTryTimeout: + description: Timeout per retry attempt for a given request + type: string + retryOn: + description: Specifies the conditions under which retry takes place + format: string + type: string + rewrite: + description: Rewrite HTTP URIs + type: object + properties: + uri: + format: string + type: string + headers: + description: Headers operations + type: object + properties: + request: + properties: + add: + additionalProperties: + format: string + type: string + type: object + remove: + items: + format: string + type: string + type: array + set: + additionalProperties: + format: string + type: string + type: object + type: object + response: + properties: + add: + additionalProperties: + format: string + type: string + type: object + remove: + items: + format: string + type: string + type: array + set: + additionalProperties: + format: string + type: string + type: object + type: object + gateways: + description: The list of Istio gateway for this virtual service + type: array + items: + type: string + corsPolicy: + description: Istio Cross-Origin Resource Sharing policy (CORS) + type: object + properties: + allowCredentials: + type: boolean + allowHeaders: + items: + format: string + type: string + type: array + allowMethods: + description: List of HTTP methods allowed to access the resource + items: + format: string + type: string + type: array + allowOrigin: + description: The list of origins that are allowed to perform + CORS requests. + items: + format: string + type: string + type: array + allowOrigins: + description: String patterns that match allowed origins + type: array + items: + type: object + oneOf: + - required: + - exact + - required: + - prefix + - required: + - regex + properties: + exact: + format: string + type: string + prefix: + format: string + type: string + regex: + format: string + type: string + exposeHeaders: + items: + format: string + type: string + type: array + maxAge: + type: string + trafficPolicy: + description: Istio traffic policy + type: object + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + type: object + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + loadBalancer: + description: Settings controlling the load balancer algorithms. + type: object + oneOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to traffic + distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + outlierDetection: + description: Settings controlling eviction of unhealthy hosts from the load balancing pool. + type: object + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host is + ejected from the connection pool. + format: int32 + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + tls: + description: Istio TLS related settings for connections to the upstream service + type: object + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + skipAnalysis: + description: Skip analysis and promote canary + type: boolean + canaryAnalysis: + description: Canary analysis for this canary + type: object + properties: + interval: + description: Schedule interval for this canary + type: string + pattern: "^[0-9]+(m|s)" + iterations: + description: Number of checks to run for A/B Testing and Blue/Green + type: number + threshold: + description: Max number of failed checks before rollback + type: number + maxWeight: + description: Max traffic percentage routed to canary + type: number + stepWeight: + description: Incremental traffic percentage step + type: number + mirror: + description: Mirror traffic to canary before shifting + type: boolean + match: + description: A/B testing match conditions + type: array + items: + type: object + properties: + headers: + type: object + additionalProperties: + oneOf: + - required: ["exact"] + - required: ["prefix"] + - required: ["suffix"] + - required: ["regex"] + type: object + properties: + exact: + format: string + type: string + prefix: + format: string + type: string + suffix: + format: string + type: string + regex: + format: string + type: string + metrics: + description: Metric check list for this canary + type: array + items: + type: object + required: ["name"] + properties: + name: + description: Name of the metric + type: string + interval: + description: Interval of the query + type: string + pattern: "^[0-9]+(m|s)" + threshold: + description: Max value accepted for this metric + type: number + thresholdRange: + description: Range accepted for this metric + type: object + properties: + min: + description: Min value accepted for this metric + type: number + max: + description: Max value accepted for this metric + type: number + query: + description: Prometheus query + type: string + templateRef: + description: Metric template reference + type: object + required: ["name"] + properties: + name: + description: Name of this metric template + type: string + namespace: + description: Namespace of this metric template + type: string + webhooks: + description: Webhook list for this canary + type: array + items: + type: object + required: ["name", "url"] + properties: + name: + description: Name of the webhook + type: string + type: + description: Type of the webhook pre, post or during rollout + type: string + enum: + - "" + - confirm-rollout + - pre-rollout + - rollout + - confirm-promotion + - post-rollout + - event + - rollback + url: + description: URL address of this webhook + type: string + format: url + timeout: + description: Request timeout for this webhook + type: string + pattern: "^[0-9]+(m|s)" + metadata: + description: Metadata (key-value pairs) for this webhook + type: object + additionalProperties: + type: string + status: + properties: + phase: + description: Analysis phase of this canary + type: string + enum: + - "" + - Initializing + - Initialized + - Waiting + - Progressing + - Promoting + - Finalising + - Succeeded + - Failed + canaryWeight: + description: Traffic weight percentage routed to canary + type: number + failedChecks: + description: Failed check count of the current canary analysis + type: number + iterations: + description: Iteration count of the current canary analysis + type: number + lastAppliedSpec: + description: LastAppliedSpec of this canary + type: string + lastTransitionTime: + description: LastTransitionTime of this canary + format: date-time + type: string + conditions: + description: Status conditions of this canary + type: array + items: + type: object + required: ["type", "status", "reason"] + properties: + lastTransitionTime: + description: LastTransitionTime of this condition + format: date-time + type: string + lastUpdateTime: + description: LastUpdateTime of this condition + format: date-time + type: string + message: + description: Message associated with this condition + type: string + reason: + description: Reason for the current status of this condition + type: string + status: + description: Status of this condition + type: string + type: + description: Type of this condition + type: string +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: metrictemplates.flagger.app + annotations: + helm.sh/resource-policy: keep +spec: + group: flagger.app + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true + - name: v1alpha1 + served: true + storage: false + names: + plural: metrictemplates + singular: metrictemplate + kind: MetricTemplate + categories: + - all + scope: Namespaced + subresources: + status: {} + additionalPrinterColumns: + - name: Provider + type: string + JSONPath: .spec.provider.type + validation: + openAPIV3Schema: + properties: + spec: + required: + - provider + - query + properties: + provider: + description: Provider of this metric template + type: object + required: + - type + - address + properties: + type: + description: Type of this provider + type: string + enum: + - prometheus + - influxdb + address: + description: API address of this provider + type: string + secretRef: + description: Kubernetes secret reference containing the provider credentials + type: object + required: + - name + properties: + name: + description: Name of the Kubernetes secret + type: string + query: + description: Query of this metric template + type: string +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: alertproviders.flagger.app + annotations: + helm.sh/resource-policy: keep +spec: + group: flagger.app + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true + names: + plural: alertproviders + singular: alertprovider + kind: AlertProvider + categories: + - all + scope: Namespaced + subresources: + status: {} + additionalPrinterColumns: + - name: Type + type: string + JSONPath: .spec.type + validation: + openAPIV3Schema: + properties: + spec: + oneOf: + - required: + - type + - address + - required: + - type + - secretRef + properties: + type: + description: Type of this provider + type: string + enum: + - slack + - msteams + - discord + - rocket + address: + description: Hook URL address of this provider + type: string + secretRef: + description: Kubernetes secret reference containing the provider address + type: object + required: + - name + properties: + name: + description: Name of the Kubernetes secret + type: string diff --git a/charts/flagger/templates/crd.yaml b/charts/flagger/templates/crd.yaml index 5e3e7ebc4..700f7b8c6 100644 --- a/charts/flagger/templates/crd.yaml +++ b/charts/flagger/templates/crd.yaml @@ -1,654 +1,6 @@ -{{- if .Values.crd.create }} -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: canaries.flagger.app - annotations: - helm.sh/resource-policy: keep -spec: - group: flagger.app - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true - - name: v1alpha3 - served: true - storage: false - - name: v1alpha2 - served: false - storage: false - - name: v1alpha1 - served: false - storage: false - names: - plural: canaries - singular: canary - kind: Canary - categories: - - all - scope: Namespaced - subresources: - status: {} - additionalPrinterColumns: - - name: Status - type: string - JSONPath: .status.phase - - name: Weight - type: string - JSONPath: .status.canaryWeight - - name: FailedChecks - type: string - JSONPath: .status.failedChecks - priority: 1 - - name: Interval - type: string - JSONPath: .spec.canaryAnalysis.interval - priority: 1 - - name: Mirror - type: boolean - JSONPath: .spec.canaryAnalysis.mirror - priority: 1 - - name: StepWeight - type: string - JSONPath: .spec.canaryAnalysis.stepWeight - priority: 1 - - name: MaxWeight - type: string - JSONPath: .spec.canaryAnalysis.maxWeight - priority: 1 - - name: LastTransitionTime - type: string - JSONPath: .status.lastTransitionTime - validation: - openAPIV3Schema: - properties: - spec: - required: - - targetRef - - service - - canaryAnalysis - properties: - provider: - description: Traffic managent provider - type: string - metricsServer: - description: Prometheus URL - type: string - progressDeadlineSeconds: - description: Deployment progress deadline - type: number - targetRef: - description: Target selector - type: object - required: ["apiVersion", "kind", "name"] - properties: - apiVersion: - type: string - kind: - type: string - enum: - - Deployment - - Service - name: - type: string - autoscalerRef: - description: HPA selector - type: object - required: ["apiVersion", "kind", "name"] - properties: - apiVersion: - type: string - kind: - type: string - enum: - - HorizontalPodAutoscaler - name: - type: string - ingressRef: - description: NGINX ingress selector - type: object - required: ["apiVersion", "kind", "name"] - properties: - apiVersion: - type: string - kind: - type: string - enum: - - Ingress - name: - type: string - service: - description: Kubernetes Service spec - type: object - required: ["port"] - properties: - name: - description: Kubernetes service name - type: string - port: - description: Container port number - type: number - portName: - description: Container port name - type: string - targetPort: - description: Container target port name - anyOf: - - type: string - - type: number - portDiscovery: - description: Enable port dicovery - type: boolean - timeout: - description: HTTP or gRPC request timeout - type: string - meshName: - description: AppMesh mesh name - type: string - backends: - description: AppMesh backend array - type: array - items: - type: string - hosts: - description: The list of host names for this service - type: array - items: - type: string - trafficPolicy: - description: Istio mTLS traffic policy - type: object - properties: - tls: - description: TLS related settings for connections to the upstream service - type: object - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server - during TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array - match: - description: URI match conditions - type: array - items: - type: object - properties: - uri: - type: object - oneOf: - - required: ["exact"] - - required: ["prefix"] - - required: ["suffix"] - - required: ["regex"] - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - suffix: - format: string - type: string - regex: - format: string - type: string - retries: - description: Retry policy for HTTP requests - type: object - properties: - attempts: - description: Number of retries for a given request - format: int32 - type: integer - perTryTimeout: - description: Timeout per retry attempt for a given request - type: string - retryOn: - description: Specifies the conditions under which retry takes place - format: string - type: string - rewrite: - description: Rewrite HTTP URIs - type: object - properties: - uri: - format: string - type: string - headers: - description: Headers operations - type: object - properties: - request: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - response: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - corsPolicy: - description: Cross-Origin Resource Sharing policy (CORS) - type: object - properties: - allowCredentials: - type: boolean - allowHeaders: - items: - format: string - type: string - type: array - allowMethods: - description: List of HTTP methods allowed to access the resource - items: - format: string - type: string - type: array - allowOrigin: - description: The list of origins that are allowed to perform - CORS