diff --git a/Makefile b/Makefile index 0e1c3fb48..15078b582 100644 --- a/Makefile +++ b/Makefile @@ -133,6 +133,9 @@ test-e2e: down-locally build-dss start-locally probe-locally collect-local-logs tag: scripts/tag.sh $(UPSTREAM_OWNER)/dss/v$(VERSION) +.PHONY: restart-all +restart-all: build-dss down-locally start-locally + .PHONY: start-locally start-locally: build/dev/run_locally.sh up -d diff --git a/build/dev/docker-compose_dss.yaml b/build/dev/docker-compose_dss.yaml index b4a221953..e84e4d078 100644 --- a/build/dev/docker-compose_dss.yaml +++ b/build/dev/docker-compose_dss.yaml @@ -10,13 +10,12 @@ services: local-dss-crdb: image: cockroachdb/cockroach:v21.2.7 command: start-single-node --insecure - expose: - - 26257 ports: + - "26257:26257" - "8080:8080" restart: always networks: - - dss_sandbox_default_network + - dss_sandbox_default_network local-dss-rid-bootstrapper: build: @@ -30,7 +29,7 @@ services: depends_on: - local-dss-crdb networks: - - dss_sandbox_default_network + - dss_sandbox_default_network local-dss-scd-bootstrapper: build: @@ -44,7 +43,7 @@ services: depends_on: - local-dss-crdb networks: - - dss_sandbox_default_network + - dss_sandbox_default_network local-dss-core-service: build: @@ -63,7 +62,7 @@ services: - local-dss-rid-bootstrapper - local-dss-scd-bootstrapper networks: - - dss_sandbox_default_network + - dss_sandbox_default_network local-dss-dummy-oauth: build: @@ -74,7 +73,7 @@ services: ports: - "8085:8085" networks: - - dss_sandbox_default_network + - dss_sandbox_default_network networks: dss_sandbox_default_network: diff --git a/dump.yaml b/dump.yaml deleted file mode 100644 index a1d24a968..000000000 --- a/dump.yaml +++ /dev/null @@ -1,706 +0,0 @@ -autoInjection: - components: - injector: - enabled: true - k8s: - replicaCount: 1 - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -cni: - enabled: false -configManagement: - components: - galley: - enabled: true - k8s: - replicaCount: 1 - resources: - requests: - cpu: 100m - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -defaultNamespace: istio-system -gateways: - components: - egressGateway: - enabled: true - k8s: - hpaSpec: - maxReplicas: 5 - metrics: - - resource: - name: cpu - targetAverageUtilization: 80 - type: Resource - minReplicas: 1 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: istio-egressgateway - resources: - limits: - cpu: 2000m - memory: 1024Mi - requests: - cpu: 10m - memory: 40Mi - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - ingressGateway: - enabled: true - k8s: - hpaSpec: - maxReplicas: 5 - metrics: - - resource: - name: cpu - targetAverageUtilization: 80 - type: Resource - minReplicas: 1 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: istio-ingressgateway - resources: - limits: - cpu: 2000m - memory: 1024Mi - requests: - cpu: 10m - memory: 40Mi - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -hub: docker.io/istio -policy: - components: - policy: - enabled: true - k8s: - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - hpaSpec: - maxReplicas: 5 - metrics: - - resource: - name: cpu - targetAverageUtilization: 80 - type: Resource - minReplicas: 1 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: istio-policy - resources: - requests: - cpu: 10m - memory: 100Mi - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -security: - components: - certManager: - enabled: false - citadel: - enabled: true - k8s: - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - nodeAgent: - enabled: false - enabled: true -tag: 1.4.3 -telemetry: - components: - telemetry: - enabled: true - k8s: - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: GOMAXPROCS - value: "6" - hpaSpec: - maxReplicas: 5 - metrics: - - resource: - name: cpu - targetAverageUtilization: 80 - type: Resource - minReplicas: 1 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: istio-telemetry - replicaCount: 1 - resources: - limits: - cpu: 4800m - memory: 4G - requests: - cpu: 50m - memory: 100Mi - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -trafficManagement: - components: - pilot: - enabled: true - k8s: - env: - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: GODEBUG - value: gctrace=1 - - name: PILOT_TRACE_SAMPLING - value: "100" - - name: CONFIG_NAMESPACE - value: istio-config - hpaSpec: - maxReplicas: 5 - metrics: - - resource: - name: cpu - targetAverageUtilization: 80 - type: Resource - minReplicas: 1 - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: istio-pilot - readinessProbe: - httpGet: - path: /ready - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 30 - timeoutSeconds: 5 - resources: - requests: - cpu: 10m - memory: 100Mi - strategy: - rollingUpdate: - maxSurge: 100% - maxUnavailable: 25% - enabled: true -values: - certmanager: - hub: quay.io/jetstack - image: cert-manager-controller - tag: v0.6.2 - clusterResources: true - galley: - enableAnalysis: false - image: galley - gateways: - istio-egressgateway: - autoscaleEnabled: false - env: - ISTIO_META_ROUTER_MODE: sni-dnat - ports: - - name: http2 - port: 80 - - name: https - port: 443 - - name: tls - port: 15443 - targetPort: 15443 - secretVolumes: - - mountPath: /etc/istio/egressgateway-certs - name: egressgateway-certs - secretName: istio-egressgateway-certs - - mountPath: /etc/istio/egressgateway-ca-certs - name: egressgateway-ca-certs - secretName: istio-egressgateway-ca-certs - type: ClusterIP - zvpn: - enabled: true - suffix: global - istio-ingressgateway: - applicationPorts: "" - autoscaleEnabled: false - debug: info - domain: "" - env: - ISTIO_META_ROUTER_MODE: sni-dnat - meshExpansionPorts: - - name: tcp-pilot-grpc-tls - port: 15011 - targetPort: 15011 - - name: tcp-citadel-grpc-tls - port: 8060 - targetPort: 8060 - - name: tcp-dns-tls - port: 853 - targetPort: 853 - ports: - - name: status-port - port: 15020 - targetPort: 15020 - - name: http2 - port: 80 - targetPort: 80 - - name: https - port: 443 - - name: kiali - port: 15029 - targetPort: 15029 - - name: prometheus - port: 15030 - targetPort: 15030 - - name: grafana - port: 15031 - targetPort: 15031 - - name: tracing - port: 15032 - targetPort: 15032 - - name: tls - port: 15443 - targetPort: 15443 - sds: - enabled: false - image: node-agent-k8s - resources: - limits: - cpu: 2000m - memory: 1024Mi - requests: - cpu: 100m - memory: 128Mi - secretVolumes: - - mountPath: /etc/istio/ingressgateway-certs - name: ingressgateway-certs - secretName: istio-ingressgateway-certs - - mountPath: /etc/istio/ingressgateway-ca-certs - name: ingressgateway-ca-certs - secretName: istio-ingressgateway-ca-certs - type: LoadBalancer - zvpn: - enabled: true - suffix: global - global: - arch: - amd64: 2 - ppc64le: 2 - s390x: 2 - certificates: [] - configValidation: true - controlPlaneSecurityEnabled: false - defaultNodeSelector: {} - defaultPodDisruptionBudget: - enabled: true - defaultResources: - requests: - cpu: 10m - disablePolicyChecks: false - enableHelmTest: false - enableTracing: true - imagePullPolicy: IfNotPresent - imagePullSecrets: [] - k8sIngress: - enableHttps: false - enabled: false - gatewayName: ingressgateway - localityLbSetting: - enabled: true - logAsJson: false - logging: - level: default:info - meshExpansion: - enabled: false - useILB: false - meshNetworks: {} - mtls: - auto: false - enabled: false - multiCluster: - clusterName: "" - enabled: false - network: "" - omitSidecarInjectorConfigMap: false - oneNamespace: false - operatorManageWebhooks: false - outboundTrafficPolicy: - mode: ALLOW_ANY - policyCheckFailOpen: false - priorityClassName: "" - proxy: - accessLogEncoding: TEXT - accessLogFile: /dev/stdout - accessLogFormat: "" - autoInject: enabled - clusterDomain: cluster.local - componentLogLevel: misc:error - concurrency: 2 - dnsRefreshRate: 300s - enableCoreDump: false - envoyAccessLogService: - enabled: false - host: null - port: null - envoyMetricsService: - enabled: false - host: null - port: null - tcpKeepalive: - interval: 10s - probes: 3 - time: 10s - tlsSettings: - caCertificates: null - clientCertificate: null - mode: DISABLE - privateKey: null - sni: null - subjectAltNames: [] - envoyStatsd: - enabled: false - host: null - port: null - excludeIPRanges: "" - excludeInboundPorts: "" - excludeOutboundPorts: "" - image: proxyv2 - includeIPRanges: '*' - includeInboundPorts: '*' - kubevirtInterfaces: "" - logLevel: warning - privileged: false - protocolDetectionTimeout: 100ms - readinessFailureThreshold: 30 - readinessInitialDelaySeconds: 1 - readinessPeriodSeconds: 2 - resources: - limits: - cpu: 2000m - memory: 1024Mi - requests: - cpu: 10m - memory: 40Mi - statusPort: 15020 - tracer: zipkin - proxy_init: - image: proxyv2 - resources: - limits: - cpu: 100m - memory: 50Mi - requests: - cpu: 10m - memory: 10Mi - sds: - enabled: false - token: - aud: istio-ca - udsPath: "" - tracer: - datadog: - address: $(HOST_IP):8126 - lightstep: - accessToken: "" - address: "" - cacertPath: "" - secure: true - zipkin: - address: "" - trustDomain: cluster.local - useMCP: true - grafana: - accessMode: ReadWriteMany - contextPath: /grafana - dashboardProviders: - dashboardproviders.yaml: - apiVersion: 1 - providers: - - disableDeletion: false - folder: istio - name: istio - options: - path: /var/lib/grafana/dashboards/istio - orgId: 1 - type: file - datasources: - datasources.yaml: - apiVersion: 1 - datasources: null - enabled: true - env: {} - envSecrets: {} - image: - repository: grafana/grafana - tag: 6.4.3 - ingress: - annotations: null - enabled: false - hosts: - - grafana.local - tls: null - nodeSelector: {} - persist: false - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - replicaCount: 1 - security: - enabled: false - passphraseKey: passphrase - secretName: grafana - usernameKey: username - service: - annotations: {} - externalPort: 3000 - loadBalancerIP: null - loadBalancerSourceRanges: null - name: http - type: ClusterIP - storageClassName: "" - tolerations: [] - istiocoredns: - coreDNSImage: coredns/coredns - coreDNSPluginImage: istio/coredns-plugin:0.2-istio-1.1 - coreDNSTag: 1.6.2 - enabled: false - kiali: - contextPath: /kiali - createDemoSecret: true - dashboard: - grafanaURL: null - jaegerURL: null - passphraseKey: passphrase - secretName: kiali - usernameKey: username - viewOnlyMode: false - enabled: true - hub: quay.io/kiali - ingress: - annotations: null - enabled: false - hosts: - - kiali.local - tls: null - nodeSelector: {} - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - prometheusNamespace: null - replicaCount: 1 - security: - cert_file: /kiali-cert/cert-chain.pem - enabled: false - private_key_file: /kiali-cert/key.pem - tag: v1.9 - mixer: - adapters: - kubernetesenv: - enabled: true - prometheus: - enabled: true - metricsExpiryDuration: 10m - stackdriver: - auth: - apiKey: "" - appCredentials: false - serviceAccountPath: "" - enabled: false - tracer: - enabled: false - sampleProbability: 1 - stdio: - enabled: true - outputAsJson: false - useAdapterCRDs: false - policy: - adapters: - kubernetesenv: - enabled: true - useAdapterCRDs: false - autoscaleEnabled: false - image: mixer - sessionAffinityEnabled: false - telemetry: - autoscaleEnabled: false - env: - GOMAXPROCS: "6" - image: mixer - loadshedding: - latencyThreshold: 100ms - mode: enforce - nodeSelector: {} - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - replicaCount: 1 - reportBatchMaxEntries: 100 - reportBatchMaxTime: 1s - sessionAffinityEnabled: false - tolerations: [] - useMCP: true - nodeagent: - image: node-agent-k8s - pilot: - appNamespaces: [] - autoscaleEnabled: false - autoscaleMax: 5 - autoscaleMin: 1 - configMap: true - configNamespace: istio-config - cpu: - targetAverageUtilization: 80 - deploymentLabels: null - enableProtocolSniffingForInbound: false - enableProtocolSniffingForOutbound: true - env: {} - image: pilot - ingress: - ingressClass: istio - ingressControllerMode: "OFF" - ingressService: istio-ingressgateway - keepaliveMaxServerConnectionAge: 30m - meshNetworks: - networks: {} - nodeSelector: {} - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - policy: - enabled: false - replicaCount: 1 - tolerations: [] - traceSampling: 1 - useMCP: true - prometheus: - contextPath: /prometheus - enabled: true - hub: docker.io/prom - ingress: - annotations: null - enabled: false - hosts: - - prometheus.local - tls: null - nodeSelector: {} - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - replicaCount: 1 - retention: 6h - scrapeInterval: 15s - security: - enabled: true - tag: v2.12.0 - tolerations: [] - security: - dnsCerts: - istio-pilot-service-account.istio-control: istio-pilot.istio-control - enableNamespacesByDefault: true - image: citadel - selfSigned: true - trustDomain: cluster.local - sidecarInjectorWebhook: - enableNamespacesByDefault: false - image: sidecar_injector - injectLabel: istio-injection - objectSelector: - autoInject: true - enabled: false - rewriteAppHTTPProbe: false - selfSigned: false - telemetry: - enabled: true - v1: - enabled: true - v2: - enabled: false - prometheus: - enabled: true - stackdriver: - configOverride: {} - enabled: false - logging: false - monitoring: false - topology: false - tracing: - enabled: true - ingress: - annotations: null - enabled: false - hosts: null - tls: null - jaeger: - accessMode: ReadWriteMany - hub: docker.io/jaegertracing - memory: - max_traces: 50000 - persist: false - spanStorageType: badger - storageClassName: "" - tag: "1.14" - nodeSelector: {} - opencensus: - exporters: - stackdriver: - enable_tracing: true - hub: docker.io/omnition - resources: - limits: - cpu: "1" - memory: 2Gi - requests: - cpu: 200m - memory: 400Mi - tag: 0.1.9 - podAntiAffinityLabelSelector: [] - podAntiAffinityTermLabelSelector: [] - provider: jaeger - service: - annotations: {} - externalPort: 9411 - name: http-query - type: ClusterIP - zipkin: - hub: docker.io/openzipkin - javaOptsHeap: 700 - maxSpans: 500000 - node: - cpus: 2 - probeStartupDelay: 200 - queryPort: 9411 - resources: - limits: - cpu: 300m - memory: 900Mi - requests: - cpu: 150m - memory: 900Mi - tag: 2.14.2 - version: "" -