From ea6af449a8d8cade3e830a85db9f7fd34ecb66c5 Mon Sep 17 00:00:00 2001
From: rongzhang <rongzhang@alauda.io>
Date: Wed, 8 Aug 2018 11:01:15 +0800
Subject: [PATCH] Remove istio support
Use helm install or support in future
---
inventory/sample/group_vars/k8s-cluster.yml | 3 -
roles/download/defaults/main.yml | 96 --
roles/kubernetes-apps/istio/defaults/main.yml | 2 -
roles/kubernetes-apps/istio/tasks/main.yml | 45 -
.../istio/templates/istio-initializer.yml.j2 | 84 --
.../istio/templates/istio.yml.j2 | 1285 -----------------
roles/kubernetes-apps/meta/main.yml | 8 -
.../tasks/growpart-azure-centos-7.yml | 4 +-
roles/kubespray-defaults/defaults/main.yaml | 2 -
tests/files/gce_centos7-flannel-addons.yml | 1 -
10 files changed, 2 insertions(+), 1528 deletions(-)
delete mode 100644 roles/kubernetes-apps/istio/defaults/main.yml
delete mode 100644 roles/kubernetes-apps/istio/tasks/main.yml
delete mode 100644 roles/kubernetes-apps/istio/templates/istio-initializer.yml.j2
delete mode 100644 roles/kubernetes-apps/istio/templates/istio.yml.j2
diff --git a/inventory/sample/group_vars/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster.yml
index cc77d5008..e9864511a 100644
--- a/inventory/sample/group_vars/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster.yml
@@ -177,9 +177,6 @@ efk_enabled: false
# Helm deployment
helm_enabled: false
-# Istio deployment
-istio_enabled: false
-
# Registry deployment
registry_enabled: false
# registry_namespace: "{{ system_namespace }}"
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index 2e7937f98..6db11da96 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -36,7 +36,6 @@ calico_policy_version: "v1.0.3"
calico_rr_version: "v0.4.2"
flannel_version: "v0.10.0"
flannel_cni_version: "v0.3.0"
-istio_version: "0.2.6"
vault_version: 0.10.1
weave_version: 2.3.0
pod_infra_version: 3.0
@@ -44,12 +43,10 @@ contiv_version: 1.1.7
cilium_version: "v1.0.0-rc8"
# Download URLs
-istioctl_download_url: "https://storage.googleapis.com/istio-release/releases/{{ istio_version }}/istioctl/istioctl-linux"
kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/amd64/kubeadm"
vault_download_url: "https://releases.hashicorp.com/vault/{{ vault_version }}/vault_{{ vault_version }}_linux_amd64.zip"
# Checksums
-istioctl_checksum: fd703063c540b8c0ab943f478c05ab257d88ae27224c746a27d0526ddbf7c370
kubeadm_checksum: 7e1169bbbeed973ab402941672dec957638dea5952a1e8bc89a37d5e709cc4b4
vault_binary_checksum: 3c4d70ba71619a43229e65c67830e30e050eab7a81ac6b28325ff707e5914188
@@ -70,22 +67,6 @@ calico_policy_image_repo: "quay.io/calico/kube-controllers"
calico_policy_image_tag: "{{ calico_policy_version }}"
calico_rr_image_repo: "quay.io/calico/routereflector"
calico_rr_image_tag: "{{ calico_rr_version }}"
-istio_proxy_image_repo: docker.io/istio/proxy
-istio_proxy_image_tag: "{{ istio_version }}"
-istio_proxy_init_image_repo: docker.io/istio/proxy_init
-istio_proxy_init_image_tag: "{{ istio_version }}"
-istio_ca_image_repo: docker.io/istio/istio-ca
-istio_ca_image_tag: "{{ istio_version }}"
-istio_mixer_image_repo: docker.io/istio/mixer
-istio_mixer_image_tag: "{{ istio_version }}"
-istio_pilot_image_repo: docker.io/istio/pilot
-istio_pilot_image_tag: "{{ istio_version }}"
-istio_proxy_debug_image_repo: docker.io/istio/proxy_debug
-istio_proxy_debug_image_tag: "{{ istio_version }}"
-istio_sidecar_initializer_image_repo: docker.io/istio/sidecar_initializer
-istio_sidecar_initializer_image_tag: "{{ istio_version }}"
-istio_statsd_image_repo: prom/statsd-exporter
-istio_statsd_image_tag: latest
hyperkube_image_repo: "gcr.io/google-containers/hyperkube"
hyperkube_image_tag: "{{ kube_version }}"
pod_infra_image_repo: "gcr.io/google_containers/pause-amd64"
@@ -202,83 +183,6 @@ downloads:
mode: "0755"
groups:
- k8s-cluster
- istioctl:
- enabled: "{{ istio_enabled }}"
- file: true
- version: "{{ istio_version }}"
- dest: "istio/istioctl"
- sha256: "{{ istioctl_checksum }}"
- source_url: "{{ istioctl_download_url }}"
- url: "{{ istioctl_download_url }}"
- unarchive: false
- owner: "root"
- mode: "0755"
- groups:
- - kube-master
- istio_proxy:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_proxy_image_repo }}"
- tag: "{{ istio_proxy_image_tag }}"
- sha256: "{{ istio_proxy_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_proxy_init:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_proxy_init_image_repo }}"
- tag: "{{ istio_proxy_init_image_tag }}"
- sha256: "{{ istio_proxy_init_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_ca:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_ca_image_repo }}"
- tag: "{{ istio_ca_image_tag }}"
- sha256: "{{ istio_ca_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_mixer:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_mixer_image_repo }}"
- tag: "{{ istio_mixer_image_tag }}"
- sha256: "{{ istio_mixer_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_pilot:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_pilot_image_repo }}"
- tag: "{{ istio_pilot_image_tag }}"
- sha256: "{{ istio_pilot_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_proxy_debug:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_proxy_debug_image_repo }}"
- tag: "{{ istio_proxy_debug_image_tag }}"
- sha256: "{{ istio_proxy_debug_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_sidecar_initializer:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_sidecar_initializer_image_repo }}"
- tag: "{{ istio_sidecar_initializer_image_tag }}"
- sha256: "{{ istio_sidecar_initializer_digest_checksum|default(None) }}"
- groups:
- - kube-node
- istio_statsd:
- enabled: "{{ istio_enabled }}"
- container: true
- repo: "{{ istio_statsd_image_repo }}"
- tag: "{{ istio_statsd_image_tag }}"
- sha256: "{{ istio_statsd_digest_checksum|default(None) }}"
- groups:
- - kube-node
hyperkube:
enabled: true
container: true
diff --git a/roles/kubernetes-apps/istio/defaults/main.yml b/roles/kubernetes-apps/istio/defaults/main.yml
deleted file mode 100644
index 6124ce42e..000000000
--- a/roles/kubernetes-apps/istio/defaults/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-istio_namespace: istio-system
diff --git a/roles/kubernetes-apps/istio/tasks/main.yml b/roles/kubernetes-apps/istio/tasks/main.yml
deleted file mode 100644
index 5e36a56cc..000000000
--- a/roles/kubernetes-apps/istio/tasks/main.yml
+++ /dev/null
@@ -1,45 +0,0 @@
----
-- name: istio | Create addon dir
- file:
- path: "{{ kube_config_dir }}/addons/istio"
- owner: root
- group: root
- mode: 0755
- recurse: yes
-
-- name: istio | Lay out manifests
- template:
- src: "{{item.file}}.j2"
- dest: "{{kube_config_dir}}/addons/istio/{{item.file}}"
- with_items:
- - {name: istio-mixer, file: istio.yml, type: deployment }
- - {name: istio-initializer, file: istio-initializer.yml, type: deployment }
- register: manifests
- when: inventory_hostname == groups['kube-master'][0]
-
-- name: istio | Copy istioctl binary from download dir
- command: rsync -piu "{{ local_release_dir }}/istio/istioctl" "{{ bin_dir }}/istioctl"
- changed_when: false
-
-- name: istio | Set up bash completion
- shell: "{{ bin_dir }}/istioctl completion >/etc/bash_completion.d/istioctl.sh"
- when: ansible_os_family in ["Debian","RedHat"]
-
-- name: istio | Set bash completion file
- file:
- path: /etc/bash_completion.d/istioctl.sh
- owner: root
- group: root
- mode: 0755
- when: ansible_os_family in ["Debian","RedHat"]
-
-- name: istio | apply manifests
- kube:
- name: "{{item.item.name}}"
- namespace: "{{ istio_namespace }}"
- kubectl: "{{bin_dir}}/kubectl"
- resource: "{{item.item.type}}"
- filename: "{{kube_config_dir}}/addons/istio/{{item.item.file}}"
- state: "latest"
- with_items: "{{ manifests.results }}"
- when: inventory_hostname == groups['kube-master'][0]
diff --git a/roles/kubernetes-apps/istio/templates/istio-initializer.yml.j2 b/roles/kubernetes-apps/istio/templates/istio-initializer.yml.j2
deleted file mode 100644
index 84f957ed1..000000000
--- a/roles/kubernetes-apps/istio/templates/istio-initializer.yml.j2
+++ /dev/null
@@ -1,84 +0,0 @@
-# GENERATED FILE. Use with Kubernetes 1.7+
-# TO UPDATE, modify files in install/kubernetes/templates and run install/updateVersion.sh
-################################
