I have to create programatically an instance of the mixer config Rule. Normally I would use a clientset for that, but here I can't find anything like that. Can someone point out to such clientset if it exists, or suggest how it should be handled in this particular case?
Thanks!
If I am not mistaken, all the Istio configuration files can be handled by both istioctl and kubectl. istioctl adds validation of the configuration items on top of kubectl. So you can work with the Istio configuration items in the same way you work with kubectl items. You can test your configuration items first with kubectl and if it works with kubectl you can implement adding them programmatically.
Related
I am using ArgoCD CLI to access ArgoCD and watch/manage my K8s clusters.
How can I get details on some resources like events?
I know, I can list the resources with argocd app resources <app-name>.
But how can I get the details I can get in the web-app like here?
I need to debug eg. why a container fails to start:
Please note: yes, I know how to use kubectl, but I don't have permissions on all clusters to use kubectl and need to access the logs and events with ArgoCD. Hence the question.
These are actually the events from the resources themselves. You can run
kubectl describe <resource_type> <resource_name> and you will see the events on the bottom.
As part of my work, I need to get all the pods details for any given region.
I normally get the pod details by running kubectl get pods -n <my_name_space>. But now, I need to get the pod details for any given region. Is there any option to do that?
From the AWS UI (web) I can see them by changing the region manually but looking for automation.
I have tried with aws-cli as well. But, I could not find any option to do that. Any suggestion?
Is there any way to achieve this?
I'm writing a k8s operator, with the knowledge of current cloud provider the k8s is currently running on, I can do some platform-specific tasks for users, such as prepare some default storage classes for users.
but how can an operator running in the k8s cluster know it is GCP or AWS?
After scanning through the APIs, the cloud provider leaves some clues here and there, for example, for the GKE cluster I am running now, it has an API named: /apis/nodemanagement.gke.io/v1alpha1
but I think it's a little bit too hack, and wonder if there is any more formal way to get this info.
No, this is not exposed in a consistent way. You should have the use put it in their config file or whatever.
Indeed, it's not consistent. When the configuration is added by default to kubectl, you have these patterns:
> kubectl config current-context
# For GCP
> gke_gbl-imt-homerider-basguillaueb_europe-west1-b_my-first-cluster-1
# For AWS
> arn:aws:eks:eu-west-1:306974639454:cluster/demo-knative
You can also rename the config is you prefer your own pattern.
It's been a little unclear to me what requirements Istio-pilot using Consul adapter are. I am trying to setup and have istio-pilot Discovery to act as pure Envoy xDS. However, in one of the examples where Consul is used (from Istio src), it does install one kube-apiserver (and etcd for that matter). I would like to use Envoy as the data-plane (or istio-pilot agent for that matter), but leverage Consul for service discovery, and not integrate with Kubernetes. Does istio-pilot require K8 anyway for that use case?
Istio supports several different so called ServiceDiscovery implementations.
Kubernetes is one of them which discovers Services from Kubernetes Services.
But this is really just one of the possible ways to run Istio Pilot and you can use other ServiceDiscovery mechanisms line Consul via the command line argument --registries Consul.
See https://archive.istio.io/v1.4/docs/reference/commands/pilot-discovery/ for a detailed description of the command line arguments.
Once you run Pilot with that configuration it should load Services exclusively from Consul. These should be pushed to the data plane under the usual name <service name>.service.consul.
UPDATE:
From your comment below it seems that you not only want to not load Services from Kubernetes, but in general completely run without it.
While this indeed doesn't seem to be possible with 1.4 – i.e. watching Istio resources is always started – it seems to work with 1.5.
To achieve that you to start pilot with --disable-install-crds and --configDir
<config path> where <config path> points to a directory containing the yamls for the Istio specific resources that you might still need, like Sidecars, MeshPolicy, EnvoyFilter etc.
If --configDir is not defined Pilot will still try to get these resources from Kubernetes, so it is essential to add this argument even if the directory is empty.
Finally you should make sure that the MeshConfig that you pass to pilot via --meshConfig meshconfig.yaml does not point to a URL of galley by commenting this out, in case you copied an existing file /etc/istio/config/mesh from a running instance of Pilot:
configSources:
#- address: istio-galley.istio-system.svc:9901
# tlsSettings:
# mode: ISTIO_MUTUAL
Is there an easy way to get the gcloud container clusters create ... command details for an existing cluster? (... Command that can be used to create the exact same cluster)
Someone from my team created a cluster on GKE through the UI with specific region and machine type details, and a few other customizations I can't remember. I'll be deleting the cluster, as it was for a test. We may need to recreate it and for this, instead of running through the UI, I was hoping to document the gcloud command that can be used to create the same cluster.
I couldn't find anything on the GCP UI to help with this. We can through the docs (https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-cluster) construct the cmd that might build the same cluster, but wanted to check if there was a better way.
You can create your cluster on the GUI and use the button on the bottom to generate the HTTP Rest command or the Gcloud command line. You can find this on several pages in the GUI.
I recently was trying to get the gcloud command that can be used to recreate an existing cluster
I found a way to get the gcloud command with the parameters by going to your GKE-->create Cluster-->Clone an existing Cluster-->choose your Cluster and at the bottom you will have the Rest/command-line option.