Merge master into the 0.8 release branch #5250
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
removing the t.Skip() Should fail in CI until we have a fix
Automatic merge from submit-queue. prune old version resources that no longer exist
Automatic merge from submit-queue. [vendor-change] CloudWatch Mixer adapter Adding an adapter to send metrics to cloudwatch
Automatic merge from submit-queue. Enable Ingress/Egress gateways in Helm for bookinfo demos
Automatic merge from submit-queue. Consume labeled multicluster secrets on startup This patch when run against istio.yaml or istio-auth.yaml runs in the new config mode using only labels rather than configmaps. The configmap functionality can be removed in 0.9.
Automatic merge from submit-queue. Add a linter check to make sure types.go are generated. addresses #4418
* Remove orig_ manifests * Remove istio-mixer-validator and istio-mixer-with-health-check manifests * Remove unwanted manifests before archiving * Remove istio-sidecar-injector.yaml from install/README.md * Remove *one-namespace*.yaml from install/README.md * Make helm-generated manifests overwrite updateVersion_orig.sh manifests
Automatic merge from submit-queue. Adding CI workflow for checking vendor diff This aims to help ensure that a PR contains the correct vendor change, by running `dep ensure` and seeing if git detects any changes.
Automatic merge from submit-queue. Introduce galley/pkg/server galley/pkg/server implements logic performs both CRD synchronization, along with resource synchronization operations. The resource synchronizers are started/stopped as CRDs (of interest) are added/deleted.
Automatic merge from submit-queue. [vendor change] Add metrics command to istioctl experimental cli This PR adds a new command for retrieving service-level metrics for services within an Istio service mesh. In combination with the `watch` command, this tool may be used to display a rudimentary service dashboard from the commandline. This command requires the deployment of a prometheus instance for monitoring the mesh. It discovers a prometheus pod, establishes a port-forward to that pod, and executes a series of queries to extract the metrics for display. Currently, this command pulls all metrics from the current time, calculating rates and latencies over a time window of 1 minute. In the future, it will be possible to add support for flexible time windows. Example usage (bookinfo example): ``` $ istioctl experimental metrics productpage reviews ratings details productpage: Total RPS: 7.872870 Error RPS: 0.000000 P50 Latency: 40ms P90 Latency: 80ms P99 Latency: 98ms reviews: Total RPS: 7.909235 Error RPS: 0.000000 P50 Latency: 4ms P90 Latency: 9ms P99 Latency: 21ms ratings: Total RPS: 5.309187 Error RPS: 0.000000 P50 Latency: 2ms P90 Latency: 4ms P99 Latency: 4ms details: Total RPS: 7.872870 Error RPS: 0.000000 P50 Latency: 3ms P90 Latency: 38ms P99 Latency: 48ms ``` This tool is intended primarily to aid with debugging, as discovering what is happening with a mesh and/or a particular service can be somewhat cumbersome. Reviewers: please let me know if there is a more appropriate place for such a tool and if there is more/different information that you think is relevant to display for a service. Vendor PR: istio/old_vendor-istio_repo#58
Automatic merge from submit-queue. unset IFS, minor fix for perf setup
* need git pull --tags to get latest_release movement, use DUR variable for duration * Add grafana ingress Doesn’t work because of mixer/telemetry split yet but almost Also had to disable mtls for grafana - this should be the default * Add annotation for no mtls in helm template * From 0.8 prometheus is already in the yaml See #5111
Automatic merge from submit-queue. Assert requried circle CI envs in ci2gubernator There has been cases where tests on circle failed when calling ci2gubernator because `CIRCLE_PR_NUMBER` unbound. This PR asserts the existence of the circle ci envs required by ci2gubernator and resort to no op if any of those is not defined.
Automatic merge from submit-queue. Add Mixer perf tests that includes the RPC path. The perf tests included two sets of tests (proper v.s. with _R2 suffix). The tests with _R2 suffix was for testing runtime2 implementation. Now that there is only one runtime, repurposing some of the tests to include the gRpc layer as well.
…5152) * Add/Update Mixer e2e tests to cover more attributes sent from Envoy. * Fix indent.
* assorted bug fixes Signed-off-by: Shriram Rajagopalan <shriramr@vmware.com> * lint Signed-off-by: Shriram Rajagopalan <shriramr@vmware.com>
Automatic merge from submit-queue. Updated zipkin to 2.7 for istio. This is a follow up PR for #4726 /cc @ldemailly
Automatic merge from submit-queue. Move mixer filter to per_filter_config Move the per route mixer filter config from the metadata field to per_filter_config and turn it into a ServiceConfig proto.