-# Istio initializer
-################################
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: istio-inject
- namespace: {{ istio_namespace }}
-data:
- config: |-
- policy: "enabled"
- namespaces: [""] # everything, aka v1.NamepsaceAll, aka cluster-wide
- initializerName: "sidecar.initializer.istio.io"
- params:
- initImage: {{ istio_proxy_init_image_repo }}:{{ istio_proxy_init_image_tag }}
- proxyImage: {{ istio_proxy_image_repo }}:{{ istio_proxy_image_tag }}
- verbosity: 2
- version: 0.2.6
- meshConfigMapName: istio
- imagePullPolicy: IfNotPresent
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-initializer-service-account
- namespace: {{ istio_namespace }}
----
-apiVersion: apps/v1beta1
-kind: Deployment
-metadata:
- name: istio-initializer
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
- initializers:
- pending: []
- labels:
- istio: istio-initializer
-spec:
- replicas: 1
- template:
- metadata:
- name: istio-initializer
- labels:
- istio: initializer
- annotations:
- sidecar.istio.io/inject: "false"
- spec:
- serviceAccountName: istio-initializer-service-account
- containers:
- - name: initializer
- image: {{ istio_sidecar_initializer_image_repo }}:{{ istio_sidecar_initializer_image_tag }}
- imagePullPolicy: IfNotPresent
- args:
- - --port=8083
- - --namespace={{ istio_namespace }}
- - -v=2
- volumeMounts:
- - name: config-volume
- mountPath: /etc/istio/config
- volumes:
- - name: config-volume
- configMap:
- name: istio
----
-apiVersion: admissionregistration.k8s.io/v1alpha1
-kind: InitializerConfiguration
-metadata:
- name: istio-sidecar
-initializers:
- - name: sidecar.initializer.istio.io
- rules:
- - apiGroups:
- - "*"
- apiVersions:
- - "*"
- resources:
- - deployments
- - statefulsets
- - jobs
- - daemonsets
----
diff --git a/roles/kubernetes-apps/istio/templates/istio.yml.j2 b/roles/kubernetes-apps/istio/templates/istio.yml.j2
deleted file mode 100644
index bd0b93a7f..000000000
--- a/roles/kubernetes-apps/istio/templates/istio.yml.j2
+++ /dev/null
@@ -1,1285 +0,0 @@
-# GENERATED FILE. Use with Kubernetes 1.7+
-# TO UPDATE, modify files in install/kubernetes/templates and run install/updateVersion.sh
-################################
-# Istio system namespace
-################################
-apiVersion: v1
-kind: Namespace
-metadata:
- name: {{ istio_namespace }}
----
-################################
-# Istio RBAC
-################################
-# Permissions and roles for istio
-# To debug: start the cluster with -vmodule=rbac,3 to enable verbose logging on RBAC DENY
-# Also helps to enable logging on apiserver 'wrap' to see the URLs.
-# Each RBAC deny needs to be mapped into a rule for the role.
-# If using minikube, start with '--extra-config=apiserver.Authorization.Mode=RBAC'
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-pilot-istio-system
-rules:
-- apiGroups: ["config.istio.io"]
- resources: ["*"]
- verbs: ["*"]
-- apiGroups: ["apiextensions.k8s.io"]
- resources: ["customresourcedefinitions"]
- verbs: ["*"]
-- apiGroups: ["istio.io"]
- resources: ["istioconfigs", "istioconfigs.istio.io"]
- verbs: ["*"]
-- apiGroups: ["extensions"]
- resources: ["thirdpartyresources", "thirdpartyresources.extensions", "ingresses", "ingresses/status"]
- verbs: ["*"]
-- apiGroups: [""]
- resources: ["configmaps", "endpoints", "pods", "services"]
- verbs: ["*"]
-- apiGroups: [""]
- resources: ["namespaces", "nodes", "secrets"]
- verbs: ["get", "list", "watch"]
-- apiGroups: ["admissionregistration.k8s.io"]
- resources: ["externaladmissionhookconfigurations"]
- verbs: ["create", "update", "delete"]
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-initializer-istio-system
-rules:
-- apiGroups: ["*"]
- resources: ["deployments", "statefulsets", "jobs", "cronjobs", "daemonsets", "replicasets", "replicationcontrollers"]
- verbs: ["initialize", "patch", "watch", "list"]
-- apiGroups: ["*"]
- resources: ["configmaps"]
- verbs: ["get", "list", "watch"]
----
-# Mixer CRD needs to watch and list CRDs
-# It also uses discovery API to discover Kinds of config.istio.io
-# K8s adapter needs to list pods, services etc.
