feat: Beta support for running consul-k8s without client agents #1552
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add initial support for the basic service mesh running with agentless. * Update connect-inject deployment to talk to consul servers (currently only in-cluster servers are supported; external servers support will come in a later PR) * Update endpoints controller to register and deregister services and health checks in the catalog and stop using agent APIs * Update connect-init command to take the -node-name flag so that it can search for services within a given node using catalog APIs * Add k8s probes to the envoy container * Provide -node-name flag to the consul connect envoy command so that we can generate correct configuration * Selectively disable acceptance tests that don't yet work in this configuration * Disable consul clients by default
* Register mesh-gateways using the endpoints controller. - Use consul-dataplane to configure the mesh-gateway proxy and remove envoy container. - Remove instances of client and auto-encrypt from the deployment. * Replace ioutil.ReadFile with os.ReadFile
…ager (#1502) * Introduce new set of Consul flags that will be used by all consul-k8s commands * Use consul-server-connection-manager to discover servers and use up-to-date server IP every time we need to make an API request.
- Added a `terminating-gateway-service.yaml` template. In order to register the deployment with the Endpoints Controller, a "dummy" service must exist so that a Kubernetes endpoint object is created, triggering the Endpoints Controller reconcile loop. - Modified the `terminating-gateway-deployment.yaml` template: - Added a "managed by" label. - Added annotations to configure the behavior of the Endpoints Controller during registration. - Removed the `copy-consul-bin` init container. - Changed the `terminating-gateway-init` init container to use `connect-init` instead of `acl-init` as the client `acl-init` talked to will no longer exist in agentless. - Removed the `preStop` hook from the `terminating-gateway` container. - Removed the `consul-sidecar` container in preparation for the blessings of the Consul Dataplane. - Removed BATS tests which covered features no longer present in agentless. - Added BATS tests for `terminating-gateway-service` and for Consul namespace handling in `terminating-gateway-deployment`. - Added annotation `consul.hashicorp.com/terminating-gateway-namespace` to configure which Consul namespace a terminating gateway will be placed in when using Consul Enterprise. - Modified the Endpoints Controller to register terminating gateways - Added a `switch` to the `createGatewayRegistrations` method which handles configuration of the endpoint particular to the terminating gateway. - Added unit tests which verify the registrations created by `createGatewayRegistrations` is correct. - Added a unit test to verify the the `Reconcile` method does register the endpoint. Co-authored-by: Iryna Shustava <[email protected]> Co-authored-by: Ashwin Venkatesh <[email protected]> Co-authored-by: Ashwin Venkatesh <[email protected]>
… command (#1520) * Introduce new set of Consul flags that will be used by all consul-k8s commands * Use consul-server-connection-manager to discover servers and use up-to-date server IP every time we need to make an API request. Co-authored-by: Ashwin Venkatesh <[email protected]>
* integrate partition-init job with consul-server-connection-manager * integrate controller with consul-server-connection-manager * modify partition token to be be able read all services so that it works with connection manager
- Use consul-dataplane instead of envoy.
t-eckert
approved these changes
Sep 28, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes proposed in this PR:
How I've tested this PR:
acceptance tests
How I expect reviewers to test this PR:
I expect you to just hit approve 🤣
Checklist: