diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 12aa9ba6..d6dbcc41 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -7,42 +7,72 @@ We welcome contributions :) Also refer to [Collaboration](./README.md) for communication channels. ## Setting up for local Development -* Clone the repo and set ADMIRAL_HOME env variable + +### Pre-requisite + +#### Pre requisite 1 - Setup environment variables ```bash git clone https://github.com/istio-ecosystem/admiral.git cd admiral export ADMIRAL_HOME=$(pwd) -``` -* Run a [minikube](https://kubernetes.io/docs/setup/learning-environment/minikube/) k8s cluster using existing script (you can use any k8s cluster if one exists already) -* Note: Recommend using k8s version 1.16.8 or above to work with recent istio version +``` + +#### Pre requisite 2 - Create a kubernetes cluster ```bash -$ADMIRAL_HOME/tests/create_cluster.sh 1.16.8 +$ADMIRAL_HOME/tests/create_cluster.sh 1.28.0 export KUBECONFIG=~/.kube/config ``` -* Install [Prerequisites](./docs/Examples.md#Prerequisite) and make sure to install istio control plane in cluster. Alternatively, you can use the script to install istio control plane on the cluster created in previous step: -Mac: `$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 osx` +#### Pre requisite 3 - Install Istio +For Mac (Intel based): +```bash +$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 osx +``` + +Mac (Apple Silicon): +```bash +$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 osx-arm64 +``` + +Linux: +```bash +$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 linux +``` + +#### Pre requisite 4 - Config DNS Proxying +Configure DNS for service entries (hosts) ending in `global`, by enabling [Enable DNS proxy mode](https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/) -Mac (Apple Silicon): `$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 osx-arm64` +#### Pre requisite 5 - Install kustomize +```bash +brew install kustomize +``` -Linux: `$ADMIRAL_HOME/tests/install_istio.sh 1.20.2 linux` +## Running Admiral -* Set up necessary permissions and configurations for Admiral +### Install Admiral CRDs, and grant access using RBAC ```bash $ADMIRAL_HOME/install/scripts/dev_setup.sh ``` -* Run `admiral` from your IDE (assumes that the kubeconfig is for the cluster is at `~/.kube/config`) + +### Installing istio's bookinfo applications +```bash +kubectl apply -f out/yaml/bookinfo/* --kubeconfig $KUBECONFIG ``` -$ADMIRAL_HOME/admiral/cmd/admiral/main.go --kube_config "" + +### Run admiral as a local process +```bash +go run $ADMIRAL_HOME/admiral/cmd/admiral/main.go --sync_period=5s --kube_config $KUBECONFIG ``` -* `Optional`: Adding a second cluster for admiral to monitor (for multi-cluster) +## Optional configurations + +### Multi cluster admiral setup ```bash $ADMIRAL_HOME/install/scripts/cluster-secret.sh admiral ``` -* `Optional`: Run `admiral` inside the minikube cluster +### Running admiral as a deployment inside a kubernetes cluster ```bash # point to the admiral primary cluster export KUBECONFIG= @@ -60,7 +90,7 @@ minikube service admiral-http -n admiral --url minikube service admiral-metrics -n admiral --url ``` -* `Optional`: Install prometheus for metrics. +### Install prometheus for metrics. ```bash # build the yaml files make gen-yaml diff --git a/install/sample/bookinfo/bookinfo.yaml b/install/sample/bookinfo/bookinfo.yaml new file mode 100644 index 00000000..a861ace7 --- /dev/null +++ b/install/sample/bookinfo/bookinfo.yaml @@ -0,0 +1,461 @@ +# Copyright Istio Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################################################## +# This file defines the services, service accounts, and deployments for the Bookinfo sample. +# +# To apply all 4 Bookinfo services, their corresponding service accounts, and deployments: +# +# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml +# +# Alternatively, you can deploy any resource separately: +# +# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l service=reviews # reviews Service +# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l account=reviews # reviews ServiceAccount +# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml -l app=reviews,version=v3 # reviews-v3 Deployment +################################################################################################## + +################################################################################################## +# Details service +################################################################################################## +apiVersion: v1 +kind: Service +metadata: + name: details + labels: + app: details + service: details +spec: + ports: + - port: 9080 + name: http + selector: + app: details +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bookinfo-details + labels: + account: details +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: details +spec: + hosts: + - details.bookinfo.svc.cluster.local + - details + http: + - name: "routes" + route: + - destination: + host: v1.details.global +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: details-v1 + labels: + app: details + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: details + version: v1 + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: details + version: v1 + identity: details + admiral.io/env: v1 + spec: + serviceAccountName: bookinfo-details + containers: + - name: details + image: docker.io/istio/examples-bookinfo-details-v1:1.20.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 9080 +--- +################################################################################################## +# Ratings service +################################################################################################## +apiVersion: v1 +kind: Service +metadata: + name: ratings + labels: + app: ratings + service: ratings +spec: + ports: + - port: 9080 + name: http + selector: + app: ratings +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bookinfo-ratings + labels: + account: ratings +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: ratings +spec: + hosts: + - ratings.bookinfo.svc.cluster.local + - ratings + http: + - name: "routes" + route: + - destination: + host: v1.ratings.global +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ratings-v1 + labels: + app: ratings + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: ratings + version: v1 + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: ratings + version: v1 + identity: ratings + admiral.io/env: v1 + spec: + serviceAccountName: bookinfo-ratings + containers: + - name: ratings + image: docker.io/istio/examples-bookinfo-ratings-v1:1.20.