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-mixer-istio-system
-rules:
-- apiGroups: ["config.istio.io"] # Istio CRD watcher
- resources: ["*"]
- verbs: ["get", "list", "watch"]
-- apiGroups: ["apiextensions.k8s.io"]
- resources: ["customresourcedefinitions"]
- verbs: ["get", "list", "watch"]
-- apiGroups: [""]
- resources: ["configmaps", "endpoints", "pods", "services", "namespaces", "secrets"]
- verbs: ["get", "list", "watch"]
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-ca-istio-system
-rules:
-- apiGroups: [""]
- resources: ["secrets"]
- verbs: ["create", "get", "watch", "list", "update"]
-- apiGroups: [""]
- resources: ["serviceaccounts"]
- verbs: ["get", "watch", "list"]
----
-# Permissions for the sidecar proxy.
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-sidecar-istio-system
-rules:
-- apiGroups: ["istio.io"]
- resources: ["istioconfigs"]
- verbs: ["get", "watch", "list"]
-- apiGroups: ["extensions"]
- resources: ["thirdpartyresources", "ingresses"]
- verbs: ["get", "watch", "list", "update"]
-- apiGroups: [""]
- resources: ["configmaps", "pods", "endpoints", "services"]
- verbs: ["get", "watch", "list"]
----
-# Grant permissions to the Pilot/discovery.
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-pilot-admin-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-pilot-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-pilot-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to the Sidecar initializer
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-initializer-admin-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-initializer-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-initializer-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to the CA.
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-ca-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-ca-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-ca-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to the Ingress controller.
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-ingress-admin-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-ingress-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-pilot-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to the Egress controller.
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-egress-admin-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-egress-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-pilot-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to the sidecar.
-# TEMPORARY: the istioctl should generate a separate service account for the proxy, and permission
-# granted only to that account !
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-sidecar-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: default
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-sidecar-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Grant permissions to Mixer.
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: istio-mixer-admin-role-binding-istio-system
-subjects:
-- kind: ServiceAccount
- name: istio-mixer-service-account
- namespace: {{ istio_namespace }}
-roleRef:
- kind: ClusterRole
- name: istio-mixer-istio-system
- apiGroup: rbac.authorization.k8s.io
----
-# Mixer
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: istio-mixer
- namespace: {{ istio_namespace }}
-data:
- mapping.conf: |-
----
-apiVersion: v1
-kind: Service
-metadata:
- name: istio-mixer
- namespace: {{ istio_namespace }}
- labels:
- istio: mixer
-spec:
- ports:
- - name: tcp
- port: 9091
- - name: http-health
- port: 9093
- - name: configapi
- port: 9094
- - name: statsd-prom
- port: 9102
- - name: statsd-udp
- port: 9125
- protocol: UDP
- - name: prometheus
- port: 42422
- selector:
- istio: mixer
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-mixer-service-account
- namespace: {{ istio_namespace }}
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: istio-mixer
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- istio: mixer
- spec:
- serviceAccountName: istio-mixer-service-account
- containers:
- - name: statsd-to-prometheus
- image: {{ istio_statsd_image_repo }}:{{ istio_statsd_image_tag }}
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9102
- - containerPort: 9125
- protocol: UDP
- args:
- - '-statsd.mapping-config=/etc/statsd/mapping.conf'
- volumeMounts:
- - name: config-volume
- mountPath: /etc/statsd
- - name: mixer
- image: {{ istio_mixer_image_repo }}:{{ istio_mixer_image_tag }}
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 9091
- - containerPort: 9094
- - containerPort: 42422
- args:
- - --configStoreURL=fs:///etc/opt/mixer/configroot
- - --configStore2URL=k8s://
- - --configDefaultNamespace=istio-system
- - --traceOutput=http://zipkin:9411/api/v1/spans
- - --logtostderr
- - -v
- - "2"
- volumes:
- - name: config-volume
- configMap:
- name: istio-mixer
----
-# Mixer CRD definitions are generated using
-# mixs crd all
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: rules.config.istio.io
- labels:
- package: istio.io.mixer
- istio: core
-spec:
- group: config.istio.io
- names:
- kind: rule
- plural: rules
- singular: rule
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: attributemanifests.config.istio.io
- labels:
- package: istio.io.mixer
- istio: core
-spec:
- group: config.istio.io
- names:
- kind: attributemanifest
- plural: attributemanifests
- singular: attributemanifest
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: deniers.config.istio.io
- labels:
- package: denier
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: denier
- plural: deniers
- singular: denier
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: listcheckers.config.istio.io
- labels:
- package: listchecker
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: listchecker
- plural: listcheckers
- singular: listchecker
