Closed JasmithaMeka closed 6 years ago
ayj
commented
6 years ago kube-inject is purely a client-side function. There is no server-side callable API for injection. The istio ConfigMap is only accessed to retrieve some mesh-level configuration.
See https://istio.io/docs/setup/kubernetes/sidecar-injection.html#automatic-sidecar-injection for how we do handle server-side injection.
JasmithaMeka
commented
6 years ago Hi Ayj, Thanks for the quick reply
I want to inject envoy from my Go application. Thats why I was asking about API. If possible could you send a snippet that is triggered (on execution of istioctl kube-inject -f finename.yaml) which calls function that injects envoy? Is there any other way to inject from an application if not to do it automatically or using Istio command line ?
ayj
commented
6 years ago Injection appends additional containers and volumes to the pod template spec. The code for this is in intoObject and injectIntoSpec. This could be refactored into a more consumable/public package but there aren't any plans for that right now. Can you provide more background on the problem you're trying to solve and why the existing command line and automatic options are not sufficient?
JasmithaMeka
commented
6 years ago Idea is to inject side cars using my custom GoLang program. If I execute command using code, I wont be sure if it is executed successfully or not. Yes, I can take response and check but Im just wondering if there is any other way to do it.
josephburnett
commented
6 years ago +1 to providing an API for Istio Envoy injection. I already have the pod spec in a CRD controller. I would rather just inject with a go function there, than to setup yet another webhook.
ayj
commented
6 years ago We could export injectionData(). You'd need to provide the sidecar template and proxy/mesh configurations.
ayj
commented
6 years ago Issue moved to istio/istio #3816 via ZenHub
Is this a BUG or FEATURE REQUEST?: NEED HELP
Did you review existing epics or issues to identify if this already being worked on? (please try to add the correct labels and epics): Y
Bug: N
What Version of Istio and Kubernetes are you using, where did you get Istio from, Installation details
Is Istio Auth enabled or not ? Did you install istio.yaml, istio-auth.yaml.... I have installed istio.yaml
What happened and What you expected to happen: I want to inject side cars using an API instead of istio command line. When I tried to execute istioctl command with verbose mode(--v=9). I found out it is accessing only one API to get istio ConfigMap. I have gone through code flow of inject.go. What exactly happens when "istioctl kube-inject -f.yaml" ? Is logger not mentioned for that particular part ? How can I learn which API is calling inject.go ? is there a way to see the flow ? Can I inject envoy to pods using an API (curl http call) ?
I have created Objects(RouteRule) using following api $curl -X POST -d @(file-name).yaml http://localhost:(kubectl-proxy-port)/apis/config.istio.io/v1alpha2/namespaces/default/routerules
Is it the right way? Is there any other standard way to do it using Istio API s?
What you expected to happen I am expecting a response something like this where I get to know which API command is accessing