Merge pull request #71 from banzaicloud/configure-images

Allow configuring container images for Istio components

Author: matyix

config/crds/istio_v1beta1_istio.yaml

@@ -39,6 +39,8 @@ spec:
             citadel:
               description: Citadel configuration options
               properties:
+                image:
+                  type: string
                 replicaCount:
                   format: int32
                   type: integer
@@ -48,10 +50,13 @@ spec:
                 communicating through mTLS
               type: boolean
             excludeIPRanges:
+              description: ExcludeIPRanges the range where not to capture egress traffic
               type: string
             galley:
               description: Galley configuration options
               properties:
+                image:
+                  type: string
                 replicaCount:
                   format: int32
                   type: integer
@@ -70,10 +75,13 @@ spec:
                   type: integer
               type: object
             includeIPRanges:
+              description: IncludeIPRanges the range where to capture egress traffic
               type: string
             mixer:
               description: Mixer configuration options
               properties:
+                image:
+                  type: string
                 maxReplicas:
                   format: int32
                   type: integer
@@ -85,10 +93,13 @@ spec:
                   type: integer
               type: object
             mtls:
+              description: MTLS enables or disables global mTLS
               type: boolean
             pilot:
               description: Pilot configuration options
               properties:
+                image:
+                  type: string
                 maxReplicas:
                   format: int32
                   type: integer
@@ -99,9 +110,17 @@ spec:
                   format: int32
                   type: integer
               type: object
+            proxy:
+              description: Proxy configuration options
+              properties:
+                image:
+                  type: string
+              type: object
             sidecarInjector:
               description: SidecarInjector configuration options
               properties:
+                image:
+                  type: string
                 replicaCount:
                   format: int32
                   type: integer

config/crds/istio_v1beta1_remoteistio.yaml

@@ -39,6 +39,8 @@ spec:
             citadel:
               description: Citadel configuration options
               properties:
+                image:
+                  type: string
                 replicaCount:
                   format: int32
                   type: integer
@@ -48,6 +50,8 @@ spec:
                 communicating through mTLS
               type: boolean
             enabledServices:
+              description: EnabledServices the Istio component services replicated
+                to remote side
               items:
                 properties:
                   labelSelector:
@@ -64,12 +68,22 @@ spec:
                 type: object
               type: array
             excludeIPRanges:
+              description: ExcludeIPRanges the range where not to capture egress traffic
               type: string
             includeIPRanges:
+              description: IncludeIPRanges the range where to capture egress traffic
               type: string
+            proxy:
+              description: Proxy configuration options
+              properties:
+                image:
+                  type: string
+              type: object
             sidecarInjector:
               description: SidecarInjector configuration options
               properties:
+                image:
+                  type: string
                 replicaCount:
                   format: int32
                   type: integer

config/samples/istio_v1beta1_istio.yaml

@@ -12,20 +12,27 @@ spec:
   - "default"
   controlPlaneSecurityEnabled: false
   pilot:
+      image: "istio/pilot:1.0.5"
       replicaCount: 1
       minReplicas: 1
       maxReplicas: 5
   citadel:
+      image: "istio/citadel:1.0.5"
       replicaCount: 1
   galley:
+      image: "istio/galley:1.0.5"
       replicaCount: 1
   gateways:
       replicaCount: 1
       minReplicas: 1
       maxReplicas: 5
   mixer:
+      image: "istio/mixer:1.0.5"
       replicaCount: 1
       minReplicas: 1
       maxReplicas: 5
   sidecarInjector:
+      image: "istio/sidecar_injector:1.0.5"
       replicaCount: 1
+  proxy:
+      image: "istio/proxyv2:1.0.5"

config/samples/istio_v1beta1_remoteistio.yaml

@@ -22,6 +22,10 @@ spec:
     labelSelector: "app=jaeger"
   controlPlaneSecurityEnabled: true
   citadel:
+      image: "istio/citadel:1.0.5"
       replicaCount: 1
   sidecarInjector:
+      image: "istio/sidecar_injector:1.0.5"
       replicaCount: 1
+  proxy:
+      image: "istio/proxyv2:1.0.5"

pkg/apis/istio/v1beta1/istio_types.go

@@ -21,10 +21,17 @@ import (
 )
 
