Enable Istio Sidecar injection for activator

[nikkithurmond]

Enable istio sidecar injection for activator.

Fixes #838

Proposed Changes

Enable istio sidecar injection for activator.
Since istio does not support direct pod ip access istio/istio#3398, we need to use FQDN when proxy requests.

See #833 for the history of this PR

Release Note

NONE

[nikkithurmond]

/assign mdemirhan
/assign tcnghia
/assign josephburnett

[mdemirhan]

Hard coded sleeps are non-portable and a value that works in one environment is unlikely to work in another unless a real large value is chosen. Instead of this, is there a way to call the readiness probe of a pod (if one exists) and decide the readiness based on that? If that pod doesn't have one, then a hard coded sleep as a fallback might seem ok.

[nikkithurmond]

Agreed. I'm going to file a github issue to replace this with a call to the readinessProbe.

[nikkithurmond]

@mdemirhan Is that good for now?

[mdemirhan]

Yes, sorry for taking this long to respond. I completely missed this one.

[nikkithurmond]

/retest

[mdemirhan]

/lgtm

[tcnghia]

/lgtm
/approve

[steuhs]

/test pull-knative-serving-go-coverage

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5%
pkg/activator/revision_test.go	76.1%	79.5%	3.5%

*TestCoverage feature is being tested, do not rely on any info here yet

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5%
pkg/activator/revision_test.go	76.1%	79.5%	3.5%

*TestCoverage feature is being tested, do not rely on any info here yet

[nikkithurmond]

/retest

[nikkithurmond]

/retest

[ZhiminXiang]

By adding this label, seems like Istio sidecar will be injected into all of pods under knative-serving-system (including controller, webhook, etc.) according to my experiment. Is this what we want in this PR?

[nikkithurmond]

Probably not. I'll work on it.

[nikkithurmond]

I don't know, looks like you enable sidecar injection for an entire namespace https://istio.io/docs/setup/kubernetes/sidecar-injection/#deploying-an-app

[nikkithurmond]

I think I might need to disable it on a case by case basis.

[nikkithurmond]

There, that should do it.

[ZhiminXiang]

yea. or maybe we can move activator and autoscaler into a separate namespace? Just a thought :)

[nikkithurmond]

I'll leave that for when we make the autoscaler multitenant

[evankanderson]

https://istio.io/docs/setup/kubernetes/sidecar-injection/#policy suggests that it should be possible to have this governed by an annotation, but I haven't been able to make this work with experimentation.

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5%
pkg/activator/revision_test.go	76.1%	79.5%	3.5%

*TestCoverage feature is being tested, do not rely on any info here yet

[mdemirhan]

/lgtm
/approve

[nikkithurmond]

/assign @vaikas-google
Assigning to an owner

[mdemirhan]

Probably a mistake. Should revert :)

[mdemirhan]

Probably a mistake. Should revert :)

[mdemirhan]

/lgtm

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5%
pkg/activator/revision_test.go	76.1%	79.5%	3.5%

*TestCoverage feature is being tested, do not rely on any info here yet

[nikkithurmond]

PTAL

/assign @evankanderson
/assign @mattmoor

[evankanderson]

/lgtm
/approve

[evankanderson]

https://istio.io/docs/setup/kubernetes/sidecar-injection/#policy suggests that it should be possible to have this governed by an annotation, but I haven't been able to make this work with experimentation.

[google-prow-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: evankanderson, mdemirhan, nikkithurmond, tcnghia

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [evankanderson]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5
pkg/activator/revision_test.go	76.1%	79.5%	3.5

*TestCoverage feature is being tested, do not rely on any info here yet

[nikkithurmond]

/retest

[nikkithurmond]

/retest

[nikkithurmond]

/retest

[nikkithurmond]

/test pull-knative-serving-integration-tests

[nikkithurmond]

/test pull-knative-serving-integration-tests

[knative-metrics-robot]

The following is the coverage report on pkg/. Say /test pull-knative-serving-go-coverage to run the coverage report again

File	Old Coverage	New Coverage	Delta
pkg/activator/revision.go	76.1%	79.5%	3.5
pkg/activator/revision_test.go	76.1%	79.5%	3.5

*TestCoverage feature is being tested, do not rely on any info here yet