requests. - items: - format: string - type: string - type: array - allowOrigins: - description: String patterns that match allowed origins - type: array - items: - type: object - oneOf: - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - format: string - type: string - exposeHeaders: - items: - format: string - type: string - type: array - maxAge: - type: string - gateways: - description: The list of Istio gateway for this virtual service - type: array - items: - type: string - skipAnalysis: - description: Skip analysis and promote canary - type: boolean - canaryAnalysis: - description: Canary analysis for this canary - type: object - properties: - interval: - description: Schedule interval for this canary - type: string - pattern: "^[0-9]+(m|s)" - iterations: - description: Number of checks to run for A/B Testing and Blue/Green - type: number - threshold: - description: Max number of failed checks before rollback - type: number - maxWeight: - description: Max traffic percentage routed to canary - type: number - stepWeight: - description: Incremental traffic percentage step - type: number - mirror: - description: Mirror traffic to canary before shifting - type: boolean - match: - description: A/B testing match conditions - type: array - items: - type: object - properties: - headers: - type: object - additionalProperties: - oneOf: - - required: ["exact"] - - required: ["prefix"] - - required: ["suffix"] - - required: ["regex"] - type: object - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - suffix: - format: string - type: string - regex: - format: string - type: string - metrics: - description: Metric check list for this canary - type: array - items: - type: object - required: ["name"] - properties: - name: - description: Name of the metric - type: string - interval: - description: Interval of the query - type: string - pattern: "^[0-9]+(m|s)" - threshold: - description: Max value accepted for this metric - type: number - thresholdRange: - description: Range accepted for this metric - type: object - properties: - min: - description: Min value accepted for this metric - type: number - max: - description: Max value accepted for this metric - type: number - query: - description: Prometheus query - type: string - templateRef: - description: Metric template reference - type: object - required: ["name"] - properties: - name: - description: Name of this metric template - type: string - namespace: - description: Namespace of this metric template - type: string - webhooks: - description: Webhook list for this canary - type: array - items: - type: object - required: ["name", "url"] - properties: - name: - description: Name of the webhook - type: string - type: - description: Type of the webhook pre, post or during rollout - type: string - enum: - - "" - - confirm-rollout - - pre-rollout - - rollout - - confirm-promotion - - post-rollout - - event - - rollback - url: - description: URL address of this webhook - type: string - format: url - timeout: - description: Request timeout for this webhook - type: string - pattern: "^[0-9]+(m|s)" - metadata: - description: Metadata (key-value pairs) for this webhook - type: object - additionalProperties: - type: string - status: - properties: - phase: - description: Analysis phase of this canary - type: string - enum: - - "" - - Initializing - - Initialized - - Waiting - - Progressing - - Promoting - - Finalising - - Succeeded - - Failed - canaryWeight: - description: Traffic weight percentage routed to canary - type: number - failedChecks: - description: Failed check count of the current canary analysis - type: number - iterations: - description: Iteration count of the current canary analysis - type: number - lastAppliedSpec: - description: LastAppliedSpec of this canary - type: string - lastTransitionTime: - description: LastTransitionTime of this canary - format: date-time - type: string - conditions: - description: Status conditions of this canary - type: array - items: - type: object - required: ["type", "status", "reason"] - properties: - lastTransitionTime: - description: LastTransitionTime of this condition - format: date-time - type: string - lastUpdateTime: - description: LastUpdateTime of this condition - format: date-time - type: string - message: - description: Message associated with this condition - type: string - reason: - description: Reason for the current status of this condition - type: string - status: - description: Status of this condition - type: string - type: - description: Type of this condition - type: string +{{- if .Values.crd.create -}} +{{- range $path, $bytes := .Files.Glob "crds/*.yaml" -}} +{{ $.Files.Get $path }} --- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: metrictemplates.flagger.app - annotations: - helm.sh/resource-policy: keep -spec: - group: flagger.app - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true - - name: v1alpha1 - served: true - storage: false - names: - plural: metrictemplates - singular: metrictemplate - kind: MetricTemplate - categories: - - all - scope: Namespaced - subresources: - status: {} - additionalPrinterColumns: - - name: Provider - type: string - JSONPath: .spec.provider.type - validation: - openAPIV3Schema: - properties: - spec: - required: - - provider - - query - properties: - provider: - description: Provider of this metric template - type: object - required: - - type - - address - properties: - type: - description: Type of this provider - type: string - enum: - - prometheus - - influxdb - address: - description: API address of this provider - type: string - secretRef: - description: Kubernetes secret reference containing the provider credentials - type: object - required: - - name - properties: - name: - description: Name of the Kubernetes secret - type: string - query: - description: Query of this metric template - type: string ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: alertproviders.flagger.app - annotations: - helm.sh/resource-policy: keep -spec: - group: flagger.app - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true - names: - plural: alertproviders - singular: alertprovider - kind: AlertProvider - categories: - - all - scope: Namespaced - subresources: - status: {} - additionalPrinterColumns: - - name: Type - type: string - JSONPath: .spec.type - validation: - openAPIV3Schema: - properties: - spec: - oneOf: - - required: - - type - - address - - required: - - type - - secretRef - properties: - type: - description: Type of this provider - type: string - enum: - - slack - - msteams - - discord - - rocket - address: - description: Hook URL address of this provider - type: string - secretRef: - description: Kubernetes secret reference containing the provider address - type: object - required: - - name - properties: - name: - description: Name of the Kubernetes secret - type: string -{{- end }} +{{- end -}} +{{- end -}} From 37a2bf966a0c0e925f3734f5057dd32028f1c95c Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:35:03 +0200 Subject: [PATCH 4/7] Sync CRDs from artifacts dir --- Makefile | 4 + kustomize/base/flagger/crd.yaml | 245 ++++++++++++++++++++++++++------ 2 files changed, 207 insertions(+), 42 deletions(-) diff --git a/Makefile b/Makefile index 4a7cb91b5..8255b5b60 100644 --- a/Makefile +++ b/Makefile @@ -54,6 +54,10 @@ test-codegen: test: test-fmt test-codegen go test ./... +crd: + cat artifacts/flagger/crd.yaml > charts/flagger/crds/crd.yaml + cat artifacts/flagger/crd.yaml > kustomize/base/flagger/crd.yaml + helm-package: cd charts/ && helm package ./* mv charts/*.tgz bin/ diff --git a/kustomize/base/flagger/crd.yaml b/kustomize/base/flagger/crd.yaml index 5bbd94def..2b6269a8c 100644 --- a/kustomize/base/flagger/crd.yaml +++ b/kustomize/base/flagger/crd.yaml @@ -155,42 +155,6 @@ spec: type: array items: type: string - trafficPolicy: - description: Istio mTLS traffic policy - type: object - properties: - tls: - description: TLS related settings for connections to the upstream service - type: object - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server - during TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array match: description: URI match conditions type: array @@ -279,8 +243,13 @@ spec: type: string type: object type: object + gateways: + description: The list of Istio gateway for this virtual service + type: array + items: + type: string corsPolicy: - description: Cross-Origin Resource Sharing policy (CORS) + description: Istio Cross-Origin Resource Sharing policy (CORS) type: object properties: allowCredentials: @@ -332,11 +301,203 @@ spec: type: array maxAge: type: string - gateways: - description: The list of Istio gateway for this virtual service - type: array - items: - type: string + trafficPolicy: + description: Istio traffic policy + type: object + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + type: object + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + loadBalancer: + description: Settings controlling the load balancer algorithms. + type: object + oneOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to traffic + distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + outlierDetection: + description: Settings controlling eviction of unhealthy hosts from the load balancing pool. + type: object + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host is + ejected from the connection pool. + format: int32 + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + tls: + description: Istio TLS related settings for connections to the upstream service + type: object + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array skipAnalysis: description: Skip analysis and promote canary type: boolean From 0106dff2d7b25f7f8391139949dffeb93624eadc Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:35:33 +0200 Subject: [PATCH 5/7] Update packages to Kubernetes v1.17.2 --- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 130590545..f353020b5 100644 --- a/go.mod +++ b/go.mod @@ -15,10 +15,10 @@ require ( go.uber.org/multierr v1.1.0 // indirect go.uber.org/zap v1.10.0 gopkg.in/h2non/gock.v1 v1.0.14 - k8s.io/api v0.17.1 - k8s.io/apimachinery v0.17.1 - k8s.io/client-go v0.17.1 - k8s.io/code-generator v0.17.1 + k8s.io/api v0.17.2 + k8s.io/apimachinery v0.17.2 + k8s.io/client-go v0.17.2 + k8s.io/code-generator v0.17.2 k8s.io/utils v0.0.0-20191114184206-e782cd3c129f ) diff --git a/go.sum b/go.sum index 7706163d3..b46cce591 100644 --- a/go.sum +++ b/go.sum @@ -290,14 +290,14 @@ gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.17.1 h1:i46MidoDOE9tvQ0TTEYggf3ka/pziP1+tHI/GFVeJao= -k8s.io/api v0.17.1/go.mod h1:zxiAc5y8Ngn4fmhWUtSxuUlkfz1ixT7j9wESokELzOg= -k8s.io/apimachinery v0.17.1 h1:zUjS3szTxoUjTDYNvdFkYt2uMEXLcthcbp+7uZvWhYM= -k8s.io/apimachinery v0.17.1/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= -k8s.io/client-go v0.17.1 h1:LbbuZ5tI7OYx4et5DfRFcJuoojvpYO0c7vps2rgJsHY= -k8s.io/client-go v0.17.1/go.mod h1:HZtHJSC/VuSHcETN9QA5QDZky1tXiYrkF/7t7vRpO1A= -k8s.io/code-generator v0.17.1 h1:e3B1UqRzRUWygp7WD+QTRT3ZUahPIaRKF0OFa7duQwI= -k8s.io/code-generator v0.17.1/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= +k8s.io/api v0.17.2 h1:NF1UFXcKN7/OOv1uxdRz3qfra8AHsPav5M93hlV9+Dc= +k8s.io/api v0.17.2/go.mod h1:BS9fjjLc4CMuqfSO8vgbHPKMt5+SF0ET6u/RVDihTo4= +k8s.io/apimachinery v0.17.2 h1:hwDQQFbdRlpnnsR64Asdi55GyCaIP/3WQpMmbNBeWr4= +k8s.io/apimachinery v0.17.2/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= +k8s.io/client-go v0.17.2 h1:ndIfkfXEGrNhLIgkr0+qhRguSD3u6DCmonepn1O6NYc= +k8s.io/client-go v0.17.2/go.mod h1:QAzRgsa0C2xl4/eVpeVAZMvikCn8Nm81yqVx3Kk9XYI= +k8s.io/code-generator v0.17.2 h1:pTwl3rLB1fUyxmvEzmVPMM0tBSdUehd7z+bDzpj4lPE= +k8s.io/code-generator v0.17.2/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= From 33d57af233ce1c0b598024c614411fcc3bed7a83 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:43:21 +0200 Subject: [PATCH 6/7] e2e: Install CRDs with Helm v3 --- test/e2e-gloo.sh | 1 + test/e2e-nginx.sh | 1 + 2 files changed, 2 insertions(+) diff --git a/test/e2e-gloo.sh b/test/e2e-gloo.sh index 6d5036b31..be7a1746e 100755 --- a/test/e2e-gloo.sh +++ b/test/e2e-gloo.sh @@ -21,6 +21,7 @@ kind load docker-image test/flagger:latest echo '>>> Installing Flagger' helm upgrade -i flagger ${REPO_ROOT}/charts/flagger \ +--set crd.create=false \ --namespace gloo-system \ --set prometheus.install=true \ --set meshProvider=gloo diff --git a/test/e2e-nginx.sh b/test/e2e-nginx.sh index cb506e643..29bf1b84c 100755 --- a/test/e2e-nginx.sh +++ b/test/e2e-nginx.sh @@ -24,6 +24,7 @@ kind load docker-image test/flagger:latest echo '>>> Installing Flagger' helm upgrade -i flagger ${REPO_ROOT}/charts/flagger \ +--set crd.create=false \ --namespace ingress-nginx \ --set prometheus.install=true \ --set meshProvider=nginx From b4753f68b5ceb08be6a093e2d2add43003180db2 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Fri, 14 Feb 2020 12:45:31 +0200 Subject: [PATCH 7/7] Disable CRD creation for Helm v2 --- charts/flagger/README.md | 2 +- charts/flagger/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/flagger/README.md b/charts/flagger/README.md index 6af129182..88015f9e3 100644 --- a/charts/flagger/README.md +++ b/charts/flagger/README.md @@ -95,7 +95,7 @@ Parameter | Description | Default `ingressAnnotationsPrefix` | Annotations prefix for ingresses | `custom.ingress.kubernetes.io` `rbac.create` | If `true`, create and use RBAC resources | `true` `rbac.pspEnabled` | If `true`, create and use a restricted pod security policy | `false` -`crd.create` | If `true`, create Flagger's CRDs | `true` +`crd.create` | If `true`, create Flagger's CRDs (should be enabled for Helm v2 only) | `false` `resources.requests/cpu` | Pod CPU request | `10m` `resources.requests/memory` | Pod memory request | `32Mi` `resources.limits/cpu` | Pod CPU limit | `1000m` diff --git a/charts/flagger/values.yaml b/charts/flagger/values.yaml index f12d9e42c..a0c8f27bd 100644 --- a/charts/flagger/values.yaml +++ b/charts/flagger/values.yaml @@ -82,7 +82,7 @@ rbac: crd: # crd.create: `true` if custom resource definitions should be created - create: true + create: false nameOverride: "" fullnameOverride: ""