Skip to content

Detect the presence of the istio proxy container in revision pod spec #766

Closed
Closed
Detect the presence of the istio proxy container in revision pod spec#766
Assignees
shashwathi
Labels
area/APIAPI objects and controllersarea/networkingkind/cleanupCategorizes issue or PR as related to cleaning up code, process, or technical debt.
@grantr

Description

@grantr
grantr
opened on Apr 27, 2018

/area API
/area networking
/kind feature

Expected Behavior

If the Istio sidecar proxy fails to be injected into a revision pod spec, networking to and from those pods will silently fail in subtle ways due to the absence of the sidecar. The user should know when this happens so it can be corrected.

Actual Behavior

If the Istio sidecar injector is missing or incorrectly configured, there is no indication that sidecar injection failed. For simple demo apps, there's no behavior change because normal Kubernetes Service routing still works. The failures will start when apps need to talk to other apps in the cluster or use more complex Istio routing rules.

Steps to Reproduce the Problem

  1. When setting up an Elafros cluster, skip the sidecar injector configuration.
  2. Create a revision.
  3. Notice that the revision's deployment has no istio-proxy container.

Additional Info

The revision controller should look for the istio-proxy sidecar and if it's missing, set Ready=False with Reason=Missing istio proxy, or set a specific condition like NetworkProxyMissing (conforming to the condition recommendations in #351).

/cc @ian-mi

Metadata

Metadata

Assignees

Labels

area/APIAPI objects and controllersarea/networkingkind/cleanupCategorizes issue or PR as related to cleaning up code, process, or technical debt.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions