Skip to content

Istio Crypto Scheduled Workflow #7

Istio Crypto Scheduled Workflow

Istio Crypto Scheduled Workflow #7

Workflow file for this run

name: CryptoMB-TLS-handshake-acceleration-for-Istio
services:
example-istiocontrolplane:
name: example-istiocontrolplane
type: IstioOperator
apiVersion: install.istio.io/v1alpha1
namespace: istio-system
model: istio-base
version: 1.16.0
settings:
spec:
components:
egress Gateways:
- enabled: true
name: istio-egressgateway
ingress Gateways:
- enabled: true
k8s:
pod Annotations:
proxy.istio.io/config: |
privateKeyProvider:
cryptomb:
pollDelay: 10ms
name: istio-ingressgateway
profile: demo
traits:
meshmap:
edges: []
id: 0a9190c6-3b94-4497-9b5e-0e26e26a3f4a
label: example-istiocontrolplane
meshmodel-metadata:
isCustomResource: true
isNamespaced: true
primaryColor: '#326CE5'
secondaryColor: '#7aa1f0'
shape: circle
svgColor: ui/public/static/img/meshmodels/kubernetes/color/apiservice-color.svg
svgWhite: ui/public/static/img/meshmodels/kubernetes/white/apiservice-white.svg
position:
posX: 448.11615449152737
posY: 115.57287677378196
istio-operator-btexb:
name: istio-operator
type: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
model: kubernetes
settings:
rules:
- api Groups:
- authentication.istio.io
resources:
- '*'
verbs:
- '*'
- api Groups:
- config.istio.io
resources:
- '*'
verbs:
- '*'
- api Groups:
- install.istio.io
resources:
- '*'
verbs:
- '*'
- api Groups:
- networking.istio.io
resources:
- '*'
verbs:
- '*'
- api Groups:
- security.istio.io
resources:
- '*'
verbs:
- '*'
- api Groups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- '*'
- api Groups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions.apiextensions.k8s.io
- customresourcedefinitions
verbs:
- '*'
- api Groups:
- apps
- extensions
resources:
- daemonsets
- deployments
- deployments/finalizers
- replicasets
verbs:
- '*'
- api Groups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- '*'
- api Groups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- update
- api Groups:
- policy
resources:
- poddisruptionbudgets
verbs:
- '*'
- api Groups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
- clusterroles
- roles
- rolebindings
verbs:
- '*'
- api Groups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
- api Groups:
- ""
resources:
- configmaps
- endpoints
- events
- namespaces
- pods
- pods/proxy
- pods/portforward
- persistentvolumeclaims
- secrets
- services
- serviceaccounts
- resourcequotas
verbs:
- '*'
traits:
meshmap:
edges: []
id: f9e95f4b-ffef-4523-917c-1442bb59b53b
label: istio-operator
meshmodel-metadata:
genealogy: ""
isCustomResource: false
isNamespaced: false
logoURL: Created by Lee
model: kubernetes
modelDisplayName: Kubernetes
primaryColor: '#326CE5'
published: true
secondaryColor: '#7aa1f0'
shape: round-rectangle
styleOverrides: '{"height":"22px","width":"16px","padding":"6px"}'
subCategory: Scheduling & Orchestration
svgColor: ui/public/static/img/meshmodels/kubernetes/color/clusterrole-color.svg
svgComplete: ""
svgWhite: ui/public/static/img/meshmodels/kubernetes/white/clusterrole-white.svg
position:
posX: 671.5732114890026
posY: 194.95822565413835
istio-operator-danjd:
name: istio-operator
type: Service
apiVersion: v1
namespace: istio-operator
model: kubernetes
settings:
spec:
ports:
- name: http-metrics
port: 80
protocol: TCP
target Port: 8383
selector:
name: istio-operator
traits:
meshmap:
edges: []
id: d24ca3fc-fb37-40d6-86b7-a2665b24f120
label: istio-operator
meshmodel-metadata:
genealogy: ""
isCustomResource: false
isNamespaced: true
logoURL: https://github.com/cncf/artwork/blob/master/projects/kubernetes/icon/white/kubernetes-icon-white.svg
model: kubernetes
modelDisplayName: Kubernetes
primaryColor: '#326CE5'
published: true
secondaryColor: '#7aa1f0'
shape: round-triangle
styleOverrides: '{"height":16,"width":17,"padding":12,"background-fit":"none","background-position-y":4.5}'
subCategory: Scheduling & Orchestration