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: memquotas.config.istio.io
- labels:
- package: memquota
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: memquota
- plural: memquotas
- singular: memquota
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: noops.config.istio.io
- labels:
- package: noop
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: noop
- plural: noops
- singular: noop
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: prometheuses.config.istio.io
- labels:
- package: prometheus
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: prometheus
- plural: prometheuses
- singular: prometheus
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: stackdrivers.config.istio.io
- labels:
- package: stackdriver
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: stackdriver
- plural: stackdrivers
- singular: stackdriver
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: statsds.config.istio.io
- labels:
- package: statsd
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: statsd
- plural: statsds
- singular: statsd
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: stdios.config.istio.io
- labels:
- package: stdio
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: stdio
- plural: stdios
- singular: stdio
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: svcctrls.config.istio.io
- labels:
- package: svcctrl
- istio: mixer-adapter
-spec:
- group: config.istio.io
- names:
- kind: svcctrl
- plural: svcctrls
- singular: svcctrl
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: checknothings.config.istio.io
- labels:
- package: checknothing
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: checknothing
- plural: checknothings
- singular: checknothing
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: listentries.config.istio.io
- labels:
- package: listentry
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: listentry
- plural: listentries
- singular: listentry
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: logentries.config.istio.io
- labels:
- package: logentry
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: logentry
- plural: logentries
- singular: logentry
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: metrics.config.istio.io
- labels:
- package: metric
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: metric
- plural: metrics
- singular: metric
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: quotas.config.istio.io
- labels:
- package: quota
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: quota
- plural: quotas
- singular: quota
- scope: Namespaced
- version: v1alpha2
----
-
-kind: CustomResourceDefinition
-apiVersion: apiextensions.k8s.io/v1beta1
-metadata:
- name: reportnothings.config.istio.io
- labels:
- package: reportnothing
- istio: mixer-instance
-spec:
- group: config.istio.io
- names:
- kind: reportnothing
- plural: reportnothings
- singular: reportnothing
- scope: Namespaced
- version: v1alpha2
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: attributemanifest
-metadata:
- name: istioproxy
- namespace: {{ istio_namespace }}
-spec:
- attributes:
- origin.ip:
- valueType: IP_ADDRESS
- origin.uid:
- valueType: STRING
- origin.user:
- valueType: STRING
- request.headers:
- valueType: STRING_MAP
- request.id:
- valueType: STRING
- request.host:
- valueType: STRING
- request.method:
- valueType: STRING
- request.path:
- valueType: STRING
- request.reason:
- valueType: STRING
- request.referer:
- valueType: STRING
- request.scheme:
- valueType: STRING
- request.size:
- valueType: INT64
- request.time:
- valueType: TIMESTAMP
- request.useragent:
- valueType: STRING
- response.code:
- valueType: INT64
- response.duration:
- valueType: DURATION
- response.headers:
- valueType: STRING_MAP
- response.size:
- valueType: INT64
- response.time:
- valueType: TIMESTAMP
- source.uid:
- valueType: STRING
- source.user:
- valueType: STRING
- destination.uid:
- valueType: STRING
- connection.id:
- valueType: STRING
- connection.received.bytes:
- valueType: INT64
- connection.received.bytes_total:
- valueType: INT64
- connection.sent.bytes:
- valueType: INT64
- connection.sent.bytes_total:
- valueType: INT64
- connection.duration:
- valueType: DURATION
- context.protocol:
- valueType: STRING
- context.timestamp:
- valueType: TIMESTAMP
- context.time:
- valueType: TIMESTAMP
-
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: attributemanifest
-metadata:
- name: kubernetes
- namespace: {{ istio_namespace }}
-spec:
- attributes:
- source.ip:
- valueType: IP_ADDRESS
- source.labels:
- valueType: STRING_MAP
- source.name:
- valueType: STRING
- source.namespace:
- valueType: STRING
- source.service:
- valueType: STRING
- source.serviceAccount:
- valueType: STRING
- destination.ip:
- valueType: IP_ADDRESS
- destination.labels:
- valueType: STRING_MAP
- destination.name:
- valueType: STRING
- destination.namespace:
- valueType: STRING
- destination.service:
- valueType: STRING
- destination.serviceAccount:
- valueType: STRING
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: stdio
-metadata:
- name: handler
- namespace: {{ istio_namespace }}
-spec:
- outputAsJson: true
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: logentry
-metadata:
- name: accesslog
- namespace: {{ istio_namespace }}
-spec:
- severity: '"Default"'
- timestamp: request.time
- variables:
- sourceIp: source.ip | ip("0.0.0.0")
- destinationIp: destination.ip | ip("0.0.0.0")
- sourceUser: source.user | ""
- method: request.method | ""
- url: request.path | ""
- protocol: request.scheme | "http"
- responseCode: response.code | 0
- responseSize: response.size | 0
- requestSize: request.size | 0
- latency: response.duration | "0ms"
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: rule
-metadata:
- name: stdio
- namespace: {{ istio_namespace }}
-spec:
- match: "true" # If omitted match is true.