…o be included in… (#5116) Automatic merge from submit-queue. [vendor change] Add B3 codec to Jaeger tracer to enable mixer trace to be included in… … the application trace - and extended zipkin test to check for the mixer span Installs the B3 codec into the Jaeger tracer to enable B3 headers to be understood and therefore associate any spans with the existing application trace. The PR also updates the zipkin e2e test to check that the mixer spans are included in the application trace instance. Once an initial review of the PR has been approved I'll commit the vendor change - using "dep ensure"? Locally this has resulted in a number of dependencies being deleted under `vendor/k8s.io/client-go/`. Signed-off-by: Gary Brown <gary@brownuk.com>
Automatic merge from submit-queue. remove prometheus from release archives
Automatic merge from submit-queue. Add Galley command-line flags "server" and "purge" Add command-line flags for server and purge commands.
Thanks Andra for pointing out that version should fail/work the same as using pod IP directly as the destination container never sees the original cluster IP
* adds guard for kube client - there may not always be one, especially in the case of CF. - made CF case more explicit * ci2gubernator: stop checking for unset variables
Automatic merge from submit-queue. Add an experiment subcommand rbac to istioctl. The subcommand is used to interact with Istio RBAC policies, this PR adds the basic interface and the actual logic will be added in a later PR. See #4856.
* Fixing missing INSTANCE_IP * Fix yaml error
* first pass renaming v1alpha3.ExternalSerivce to v1alpha3.ServiceEntry * rename ServiceEntry.Discovery to ServiceEntry.Resolution * update vendor to latest istio/api
* initial changes to fix both pilot endpoints * they now should be curl'ing the right things properly booting an envoy with dynamic template now new port name for building listeners Include port for Cloud Foundry services * Building listeners now requires named ports. * always run cloudfoundry tests * moves cloudfoundry circleci test to own run * adds cloudfoundry test to all * want to just use default env vars * need GOPATH/bin on path for envoy * switch to defaults which uses da container * disable zipkin test in pilot
Automatic merge from submit-queue. e2e test for JWT authn policy #5078 1. JWT token used here expires in year 2132 (borrowed from https://github.com/istio/proxy/blob/master/src/envoy/http/jwt_auth/sample/correct_jwt). 2. will add another e2e test for fetching JWT public key scenario after #5061 is in.
#5232) Automatic merge from submit-queue. Set listeners h2 max streams to override nghttp2 client default of 100 Reference issue: envoyproxy/envoy#3076 Signed-off-by: Kuat Yessenov <kuat@google.com>
…5245) Automatic merge from submit-queue. Enable ControlZ to fetch the current process' known logging scopes.
Automatic merge from submit-queue. Add enableCoreDump and policy parameters to sidecar injector helm template
…mple on circle (#5241) * Fixing fallout of renames in earlier commit * Re fixing lost fix that e2e-simple should run with auth Technically it should run with both auth and no auth like on prow but if it runs only 1 mode it should be with auth
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: Assign the PR to them by writing The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
branch protection is always active. You are an admin of the repo who can override branch protection, and since you committed directly into master, it went in. |
- and tee to a new file so it doesn't overwrite
Using cluster_names in GRPC resource config is deprecated: envoyproxy/envoy@ad02e4a Signed-off-by: Romain Lenglet <romain@covalent.io>
* Sort HTTP route virtual hosts before sending listeners to Envoy. Listeners with multiple filter chains containing HTTP filters require that the HTTP filters have consistent ordering due to how Envoy computes updates. * don't respond with empty listeners * address review comments * fix linter * linters, once more
Codecov Report
@@ Coverage Diff @@
## release-0.8 #5250 +/- ##
============================================
+ Coverage 73% 74% +1%
============================================
Files 313 323 +10
Lines 26292 27272 +980
============================================
+ Hits 19134 19999 +865
- Misses 6388 6481 +93
- Partials 770 792 +22
Continue to review full report at Codecov.
|
* re-add istioctl unit tests to Makefile #3820 moved istioctl out of pilot subdirectory but forgot to re-add istioctl unit tests to top-level Makefile. Fix that problem and also the currently broken tests. * add missing test data
mixer and backend should also do this, but that involves slightly more work.
|
@hklai: The following tests failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See context and plan in https://bit.ly/2KdDvnH