This is an automated email from the ASF dual-hosted git repository. innerpeacez pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/skywalking-kubernetes.git
commit 435af5357930969b6e8a3f8aa43b112ab2c3549f Author: innerpeacez <innerpeace.z...@gmail.com> AuthorDate: Sun Oct 20 15:02:38 2019 +0800 Support for envoy sla and turn off es persistence enabled by default --- helm-chart/helm3/6.4.0/skywalking/README.md | 22 +++++++++++++++++++--- .../skywalking/templates/oap-clusterrole.yaml | 4 +++- .../templates/oap-clusterrolebinding.yaml | 2 ++ .../6.4.0/skywalking/templates/oap-deployment.yaml | 4 ++++ .../{oap-clusterrole.yaml => oap-role.yaml} | 13 ++++++------- ...lusterrolebinding.yaml => oap-rolebinding.yaml} | 12 +++++++----- helm-chart/helm3/6.4.0/skywalking/values.yaml | 10 ++++++---- 7 files changed, 47 insertions(+), 20 deletions(-) diff --git a/helm-chart/helm3/6.4.0/skywalking/README.md b/helm-chart/helm3/6.4.0/skywalking/README.md index 0421897..0fb8061 100644 --- a/helm-chart/helm3/6.4.0/skywalking/README.md +++ b/helm-chart/helm3/6.4.0/skywalking/README.md @@ -29,7 +29,7 @@ The command deploys Apache Skywalking on the Kubernetes cluster in the default c To uninstall/delete the `my-release` deployment: ```shell -$ helm delete my-release -n <namespace> +$ helm uninstall my-release -n <namespace> ``` The command removes all the Kubernetes components associated with the chart and deletes the release. @@ -56,6 +56,7 @@ The following table lists the configurable parameters of the Skywalking chart an | `oap.nodeSelector` | OAP labels for master pod assignment | `{}` | | `oap.tolerations` | OAP tolerations | `[]` | | `oap.resources` | OAP node resources requests & limits | `{} - cpu limit must be an integer` | +| `oap.envoy.sla.enabled` | Open envoy sla | `false` | | `oap.env` | OAP environment variables | `[]` | | `ui.name` | Web UI deployment name | `ui` | | `ui.replicas` | Web UI k8s deployment replicas | `1` | @@ -111,7 +112,7 @@ The following table lists the configurable parameters of the Skywalking chart an | `elasticsearch.master.tolerations` | `[]` | Master tolerations | | `elasticsearch.master.heapSize` | `512m` | Master node heap size | | `elasticsearch.master.name` | `master` | Master component name | -| `elasticsearch.master.persistence.enabled` | `true` | Master persistent enabled/disabled | +| `elasticsearch.master.persistence.enabled` | `false` | Master persistent enabled/disabled | | `elasticsearch.master.persistence.name` | `data` | Master statefulset PVC template name | | `elasticsearch.master.persistence.size` | `4Gi` | Master persistent volume size | | `elasticsearch.master.persistence.storageClass` | `nil` | Master persistent volume Class | @@ -129,7 +130,7 @@ The following table lists the configurable parameters of the Skywalking chart an | `elasticsearch.data.priorityClassName` | `nil` | Data priorityClass | | `elasticsearch.data.heapSize` | `1536m` | Data node heap size | | `elasticsearch.data.hooks.drain.enabled` | `true` | Data nodes: Enable drain pre-stop and post-start hook | -| `elasticsearch.data.persistence.enabled` | `true` | Data persistent enabled/disabled | +| `elasticsearch.data.persistence.enabled` | `false` | Data persistent enabled/disabled | | `elasticsearch.data.persistence.name` | `data` | Data statefulset PVC template name | | `elasticsearch.data.persistence.size` | `30Gi` | Data persistent volume size | | `elasticsearch.data.persistence.storageClass` | `nil` | Data persistent volume Class | @@ -196,3 +197,18 @@ ui: hosts: - skywalking.domain.com ``` +### Envoy ALS + +Envoy ALS(access log service) provides fully logs about RPC routed, including HTTP and TCP. + +If you want to open envoy sla, you can do this by modifying values.yaml. + +```yaml +oap: + envoy: + sla: + enabled: true +``` + +When envoy sla , will give ServerAccount clusterrole permission. +More envoy sla ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als \ No newline at end of file diff --git a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml b/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml index 87fbe84..cf78e7e 100644 --- a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml @@ -1,3 +1,4 @@ +{{- if .Values.oap.envoy.als.enabled }} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: @@ -13,4 +14,5 @@ rules: verbs: ["get", "watch", "list"] - apiGroups: ["extensions"] resources: ["deployments", "replicasets"] - verbs: ["get", "watch", "list"] \ No newline at end of file + verbs: ["get", "watch", "list"] +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml b/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml index 3f23c67..eeeb15f 100644 --- a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml @@ -1,3 +1,4 @@ +{{- if .Values.oap.envoy.als.