svgColor: ui/public/static/img/meshmodels/kubernetes/color/apiservice-color.svg
svgComplete: ""
svgWhite: ui/public/static/img/meshmodels/kubernetes/white/apiservice-white.svg
position:
posX: 484.9355395872588
posY: 168.2587641981373
istio-operator-gblro:
name: istio-operator
type: Deployment
apiVersion: apps/v1
namespace: istio-operator
model: kubernetes
settings:
spec:
replicas: 1
revision History Limit: 10
selector:
match Labels:
name: istio-operator
template:
metadata:
annotations:
prometheus.io/port: "15014"
prometheus.io/scrape: "true"
labels:
name: istio-operator
spec:
containers:
- command:
- operator
- server
- --monitoring-host=127.0.0.1
- --monitoring-port=15014
env:
- name: WATCH_NAMESPACE
value: istio-system
- name: LEADER_ELECTION_NAMESPACE
value: istio-operator
- name: POD_NAME
value From:
field Ref:
field Path: metadata.name
- name: OPERATOR_NAME
value: istio-operator
- name: WAIT_FOR_RESOURCES_TIMEOUT
value: 300s
- name: REVISION
value: ""
image: docker.io/istio/operator:1.18.0
name: istio-operator
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 50m
memory: 128Mi
security Context:
allow Privilege Escalation: false
capabilities:
drop:
- ALL
privileged: false
read Only Root Filesystem: true
run As Group: 1337
run As Non Root: true
run As User: 1337
service Account Name: istio-operator
traits:
meshmap:
edges: []
id: 8e79be8c-da6a-49fe-8bc2-6decf12fd7c1
label: istio-operator
meshmodel-metadata:
genealogy: parent
isCustomResource: false
isNamespaced: true
logoURL: Created by Lee
model: kubernetes
modelDisplayName: Kubernetes
primaryColor: '#326CE5'
published: true
secondaryColor: '#7aa1f0'
shape: round-pentagon
styleOverrides: '{"background-image":"none","border-width":2,"background-opacity":0.5}'
subCategory: Scheduling & Orchestration
svgColor: ui/public/static/img/meshmodels/kubernetes/color/deployment-color.svg
svgComplete: ui/public/static/img/meshmodels/kubernetes/complete/deployment-complete.svg
svgWhite: ui/public/static/img/meshmodels/kubernetes/color/deployment-color.svg
position:
posX: 492.1229787505797
posY: 234.6048777043293
istio-operator-ioxyg:
name: istio-operator
type: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
namespace: istio-operator
model: kubernetes
settings:
role Ref:
api Group: rbac.authorization.k8s.io
kind: ClusterRole
name: istio-operator
subjects:
- kind: ServiceAccount
name: istio-operator
namespace: istio-operator
traits:
meshmap:
edges: []
id: c3ad3045-b7a5-4b15-bafc-55ad9cc2bce6
label: istio-operator
meshmodel-metadata:
genealogy: ""
isCustomResource: false
isNamespaced: false
logoURL: Created by Lee
model: kubernetes
modelDisplayName: Kubernetes
primaryColor: '#326CE5'
published: true
secondaryColor: '#7aa1f0'
shape: round-rectangle
styleOverrides: '{"height":"22px","width":"16px","padding":"6px", "z-index":9999}'
subCategory: Scheduling & Orchestration
svgColor: ui/public/static/img/meshmodels/kubernetes/color/clusterrolebinding-color.svg
svgComplete: ""
svgWhite: ui/public/static/img/meshmodels/kubernetes/white/clusterrolebinding-white.svg
position:
posX: 583.5433705937176
posY: 276.8033383692807
istio-operator-kgmgw:
name: istio-operator
type: ServiceAccount
apiVersion: v1
namespace: istio-operator
model: kubernetes
traits:
meshmap:
edges: []
id: 9240267f-d393-4c5d-bdf9-596bacf0ebf0
label: istio-operator
meshmodel-metadata:
genealogy: ""
isCustomResource: false
isNamespaced: true
logoURL: https://github.com/cncf/artwork/blob/master/projects/kubernetes/icon/white/kubernetes-icon-white.svg
model: kubernetes
modelDisplayName: Kubernetes
primaryColor: '#326CE5'
published: true
secondaryColor: '#7aa1f0'
shape: round-rectangle
styleOverrides: ""
subCategory: Scheduling & Orchestration
svgColor: ui/public/static/img/meshmodels/kubernetes/color/serviceaccount-color.svg
svgComplete: ""
svgWhite: ui/public/static/img/meshmodels/kubernetes/color/serviceaccount-color.svg
position:
posX: 561.5
posY: 194.5