-
Notifications
You must be signed in to change notification settings - Fork 1
/
charmcraft.yaml
103 lines (92 loc) · 3.78 KB
/
charmcraft.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# Copyright 2024 Canonical Ltd.
# See LICENSE file for licensing details.
name: istio-k8s
type: charm
title: Istio
summary: A Juju charm to operate an Istio service mesh
description: |
istio-core deploys and manages the control plane of an Istio service mesh on Kubernetes,
enabling configuring and managing Istio through Juju.
config:
options:
ambient:
type: boolean
default: true
description: >
Enable Istio's ambient mode. See https://istio.io/latest/docs/ambient/overview/ for details.
auto-allow-waypoint-policy:
type: boolean
default: true
description: >
For workloads on an ambient mesh with traffic routed through a waypoint, that traffic passing through the
waypoint to the workload can be controlled by L4 authorization policies like any other traffic. This generally
means that, to allow traffic from a waypoint to a workload, users must create L4 authorization policies between
the waypoint and the workload.
If this option is set to true, Istio will create synthetic authorization policies allowing waypoints to
communicate with their workloads automatically.
If this option is set to false, users must create L4 authorization policies between waypoints and the workloads.
See [PILOT_AUTO_ALLOW_WAYPOINT_POLICY]https://istio.io/latest/docs/reference/commands/pilot-discovery/#envvars
for more detail.
cni-bin-dir:
type: string
default: '/var/snap/microk8s/current/opt/cni/bin'
description: >
Path to CNI binaries. This path depends on the Kubernetes installation, for example:
* microk8s (default): /var/snap/microk8s/current/opt/cni/bin
* many other Kubernetes installations: /opt/cni/bin
Refer to https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/
and https://istio.io/latest/docs/ambient/install/platform-prerequisites/
for information to find out the correct path for your Kubernetes installation.
cni-conf-dir:
type: string
default: '/var/snap/microk8s/current/args/cni-network'
description: >
Path to conflist files describing the CNI configuration. This path depends on the Kubernetes installation, for example:
* microk8s (default): /var/snap/microk8s/current/args/cni-network
* many other Kubernetes installations: /etc/cni/net.d
Refer to https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/
and https://istio.io/latest/docs/ambient/install/platform-prerequisites/
for information to find out the correct path for your Kubernetes installation.
assumes:
- k8s-api
bases:
- build-on:
- name: ubuntu
channel: "22.04"
architectures: ["amd64"]
run-on:
- name: ubuntu
channel: "22.04"
architectures: ["amd64"]
- build-on:
- name: ubuntu
channel: "22.04"
architectures: ["arm64"]
run-on:
- name: ubuntu
channel: "22.04"
architectures: ["arm64"]
containers:
metrics-proxy:
resource: metrics-proxy-image
provides:
metrics-endpoint:
interface: prometheus_scrape
grafana-dashboard:
interface: grafana_dashboard
parts:
charm:
plugin: charm
# include rustc and cargo to compile pydantic
build-packages: [git, rustc, cargo]
istioctl:
plugin: dump
source: https://github.com/istio/istio/releases/download/1.23.1/istioctl-1.23.1-linux-amd64.tar.gz
source-type: tar
resources:
metrics-proxy-image:
type: oci-image
description: Metrics Proxy OCI image
# TODO: change below to point at the correct image once metrics-proxy rock is onboarded
# see: https://github.com/canonical/oci-factory/issues/268
upstream-source: docker.io/ibraaoad/metrics-proxy:v0.1.0