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 9080 +--- +################################################################################################## +# Reviews service +################################################################################################## +apiVersion: v1 +kind: Service +metadata: + name: reviews + labels: + app: reviews + service: reviews +spec: + ports: + - port: 9080 + name: http + selector: + app: reviews +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bookinfo-reviews + labels: + account: reviews +--- +apiVersion: networking.istio.io/v1 +kind: VirtualService +metadata: + name: reviews +spec: + hosts: + - reviews.bookinfo.svc.cluster.local + - reviews + http: + - name: "routes" + route: + - destination: + host: v1.reviews.global +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reviews-v1 + labels: + app: reviews + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: reviews + version: v1 + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: reviews + version: v1 + identity: "reviews" + admiral.io/env: v1 + spec: + serviceAccountName: bookinfo-reviews + containers: + - name: reviews + image: docker.io/istio/examples-bookinfo-reviews-v1:1.20.1 + imagePullPolicy: IfNotPresent + env: + - name: LOG_DIR + value: "/tmp/logs" + ports: + - containerPort: 9080 + volumeMounts: + - name: tmp + mountPath: /tmp + - name: wlp-output + mountPath: /opt/ibm/wlp/output + volumes: + - name: wlp-output + emptyDir: {} + - name: tmp + emptyDir: {} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reviews-v2 + labels: + app: reviews + version: v2 +spec: + replicas: 1 + selector: + matchLabels: + app: reviews + version: v2 + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: reviews + version: v2 + identity: "reviews" + admiral.io/env: v2 + spec: + serviceAccountName: bookinfo-reviews + containers: + - name: reviews + image: docker.io/istio/examples-bookinfo-reviews-v2:1.20.1 + imagePullPolicy: IfNotPresent + env: + - name: LOG_DIR + value: "/tmp/logs" + ports: + - containerPort: 9080 + volumeMounts: + - name: tmp + mountPath: /tmp + - name: wlp-output + mountPath: /opt/ibm/wlp/output + volumes: + - name: wlp-output + emptyDir: {} + - name: tmp + emptyDir: {} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: reviews-v3 + labels: + app: reviews + version: v3 +spec: + replicas: 1 + selector: + matchLabels: + app: reviews + version: v3 + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: reviews + version: v3 + identity: "reviews" + admiral.io/env: "v3" + spec: + serviceAccountName: bookinfo-reviews + containers: + - name: reviews + image: docker.io/istio/examples-bookinfo-reviews-v3:1.20.1 + imagePullPolicy: IfNotPresent + env: + - name: LOG_DIR + value: "/tmp/logs" + ports: + - containerPort: 9080 + volumeMounts: + - name: tmp + mountPath: /tmp + - name: wlp-output + mountPath: /opt/ibm/wlp/output + volumes: + - name: wlp-output + emptyDir: {} + - name: tmp + emptyDir: {} +--- +################################################################################################## +# Productpage services +################################################################################################## +apiVersion: v1 +kind: Service +metadata: + name: productpage + labels: + app: productpage + service: productpage +spec: + ports: + - port: 9080 + name: http + selector: + app: productpage +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bookinfo-productpage + labels: + account: productpage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: productpage-v1 + labels: + app: productpage + version: v1 +spec: + replicas: 1 + selector: + matchLabels: + app: productpage + version: v1 + template: + metadata: + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9080" + prometheus.io/path: "/metrics" + sidecar.istio.io/inject: "true" + labels: + app: productpage + version: v1 + identity: "reviews" + admiral.io/env: v2 + spec: + serviceAccountName: bookinfo-productpage + containers: + - name: productpage + image: docker.io/istio/examples-bookinfo-productpage-v1:1.20.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 9080 + volumeMounts: + - name: tmp + mountPath: /tmp + volumes: + - name: tmp + emptyDir: {} +--- + +# Copyright Istio Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################################################## +# httpbin service +################################################################################################## +apiVersion: v1 +kind: ServiceAccount +metadata: + name: httpbin +--- +apiVersion: v1 +kind: Service +metadata: + name: httpbin + labels: + app: httpbin + service: httpbin +spec: + ports: + - name: http + port: 8000 + targetPort: 8080 + selector: + app: httpbin +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: httpbin +spec: + replicas: 1 + selector: + matchLabels: + app: httpbin + version: v1 + template: + metadata: + labels: + app: httpbin + version: v1 + spec: + serviceAccountName: httpbin + containers: + - image: docker.io/mccutchen/go-httpbin:v2.15.0 + imagePullPolicy: IfNotPresent + name: httpbin + ports: + - containerPort: 8080 diff --git a/install/sample/bookinfo/bookinfo_dep.yaml b/install/sample/bookinfo/bookinfo_dep.yaml new file mode 100644 index 00000000..0c27ec22 --- /dev/null +++ b/install/sample/bookinfo/bookinfo_dep.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: admiral.io/v1alpha1 +kind: Dependency +metadata: + name: productpage + namespace: admiral +spec: + source: productpage + identityLabel: identity + destinations: + - details + - reviews + +--- +apiVersion: admiral.io/v1alpha1 +kind: Dependency +metadata: + name: reviews + namespace: admiral +spec: + source: reviews + identityLabel: identity + destinations: + - ratings