Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: Assign the PR to them by writing The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these OWNERS Files:You can indicate your approval by writing |
|
Note that while testing this I found that EDSv1 was not working well with the envoy in front of pilot - by default the TCP cluster has max 1024 connections, and the sidecars make one TCP connection per cluster, resulting in cases where EDS1 was failing ( I test on a cluster with ~500 services, to make sure we don't break the memory fixes ). So temporarily I've moved back the 'insecure' pilot to 8080 - and will try to have better settings for the |
Makefile
Outdated
|
|
||
| istio.yaml: | ||
| helm template --set global.tag=${TAG} \ | ||
| --namespace=istio-system \ |
There was a problem hiding this comment.
mis-alignment with 1 blank space.
| "time" | ||
|
|
||
| "google.golang.org/grpc" | ||
|
|
There was a problem hiding this comment.
imports follow one style, run/fmt.sh
There was a problem hiding this comment.
Well - run/fmt.sh seems to be broken, doesn't match linter...
pilot/pkg/bootstrap/server.go
Outdated
|
|
||
| // AdmissionArgs provides configuration options for the admission controller. This is a partial duplicate of | ||
| // admit.ControllerOptions (other fields are filled out before constructing the admission controller). Only | ||
| // admito.ControllerOptions (other fields are filled out before constructing the admission controller). Only |
| type Server struct { | ||
| mesh *meshconfig.MeshConfig | ||
| serviceController *aggregate.Controller | ||
| ServiceController *aggregate.Controller |
There was a problem hiding this comment.
Justify for making these public.
doc comments are needed for every public variables.
There was a problem hiding this comment.
Are used from other packages - for some reasons all exposed fields in this class don't have
doc comments. Since it's not an API we would expose outside pilot, and most of this is
scheduled for deletion/deprecation - I don't think it's a huge priority.
There was a problem hiding this comment.
There are no exposed fields on the base version. I'm surprised we don't have a linter forcing some comments on public fields.
But if this is really soon to be deleted code... ok (though why do we need to add and expose new soon to be deleted code?)
There was a problem hiding this comment.
Having a struct exposing both private and public fields is an antipattern. Please add TODO to remove this code later.
There was a problem hiding this comment.
bootstrap/server.go is full of public fields - MeshArgs, ConsuleArgs, etc.
We are planning to replace the v1 registries with new data structures and event-based code, and almost all the http-based envoy discovery will also go away once v2 is done ( target is 0.8)
| GRPCListeningAddr net.Addr | ||
| clusterStore *clusterregistry.ClusterStore | ||
|
|
||
| EnvoyXdsServer *envoyv2.DiscoveryServer |
There was a problem hiding this comment.
package private variable should declare in lowercase: such as grpcServer.
There was a problem hiding this comment.
It's intended to be public, used in the other packages.
|
Can you file a bug for the Envoy in front of pilot thing ? Assign to Krishna since he implemented the istio on istio. IMO we should do tls directly from pilot instead of adding yet another Envoy. |
|
Yes, I generally agree on doing mtls in pilot in future. There are many problems around this... For envoy fixes - I'll probably do this work in a separate PR for the grpc port and switching to v2 bootstrap. |
|
PTAL - tests are passing ! There are few more improvements to make before deciding if we leave it |
| type Server struct { | ||
| mesh *meshconfig.MeshConfig | ||
| serviceController *aggregate.Controller | ||
| ServiceController *aggregate.Controller |
There was a problem hiding this comment.
There are no exposed fields on the base version. I'm surprised we don't have a linter forcing some comments on public fields.
But if this is really soon to be deleted code... ok (though why do we need to add and expose new soon to be deleted code?)
| addr := s.HTTPServer.Addr | ||
| listener, err := net.Listen("tcp", addr) | ||
| if err != nil { | ||
| return err |
There was a problem hiding this comment.
I couldn't find in the call chain where those errors get logged.
It would probably help troubleshooting to log something near/where the error occured?
There was a problem hiding this comment.
Code moved from discovery without changes :-)
There was a problem hiding this comment.
(DiscoveryService.Start)
Agree with the comment - but additional improvements can be made in separate PRs, not trying to fix all the problems in one.
|
@costinm: The following tests failed, say
DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
this basically prevent the code package check. There is a codecov.skip where you can put the thing that are do not want to be covered instead of disabling the check for all packages. |
This PR uses EDSv2 by default, depending on testing results we may chose a different
value.