Skip to content

Commit

Permalink
Releasing xDS-adaptor v0.10.1 (#120)
Browse files Browse the repository at this point in the history 
* Releasing xds-adaptor v1.12.0

Signed-off-by: “Subash <subash.dangol@citrix.com>
  • Loading branch information
@subashd
subashd authored Feb 25, 2022
1 parent 41787af commit 2a048fa
Show file tree
Hide file tree
Showing 28 changed files with 272 additions and 96 deletions.
8 changes: 4 additions & 4 deletions citrix-adc-istio-egress-gateway/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: v2
name: citrix-adc-istio-egress-gateway
appVersion: 1.11.0
appVersion: 1.12.0
kubeVersion: ">=v1.16.0-0"
description: A Helm chart for Citrix ADC as Egress Gateway installation in Istio Service Mesh on Kubernetes platform
icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
type: application
home: https://www.citrix.com
sources:
- https://github.com/citrix/citrix-xds-adaptor
version: 1.11.0
version: 1.12.0
maintainers:
- name: ajeetas
email: ajeeta.shakeet@citrix.com
- name: subashd
email: subash.dangol@citrix.com
5 changes: 3 additions & 2 deletions citrix-adc-istio-egress-gateway/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,8 @@ Below table provides info about recommended Citrix xDS-Adaptor version to be use

| Citrix xDS-Adaptor version | Istio version |
|----------------------------|---------------|
| quay.io/citrix/citrix-xds-adaptor:0.9.9 | Istio v1.10+ |
| quay.io/citrix/citrix-xds-adaptor:0.10.1 | Istio v1.12+ |
| quay.io/citrix/citrix-xds-adaptor:0.9.9 | Istio v1.10 to Istio v1.11 |
| quay.io/citrix/citrix-xds-adaptor:0.9.8 | Istio v1.8 to Istio v1.9 |
| quay.io/citrix/citrix-xds-adaptor:0.9.5 | Istio v1.6 |

Expand Down Expand Up @@ -312,7 +313,7 @@ The following table lists the configurable parameters in the Helm chart and thei
| Parameter | Description | Default | Optional/Mandatory |
|--------------------------------|-------------------------------|---------------------------|---------------------------|
| `citrixCPX` | Citrix ADC CPX | FALSE | Mandatory for Citrix ADC CPX |
| `xDSAdaptor.image` | Image of the Citrix xDS adaptor container |quay.io/citrix/citrix-xds-adaptor:0.9.9 | Mandatory|
| `xDSAdaptor.image` | Image of the Citrix xDS adaptor container |quay.io/citrix/citrix-xds-adaptor:0.10.1 | Mandatory|
| `xDSAdaptor.imagePullPolicy` | Image pull policy for xDS adaptor | IfNotPresent | Optional|
| `xDSAdaptor.secureConnect` | If this value is set to true, xDS-adaptor establishes secure gRPC channel with Istio Pilot | TRUE | Optional|
| `xDSAdaptor.logLevel` | Log level to be set for xDS-adaptor log messages. Possible values: TRACE (most verbose), DEBUG, INFO, WARN, ERROR (least verbose) | DEBUG | Optional|
Expand Down
33 changes: 32 additions & 1 deletion citrix-adc-istio-egress-gateway/templates/citrix-adc-egress-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ spec:
labels:
app: {{default "citrix-egressgateway" .Values.egressGateway.label}}
citrix.com/no.sidecar: "true"
adc: "citrix"
deployment: "cpx-egressgateway" # This label is useful in ServiceGraph
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
prometheus.io/port: "{{ .Values.metricExporter.port }}"
Expand All @@ -33,6 +35,15 @@ spec:
emptyDir: {}
- name: certs
emptyDir: {}
- name: podinfo
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
- name: istiod-ca-cert
configMap:
defaultMode: 0777
Expand Down Expand Up @@ -149,6 +160,8 @@ spec:
- name: JSONLOG
value: "TRUE"
{{- end }}
- name: ENABLE_LABELS_FEATURE
value: "FALSE"
securityContext:
readOnlyRootFilesystem: true
runAsGroup: 32024
Expand All @@ -163,6 +176,8 @@ spec:
- mountPath: /etc/istio/egressgateway-ca-certs # Make sure that Gateway definition has this path mentioned in server.tls section for MUTUAL TLS
name: citrix-egressgateway-ca-certs
readOnly: true
- mountPath: /etc/podinfo
name: podinfo
- name: citrix-egressgateway
image: {{ .Values.egressGateway.image }}
imagePullPolicy: {{ .Values.egressGateway.imagePullPolicy }}
Expand Down Expand Up @@ -201,8 +216,10 @@ spec:
value: "{{ .Values.egressGateway.mgmtHttpPort }}"
- name: "MGMT_HTTPS_PORT"
value: "{{ .Values.egressGateway.mgmtHttpsPort }}"
{{- if .Values.egressGateway.lightWeightCPX }}
- name: "NS_CPX_LITE"
value: "{{ .Values.egressGateway.lightWeightCPX }}"
value: "1"
{{- end }}
{{- if or .Values.coe.coeURL .Values.ADMSettings.ADMIP }}
- name: "NS_ENABLE_NEWNSLOG"
value: "1"
Expand Down Expand Up @@ -264,6 +281,7 @@ spec:
labels:
app: {{ .Values.egressGateway.label | default "citrix-egressgateway" }}
citrix.com/no.sidecar: "true"
adc: "citrix"
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
prometheus.io/port: "{{ .Values.metricExporter.port }}"
Expand Down Expand Up @@ -337,6 +355,8 @@ spec:
- name: JSONLOG
value: "TRUE"
{{- end }}
- name: ENABLE_LABELS_FEATURE
value: "FALSE"
- name: NS_USER
valueFrom:
secretKeyRef:
Expand Down Expand Up @@ -404,6 +424,8 @@ spec:
- mountPath: /etc/nslogin
name: nsloginegress
readOnly: true
- mountPath: /etc/podinfo
name: podinfo
- mountPath: /etc/istio/egressgateway-ca-certs # Make sure that Gateway definition has this path mentioned in server.tls section for MUTUAL TLS
name: citrix-egressgateway-ca-certs
readOnly: true
Expand All @@ -429,6 +451,15 @@ spec:
secret:
optional: true
secretName: "citrix-egressgateway-ca-certs" # IMPORTANT: This secret MUST BE created before deploying gateway and egress-gateway
- name: podinfo
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
{{- if .Values.egressGateway.adcServerName }}
- name: citrix-adc-cert
secret:
Expand Down
2 changes: 1 addition & 1 deletion citrix-adc-istio-egress-gateway/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ istioPilot:


xDSAdaptor:
image: quay.io/citrix/citrix-xds-adaptor:0.9.9
image: quay.io/citrix/citrix-xds-adaptor:0.10.1
imagePullPolicy: IfNotPresent
proxyType: router
secureConnect: true
Expand Down
4 changes: 2 additions & 2 deletions citrix-adc-istio-ingress-gateway/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "1.11.0"
appVersion: "1.12.0"
kubeVersion: ">=v1.16.0-0"
description: A Helm chart for Citrix ADC as Ingress Gateway installation in Istio Service Mesh on Kubernetes platform
name: citrix-adc-istio-ingress-gateway
version: 1.11.0
version: 1.12.0
icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
home: https://www.citrix.com
sources:
Expand Down
5 changes: 3 additions & 2 deletions citrix-adc-istio-ingress-gateway/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,8 @@ Below table provides info about recommended Citrix xDS-Adaptor version to be use

| Citrix xDS-Adaptor version | Istio version |
|----------------------------|---------------|
| quay.io/citrix/citrix-xds-adaptor:0.9.9 | Istio v1.10+ |
| quay.io/citrix/citrix-xds-adaptor:0.10.1 | Istio v1.12+ |
| quay.io/citrix/citrix-xds-adaptor:0.9.9 | Istio v1.10 to Istio v1.11 |
| quay.io/citrix/citrix-xds-adaptor:0.9.8 | Istio v1.8 to Istio v1.9 |
| quay.io/citrix/citrix-xds-adaptor:0.9.5 | Istio v1.6 |

Expand Down Expand Up @@ -426,7 +427,7 @@ The following table lists the configurable parameters in the Helm chart and thei
| Parameter | Description | Default | Optional/Mandatory |
|--------------------------------|-------------------------------|---------------------------|---------------------------|
| `citrixCPX` | Citrix ADC CPX | FALSE | Mandatory for Citrix ADC CPX |
| `xDSAdaptor.image` | Image of the Citrix xDS adaptor container (Refer compatibility matrix) |quay.io/citrix/citrix-xds-adaptor:0.9.9 | Mandatory|
| `xDSAdaptor.image` | Image of the Citrix xDS adaptor container (Refer compatibility matrix) |quay.io/citrix/citrix-xds-adaptor:0.10.1 | Mandatory|
| `xDSAdaptor.imagePullPolicy` | Image pull policy for xDS adaptor | IfNotPresent | Optional|
| `xDSAdaptor.secureConnect` | If this value is set to true, xDS-adaptor establishes secure gRPC channel with Istio Pilot | TRUE | Optional|
| `xDSAdaptor.logLevel` | Log level to be set for xDS-adaptor log messages. Possible values: TRACE (most verbose), DEBUG, INFO, WARN, ERROR (least verbose) | DEBUG | Optional|
Expand Down
36 changes: 34 additions & 2 deletions citrix-adc-istio-ingress-gateway/templates/citrix-adc-ingressgateway-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ spec:
labels:
app: {{ .Values.ingressGateway.label | default "citrix-ingressgateway" }}
citrix.com/no.sidecar: "true"
adc: "citrix"
deployment: "cpx-ingressgateway" # This label is useful in ServiceGraph
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
prometheus.io/port: "{{ .Values.metricExporter.port }}"
Expand All @@ -31,6 +33,15 @@ spec:
secret:
optional: true
secretName: "citrix-ingressgateway-ca-certs" # IMPORTANT: This secret MUST BE created before deploying gateway and ingress-gateway
- name: podinfo
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
{{- range .Values.ingressGateway.secretVolumes }}
- name: {{ .name }}
secret:
Expand Down Expand Up @@ -170,7 +181,10 @@ spec:
{{- if eq .Values.xDSAdaptor.jsonLog true }}
- name: JSONLOG
value: "TRUE"

{{- end }}
- name: ENABLE_LABELS_FEATURE
value: "FALSE"
securityContext:
readOnlyRootFilesystem: true
runAsGroup: 32024
Expand All @@ -193,6 +207,8 @@ spec:
- mountPath: /etc/istio/ingressgateway-ca-certs # Make sure that Gateway definition has this path mentioned in server.tls section for MUTUAL TLS
name: citrix-ingressgateway-ca-certs
readOnly: true
- mountPath: /etc/podinfo
name: podinfo
{{- range .Values.ingressGateway.secretVolumes }}
- name: {{ .name }}
mountPath: {{ .mountPath | quote }}
Expand Down Expand Up @@ -233,8 +249,10 @@ spec:
value: "{{ .Values.ingressGateway.mgmtHttpPort }}"
- name: "MGMT_HTTPS_PORT"
value: "{{ .Values.ingressGateway.mgmtHttpsPort }}"
{{- if .Values.ingressGateway.lightWeightCPX }}
- name: "NS_CPX_LITE"
value: "{{ .Values.ingressGateway.lightWeightCPX }}"
value: "1"
{{- end }}
{{- if or .Values.coe.coeURL .Values.ADMSettings.ADMIP }}
- name: "NS_ENABLE_NEWNSLOG"
value: "1"
Expand Down Expand Up @@ -298,6 +316,7 @@ spec:
labels:
app: {{ .Values.ingressGateway.label | default "citrix-ingressgateway" }}
citrix.com/no.sidecar: "true"
adc: "citrix"
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
prometheus.io/port: "{{ .Values.metricExporter.port }}"
Expand Down Expand Up @@ -379,6 +398,8 @@ spec:
- name: JSONLOG
value: "TRUE"
{{- end }}
- name: ENABLE_LABELS_FEATURE
value: "FALSE"
- name: NS_USER
valueFrom:
secretKeyRef:
Expand Down Expand Up @@ -452,6 +473,8 @@ spec:
- mountPath: /etc/istio/ingressgateway-ca-certs # Make sure that Gateway definition has this path mentioned in server.tls section for MUTUAL TLS
name: citrix-ingressgateway-ca-certs
readOnly: true
- mountPath: /etc/podinfo
name: podinfo
{{- range .Values.ingressGateway.secretVolumes }}
- name: {{ .name }}
mountPath: {{ .mountPath | quote }}
Expand Down Expand Up @@ -482,7 +505,16 @@ spec:
- name: citrix-ingressgateway-ca-certs
secret:
optional: true
secretName: "citrix-ingressgateway-ca-certs" # IMPORTANT: This secret MUST BE created before deploying gateway and ingress-gateway
secretName: "citrix-ingressgateway-ca-certs" # IMPORTANT: This secret MUST BE created before deploying gateway and ingress-gateway
- name: podinfo
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
{{- range .Values.ingressGateway.secretVolumes }}
- name: {{ .name }}
secret:
Expand Down
44 changes: 25 additions & 19 deletions citrix-adc-istio-ingress-gateway/templates/citrix-multicluster-gateway.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{{- if eq .Values.ingressGateway.multiClusterIngress true }}
apiVersion: networking.istio.io/v1beta1
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
annotations:
Expand All @@ -14,27 +14,33 @@ spec:
selector:
app: {{ .Values.ingressGateway.label | default "citrix-ingressgateway" }}
servers:
- hosts:
- {{ printf "'*.%s'" .Values.ingressGateway.multiClusterSvcDomain }}
port:
name: tls
number: {{ .Values.ingressGateway.multiClusterListenerPort }}
protocol: TLS
tls:
mode: AUTO_PASSTHROUGH
- port:
name: tls-mc-port
number: {{ .Values.ingressGateway.multiClusterListenerPort }}
protocol: tls
tls:
mode: PASSTHROUGH
hosts:
- {{ printf "'*.%s'" .Values.ingressGateway.multiClusterSvcDomain }}
---
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
annotations:
labels:
app: {{ .Values.ingressGateway.label | default "citrix-ingressgateway" }}
name: citrix-multicluster-ingressgateway
namespace: {{ .Release.Namespace }}
spec:
host: {{ printf "'*.%s'" .Values.ingressGateway.multiClusterSvcDomain }}
trafficPolicy:
tls:
mode: ISTIO_MUTUAL
hosts:
- {{ printf "'*.%s'" .Values.ingressGateway.multiClusterSvcDomain }}
gateways:
- citrix-multicluster-ingressgateway
tls:
- match:
- port: {{ .Values.ingressGateway.multiClusterListenerPort }}
sniHosts:
- {{ printf "'*.%s'" .Values.ingressGateway.multiClusterSvcDomain }}
route:
- destination:
host: {{ template "generate-name" (list . (dict "suffixname" "citrix-ingress-svc")) }}
port:
number: {{ .Values.ingressGateway.multiClusterListenerPort }}
---
{{- end }}
2 changes: 1 addition & 1 deletion citrix-adc-istio-ingress-gateway/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ metricExporter:
imagePullPolicy: IfNotPresent

xDSAdaptor:
image: quay.io/citrix/citrix-xds-adaptor:0.9.9
image: quay.io/citrix/citrix-xds-adaptor:0.10.1
imagePullPolicy: IfNotPresent
proxyType: router
secureConnect: true
Expand Down
6 changes: 3 additions & 3 deletions citrix-cloud-native/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,15 +38,15 @@ dependencies:
condition: ipam.enabled
alias: ipam
- name: citrix-adc-istio-ingress-gateway
version: "1.11.0"
version: "1.12.0"
condition: iaIngress.enabled
alias: iaIngress
- name: citrix-cpx-istio-sidecar-injector
version: "1.11.0"
version: "1.12.0"
condition: iaSidecar.enabled
alias: iaSidecar
- name: citrix-adc-istio-egress-gateway
version: "1.11.0"
version: "1.12.0"
condition: iaEgress.enabled
alias: iaEgress
- name: adm-agent-onboarding
Expand Down
8 changes: 4 additions & 4 deletions citrix-cloud-native/charts/citrix-adc-istio-egress-gateway/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
apiVersion: v2
name: citrix-adc-istio-egress-gateway
appVersion: 1.11.0
appVersion: 1.12.0
kubeVersion: ">=v1.16.0-0"
description: A Helm chart for Citrix ADC as Egress Gateway installation in Istio Service Mesh on Kubernetes platform
icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
type: application
home: https://www.citrix.com
sources:
- https://github.com/citrix/citrix-xds-adaptor
version: 1.11.0
version: 1.12.0
maintainers:
- name: ajeetas
email: ajeeta.shakeet@citrix.com
- name: subashd
email: subash.dangol@citrix.com
Loading

0 comments on commit 2a048fa

Please sign in to comment.