 const (
-	defaultIncludeIPRanges = "*"
-	defaultReplicaCount    = 1
-	defaultMinReplicas     = 1
-	defaultMaxReplicas     = 5
+	defaultImageVersion         = "1.0.5"
+	defaultPilotImage           = "istio/pilot" + ":" + defaultImageVersion
+	defaultCitadelImage         = "istio/citadel" + ":" + defaultImageVersion
+	defaultGalleyImage          = "istio/galley" + ":" + defaultImageVersion
+	defaultMixerImage           = "istio/mixer" + ":" + defaultImageVersion
+	defaultSidecarInjectorImage = "istio/sidecar_injector" + ":" + defaultImageVersion
+	defaultProxyImage           = "istio/proxyv2" + ":" + defaultImageVersion
+	defaultIncludeIPRanges      = "*"
+	defaultReplicaCount         = 1
+	defaultMinReplicas          = 1
+	defaultMaxReplicas          = 5
 )
 
 func SetDefaults(config *Istio) {
@@ -33,6 +40,9 @@ func SetDefaults(config *Istio) {
 	}
 
 	// Pilot config
+	if config.Spec.Pilot.Image == "" {
+		config.Spec.Pilot.Image = defaultPilotImage
+	}
 	if config.Spec.Pilot.ReplicaCount == 0 {
 		config.Spec.Pilot.ReplicaCount = defaultReplicaCount
 	}
@@ -44,11 +54,17 @@ func SetDefaults(config *Istio) {
 	}
 
 	// Citadel config
+	if config.Spec.Citadel.Image == "" {
+		config.Spec.Citadel.Image = defaultCitadelImage
+	}
 	if config.Spec.Citadel.ReplicaCount == 0 {
 		config.Spec.Citadel.ReplicaCount = defaultReplicaCount
 	}
 
 	// Galley config
+	if config.Spec.Galley.Image == "" {
+		config.Spec.Galley.Image = defaultGalleyImage
+	}
 	if config.Spec.Galley.ReplicaCount == 0 {
 		config.Spec.Galley.ReplicaCount = defaultReplicaCount
 	}
@@ -65,6 +81,9 @@ func SetDefaults(config *Istio) {
 	}
 
 	// Mixer config
+	if config.Spec.Mixer.Image == "" {
+		config.Spec.Mixer.Image = defaultMixerImage
+	}
 	if config.Spec.Mixer.ReplicaCount == 0 {
 		config.Spec.Mixer.ReplicaCount = defaultReplicaCount
 	}
@@ -76,26 +95,37 @@ func SetDefaults(config *Istio) {
 	}
 
 	// SidecarInjector config
+	if config.Spec.SidecarInjector.Image == "" {
+		config.Spec.SidecarInjector.Image = defaultSidecarInjectorImage
+	}
 	if config.Spec.SidecarInjector.ReplicaCount == 0 {
 		config.Spec.SidecarInjector.ReplicaCount = defaultReplicaCount
 	}
+
+	// Proxy config
+	if config.Spec.Proxy.Image == "" {
+		config.Spec.Proxy.Image = defaultProxyImage
+	}
 }
 
 // PilotConfiguration defines config options for Pilot
 type PilotConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
-	MinReplicas  int32 `json:"minReplicas,omitempty"`
-	MaxReplicas  int32 `json:"maxReplicas,omitempty"`
+	Image        string `json:"image,omitempty"`
+	ReplicaCount int32  `json:"replicaCount,omitempty"`
+	MinReplicas  int32  `json:"minReplicas,omitempty"`
+	MaxReplicas  int32  `json:"maxReplicas,omitempty"`
 }
 
 // CitadelConfiguration defines config options for Citadel
 type CitadelConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
+	Image        string `json:"image,omitempty"`
+	ReplicaCount int32  `json:"replicaCount,omitempty"`
 }
 
 // GalleyConfiguration defines config options for Galley
 type GalleyConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
+	Image        string `json:"image,omitempty"`
+	ReplicaCount int32  `json:"replicaCount,omitempty"`
 }
 
 // GatewaysConfiguration defines config options for Gateways
@@ -107,23 +137,37 @@ type GatewaysConfiguration struct {
 
 // MixerConfiguration defines config options for Mixer
 type MixerConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
-	MinReplicas  int32 `json:"minReplicas,omitempty"`
-	MaxReplicas  int32 `json:"maxReplicas,omitempty"`
+	Image        string `json:"image,omitempty"`
+	ReplicaCount int32  `json:"replicaCount,omitempty"`
+	MinReplicas  int32  `json:"minReplicas,omitempty"`
+	MaxReplicas  int32  `json:"maxReplicas,omitempty"`
 }
 
 // SidecarInjectorConfiguration defines config options for SidecarInjector
 type SidecarInjectorConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
+	Image        string `json:"image,omitempty"`
+	ReplicaCount int32  `json:"replicaCount,omitempty"`
+}
+
+// ProxyConfiguration defines config options for Proxy
+type ProxyConfiguration struct {
+	Image string `json:"image,omitempty"`
 }
 
 // IstioSpec defines the desired state of Istio
 type IstioSpec struct {
-	MTLS            bool   `json:"mtls"`
+	// MTLS enables or disables global mTLS
+	MTLS bool `json:"mtls"`
+
+	// IncludeIPRanges the range where to capture egress traffic
 	IncludeIPRanges string `json:"includeIPRanges,omitempty"`
+
+	// ExcludeIPRanges the range where not to capture egress traffic
 	ExcludeIPRanges string `json:"excludeIPRanges,omitempty"`
+
 	// List of namespaces to label with sidecar auto injection enabled
 	AutoInjectionNamespaces []string `json:"autoInjectionNamespaces,omitempty"`
+
 	// ControlPlaneSecurityEnabled control plane services are communicating through mTLS
 	ControlPlaneSecurityEnabled bool `json:"controlPlaneSecurityEnabled,omitempty"`
 
@@ -144,6 +188,9 @@ type IstioSpec struct {
 
 	// SidecarInjector configuration options
 	SidecarInjector SidecarInjectorConfiguration `json:"sidecarInjector,omitempty"`
+
+	// Proxy configuration options
+	Proxy ProxyConfiguration `json:"proxy,omitempty"`
 }
 
 // IstioStatus defines the observed state of Istio

pkg/apis/istio/v1beta1/remoteistio_types.go

@@ -44,18 +44,30 @@ func (spec RemoteIstioSpec) GetSignCert() SignCert {
 
 // RemoteIstioSpec defines the desired state of RemoteIstio
 type RemoteIstioSpec struct {
-	IncludeIPRanges string         `json:"includeIPRanges,omitempty"`
-	ExcludeIPRanges string         `json:"excludeIPRanges,omitempty"`
+	// IncludeIPRanges the range where to capture egress traffic
+	IncludeIPRanges string `json:"includeIPRanges,omitempty"`
+
+	// ExcludeIPRanges the range where not to capture egress traffic
+	ExcludeIPRanges string `json:"excludeIPRanges,omitempty"`
+
+	// EnabledServices the Istio component services replicated to remote side
 	EnabledServices []IstioService `json:"enabledServices"`
+
 	// List of namespaces to label with sidecar auto injection enabled
 	AutoInjectionNamespaces []string `json:"autoInjectionNamespaces,omitempty"`
+
 	// ControlPlaneSecurityEnabled control plane services are communicating through mTLS
 	ControlPlaneSecurityEnabled bool `json:"controlPlaneSecurityEnabled,omitempty"`
+
 	// Citadel configuration options
 	Citadel CitadelConfiguration `json:"citadel,omitempty"`
+
 	// SidecarInjector configuration options
 	SidecarInjector SidecarInjectorConfiguration `json:"sidecarInjector,omitempty"`
 
+	// Proxy configuration options
+	Proxy ProxyConfiguration `json:"proxy,omitempty"`
+
 	signCert SignCert
 }
 
@@ -97,10 +109,16 @@ func SetRemoteIstioDefaults(remoteconfig *RemoteIstio) {
 		remoteconfig.Spec.IncludeIPRanges = defaultIncludeIPRanges
 	}
 	// Citadel config
+	if remoteconfig.Spec.Citadel.Image == "" {
+		remoteconfig.Spec.Citadel.Image = defaultCitadelImage
+	}
 	if remoteconfig.Spec.Citadel.ReplicaCount == 0 {
 		remoteconfig.Spec.Citadel.ReplicaCount = defaultReplicaCount
 	}
 	// SidecarInjector config
+	if remoteconfig.Spec.SidecarInjector.Image == "" {
+		remoteconfig.Spec.SidecarInjector.Image = defaultSidecarInjectorImage
+	}
 	if remoteconfig.Spec.SidecarInjector.ReplicaCount == 0 {
 		remoteconfig.Spec.SidecarInjector.ReplicaCount = defaultReplicaCount
 	}