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -15,3 +16,4 @@ subjects: - kind: ServiceAccount name: {{ template "skywalking.serviceAccountName.oap" . }} namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.4.0/skywalking/templates/oap-deployment.yaml b/helm-chart/helm3/6.4.0/skywalking/templates/oap-deployment.yaml index ecc7436..eebecfb 100644 --- a/helm-chart/helm3/6.4.0/skywalking/templates/oap-deployment.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/templates/oap-deployment.yaml @@ -91,6 +91,10 @@ spec: fieldPath: metadata.uid - name: SW_STORAGE value: elasticsearch + {{- if .Values.oap.envoy.als.enabled }} + - name: SW_ENVOY_ALS_ENABLED + value: {{ .Values.oap.envoy.als.enabled | quote}} + {{- end }} - name: SW_STORAGE_ES_CLUSTER_NODES value: "{{ include "call-nested" (list . "elasticsearch" "elasticsearch.client.fullname") }}:9200" {{- range $key, $value := .Values.oap.env }} diff --git a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml b/helm-chart/helm3/6.4.0/skywalking/templates/oap-role.yaml similarity index 59% copy from helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml copy to helm-chart/helm3/6.4.0/skywalking/templates/oap-role.yaml index 87fbe84..bbf21ce 100644 --- a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrole.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/templates/oap-role.yaml @@ -1,4 +1,5 @@ -kind: ClusterRole +{{- if not .Values.oap.envoy.als.enabled }} +kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: {{ template "skywalking.fullname" . }} @@ -8,9 +9,7 @@ metadata: release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" rules: -- apiGroups: [""] - resources: ["pods"] - verbs: ["get", "watch", "list"] -- apiGroups: ["extensions"] - resources: ["deployments", "replicasets"] - verbs: ["get", "watch", "list"] \ No newline at end of file + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "watch", "list"] +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml b/helm-chart/helm3/6.4.0/skywalking/templates/oap-rolebinding.yaml similarity index 64% copy from helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml copy to helm-chart/helm3/6.4.0/skywalking/templates/oap-rolebinding.yaml index 3f23c67..1eae86a 100644 --- a/helm-chart/helm3/6.4.0/skywalking/templates/oap-clusterrolebinding.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/templates/oap-rolebinding.yaml @@ -1,5 +1,6 @@ +{{- if not .Values.oap.envoy.als.enabled }} apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding +kind: RoleBinding metadata: name: {{ template "skywalking.fullname" . }} labels: @@ -9,9 +10,10 @@ metadata: heritage: "{{ .Release.Service }}" roleRef: apiGroup: rbac.authorization.k8s.io - kind: ClusterRole + kind: Role name: {{ template "skywalking.fullname" . }} subjects: -- kind: ServiceAccount - name: {{ template "skywalking.serviceAccountName.oap" . }} - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: {{ template "skywalking.serviceAccountName.oap" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-chart/helm3/6.4.0/skywalking/values.yaml b/helm-chart/helm3/6.4.0/skywalking/values.yaml index 3e45335..397d314 100644 --- a/helm-chart/helm3/6.4.0/skywalking/values.yaml +++ b/helm-chart/helm3/6.4.0/skywalking/values.yaml @@ -31,11 +31,13 @@ oap: # memory: 4Gi # podAnnotations: # example: oap-foo + envoy: + als: + enabled: false + # more envoy sla ,please refer to https://github.com/apache/skywalking/blob/master/docs/en/setup/envoy/als_setting.md#observe-service-mesh-through-als env: # more env, please refer to https://hub.docker.com/r/apache/skywalking-oap-server # or https://github.com/apache/skywalking-docker/blob/master/6/6.4/oap/README.md#sw_telemetry - # for example : - # SW_ENVOY_ALS_ENABLED: true ui: name: skywalking-ui replicas: 1 @@ -155,7 +157,7 @@ elasticsearch: heapSize: "512m" # additionalJavaOpts: "-XX:MaxRAM=512m" persistence: - enabled: true + enabled: false accessMode: ReadWriteOnce name: data size: "4Gi" @@ -202,7 +204,7 @@ elasticsearch: heapSize: "1536m" # additionalJavaOpts: "-XX:MaxRAM=1536m" persistence: - enabled: true + enabled: false accessMode: ReadWriteOnce name: data size: "30Gi"