- actions:
- - handler: handler.stdio
- instances:
- - accesslog.logentry
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: requestcount
- namespace: {{ istio_namespace }}
-spec:
- value: "1"
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- response_code: response.code | 200
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: requestduration
- namespace: {{ istio_namespace }}
-spec:
- value: response.duration | "0ms"
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- response_code: response.code | 200
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: requestsize
- namespace: {{ istio_namespace }}
-spec:
- value: request.size | 0
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- response_code: response.code | 200
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: responsesize
- namespace: {{ istio_namespace }}
-spec:
- value: response.size | 0
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- response_code: response.code | 200
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: tcpbytesent
- namespace: {{ istio_namespace }}
- labels:
- istio-protocol: tcp # needed so that mixer will only generate when context.protocol == tcp
-spec:
- value: connection.sent.bytes | 0
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: metric
-metadata:
- name: tcpbytereceived
- namespace: {{ istio_namespace }}
- labels:
- istio-protocol: tcp # needed so that mixer will only generate when context.protocol == tcp
-spec:
- value: connection.received.bytes | 0
- dimensions:
- source_service: source.service | "unknown"
- source_version: source.labels["version"] | "unknown"
- destination_service: destination.service | "unknown"
- destination_version: destination.labels["version"] | "unknown"
- monitored_resource_type: '"UNSPECIFIED"'
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: prometheus
-metadata:
- name: handler
- namespace: {{ istio_namespace }}
-spec:
- metrics:
- - name: request_count
- instance_name: requestcount.metric.istio-system
- kind: COUNTER
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
- - response_code
- - name: request_duration
- instance_name: requestduration.metric.istio-system
- kind: DISTRIBUTION
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
- - response_code
- buckets:
- explicit_buckets:
- bounds: [0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10]
- - name: request_size
- instance_name: requestsize.metric.istio-system
- kind: DISTRIBUTION
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
- - response_code
- buckets:
- exponentialBuckets:
- numFiniteBuckets: 8
- scale: 1
- growthFactor: 10
- - name: response_size
- instance_name: responsesize.metric.istio-system
- kind: DISTRIBUTION
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
- - response_code
- buckets:
- exponentialBuckets:
- numFiniteBuckets: 8
- scale: 1
- growthFactor: 10
- - name: tcp_bytes_sent
- instance_name: tcpbytesent.metric.istio-system
- kind: COUNTER
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
- - name: tcp_bytes_received
- instance_name: tcpbytereceived.metric.istio-system
- kind: COUNTER
- label_names:
- - source_service
- - source_version
- - destination_service
- - destination_version
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: rule
-metadata:
- name: promhttp
- namespace: {{ istio_namespace }}
- labels:
- istio-protocol: http
-spec:
- actions:
- - handler: handler.prometheus
- instances:
- - requestcount.metric
- - requestduration.metric
- - requestsize.metric
- - responsesize.metric
----
-apiVersion: "config.istio.io/v1alpha2"
-kind: rule
-metadata:
- name: promtcp
- namespace: {{ istio_namespace }}
- labels:
- istio-protocol: tcp # needed so that mixer will only execute when context.protocol == TCP
-spec:
- actions:
- - handler: handler.prometheus
- instances:
- - tcpbytesent.metric
- - tcpbytereceived.metric
----
-################################
-# Istio configMap cluster-wide
-################################
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: istio
- namespace: {{ istio_namespace }}
-data:
- mesh: |-
- # Uncomment the following line to enable mutual TLS between proxies
- # authPolicy: MUTUAL_TLS
- #
- # Set the following variable to true to disable policy checks by the Mixer.
- # Note that metrics will still be reported to the Mixer.
- disablePolicyChecks: false
- # Set enableTracing to false to disable request tracing.
- enableTracing: true
- #
- # To disable the mixer completely (including metrics), comment out
- # the following line
- mixerAddress: istio-mixer.istio-system:9091
- # This is the ingress service name, update if you used a different name
- ingressService: istio-ingress
- egressProxyAddress: istio-egress.istio-system:80
- #
- # Along with discoveryRefreshDelay, this setting determines how
- # frequently should Envoy fetch and update its internal configuration
- # from Istio Pilot. Lower refresh delay results in higher CPU
- # utilization and potential performance loss in exchange for faster
- # convergence. Tweak this value according to your setup.
- rdsRefreshDelay: 1s
- #
- defaultConfig:
- # See rdsRefreshDelay for explanation about this setting.
- discoveryRefreshDelay: 1s
- #
- # TCP connection timeout between Envoy & the application, and between Envoys.
- connectTimeout: 10s
- #
- ### ADVANCED SETTINGS #############
- # Where should envoy's configuration be stored in the istio-proxy container
- configPath: "/etc/istio/proxy"
- binaryPath: "/usr/local/bin/envoy"
- # The pseudo service name used for Envoy.
- serviceCluster: istio-proxy
- # These settings that determine how long an old Envoy
- # process should be kept alive after an occasional reload.
- drainDuration: 45s
- parentShutdownDuration: 1m0s
- #
- # Port where Envoy listens (on local host) for admin commands
- # You can exec into the istio-proxy container in a pod and
- # curl the admin port (curl http://localhost:15000/) to obtain
- # diagnostic information from Envoy. See
- # https://lyft.github.io/envoy/docs/operations/admin.html
- # for more details
- proxyAdminPort: 15000
- #
- # Address where Istio Pilot service is running
- discoveryAddress: istio-pilot.istio-system:8080
- #
- # Zipkin trace collector
- zipkinAddress: zipkin.istio-system:9411
- #
- # Statsd metrics collector. Istio mixer exposes a UDP endpoint
- # to collect and convert statsd metrics into Prometheus metrics.
- statsdUdpAddress: istio-mixer.istio-system:9125
----
-################################
-# Pilot
-################################
-# Pilot CRDs
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
- name: destinationpolicies.config.istio.io
-spec:
- group: config.istio.io
- names:
- kind: DestinationPolicy
- listKind: DestinationPolicyList
- plural: destinationpolicies
- singular: destinationpolicy
- scope: Namespaced
- version: v1alpha2
----
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
- name: egressrules.config.istio.io
-spec:
- group: config.istio.io
- names:
- kind: EgressRule
- listKind: EgressRuleList
- plural: egressrules
- singular: egressrule
- scope: Namespaced
- version: v1alpha2
----
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
- name: routerules.config.istio.io
-spec:
- group: config.istio.io
- names:
- kind: RouteRule
- listKind: RouteRuleList
- plural: routerules
- singular: routerule
- scope: Namespaced
- version: v1alpha2
----
-# Pilot service for discovery
-apiVersion: v1
-kind: Service
-metadata:
- name: istio-pilot
- namespace: {{ istio_namespace }}
- labels:
- istio: pilot
-spec:
- ports:
- - port: 8080
- name: http-discovery
- - port: 443
- name: http-admission-webhook
- selector:
- istio: pilot
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-pilot-service-account
- namespace: {{ istio_namespace }}
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: istio-pilot
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- istio: pilot
- spec:
- serviceAccountName: istio-pilot-service-account
- containers:
- - name: discovery
- image: {{ istio_pilot_image_repo }}:{{ istio_pilot_image_tag }}
- imagePullPolicy: IfNotPresent
- args: ["discovery", "-v", "2", "--admission-service", "istio-pilot-external"]
- ports:
- - containerPort: 8080
- - containerPort: 443
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- volumeMounts:
- - name: config-volume
- mountPath: /etc/istio/config
- volumes:
- - name: config-volume
- configMap:
- name: istio
----
-################################
-# Istio ingress
-################################
-apiVersion: v1
-kind: Service
-metadata:
- name: istio-ingress
- namespace: {{ istio_namespace }}
- labels:
- istio: ingress
-spec:
- type: LoadBalancer
- ports:
- - port: 80
-# nodePort: 32000
- name: http
- - port: 443
- name: https
- selector:
- istio: ingress
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-ingress-service-account
- namespace: {{ istio_namespace }}
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: istio-ingress
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- istio: ingress
- spec:
- serviceAccountName: istio-ingress-service-account
- containers:
- - name: istio-ingress
- image: {{ istio_proxy_debug_image_repo }}:{{ istio_proxy_debug_image_tag }}
- args:
- - proxy
- - ingress
- - -v
- - "2"
- - --discoveryAddress
- - istio-pilot:8080
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort: 80
- - containerPort: 443
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- volumeMounts:
- - name: istio-certs
- mountPath: /etc/certs
- readOnly: true
- - name: ingress-certs
- mountPath: /etc/istio/ingress-certs
- readOnly: true
- volumes:
- - name: istio-certs
- secret:
- secretName: istio.default
- optional: true
- - name: ingress-certs
- secret:
- secretName: istio-ingress-certs
- optional: true
----
-################################
-# Istio egress
-################################
-apiVersion: v1
-kind: Service
-metadata:
- name: istio-egress
- namespace: {{ istio_namespace }}
-spec:
- ports:
- - port: 80
- selector:
- istio: egress
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-egress-service-account
- namespace: {{ istio_namespace }}
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: istio-egress
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- istio: egress
- spec:
- serviceAccountName: istio-egress-service-account
- containers:
- - name: proxy
- image: {{ istio_proxy_debug_image_repo }}:{{ istio_proxy_debug_image_tag }}
- imagePullPolicy: IfNotPresent
- args:
- - proxy
- - egress
- - -v
- - "2"
- - --discoveryAddress
- - istio-pilot:8080
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- volumeMounts:
- - name: istio-certs
- mountPath: /etc/certs
- readOnly: true
- volumes:
- - name: istio-certs
- secret:
- secretName: istio.default
- optional: true
----
-################################
-# Istio-CA cluster-wide
-################################
-# Service account CA
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: istio-ca-service-account
- namespace: {{ istio_namespace }}
----
-# Istio CA watching all namespaces
-apiVersion: v1
-kind: Deployment
-apiVersion: extensions/v1beta1
-metadata:
- name: istio-ca
- namespace: {{ istio_namespace }}
- annotations:
- sidecar.istio.io/inject: "false"
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- istio: istio-ca
- spec:
- serviceAccountName: istio-ca-service-account
- containers:
- - name: istio-ca
- image: {{ istio_ca_image_repo }}:{{ istio_ca_image_tag }}
- imagePullPolicy: IfNotPresent
----
-
diff --git a/roles/kubernetes-apps/meta/main.yml b/roles/kubernetes-apps/meta/main.yml
index acd6f7495..2ee491f06 100644
--- a/roles/kubernetes-apps/meta/main.yml
+++ b/roles/kubernetes-apps/meta/main.yml
@@ -22,14 +22,6 @@ dependencies:
- apps
- registry
- # istio role should be last because it takes a long time to initialize and
- # will cause timeouts trying to start other addons.
- - role: kubernetes-apps/istio
- when: istio_enabled
- tags:
- - apps
- - istio
-
- role: kubernetes-apps/persistent_volumes
when: persistent_volumes_enabled
tags:
diff --git a/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml b/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml
index 5bfb57b24..3e737fea3 100644
--- a/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml
+++ b/roles/kubernetes/preinstall/tasks/growpart-azure-centos-7.yml
@@ -12,7 +12,7 @@
failed_when: False
changed_when: "'NOCHANGE:' not in growpart_needed.stdout"
register: growpart_needed
- environment:
+ environment:
LC_ALL: C
- name: check fs type
@@ -23,7 +23,7 @@
- name: run growpart
command: growpart /dev/sda 1
when: growpart_needed.changed
- environment:
+ environment:
LC_ALL: C
- name: run xfs_growfs
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index 074bd4b1e..4af7aa301 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -180,7 +180,6 @@ dashboard_enabled: true
# Addons which can be enabled
efk_enabled: false
helm_enabled: false
-istio_enabled: false
registry_enabled: false
enable_network_policy: false
local_volume_provisioner_enabled: "{{ local_volumes_enabled | default('false') }}"
@@ -220,7 +219,6 @@ kubelet_authorization_mode_webhook: false
## List of key=value pairs that describe feature gates for
## the k8s cluster.
kube_feature_gates:
- - "Initializers={{ istio_enabled | string }}"
- "PersistentLocalVolumes={{ local_volume_provisioner_enabled | string }}"
- "VolumeScheduling={{ local_volume_provisioner_enabled | string }}"
- "MountPropagation={{ local_volume_provisioner_enabled | string }}"
diff --git a/tests/files/gce_centos7-flannel-addons.yml b/tests/files/gce_centos7-flannel-addons.yml
index 161625946..1a03b0f9b 100644
--- a/tests/files/gce_centos7-flannel-addons.yml
+++ b/tests/files/gce_centos7-flannel-addons.yml
@@ -7,7 +7,6 @@ mode: ha
# Deployment settings
kube_network_plugin: flannel
helm_enabled: true
-istio_enabled: true
efk_enabled: true
etcd_events_cluster_setup: true
local_volume_provisioner_enabled: true
--
GitLab