diff --git a/Makefile.core.mk b/Makefile.core.mk index 7aa6b0858..647127b28 100644 --- a/Makefile.core.mk +++ b/Makefile.core.mk @@ -111,7 +111,7 @@ clean-istio: rm -rf external/istio clean-gateway: clean-istio - rm -rf external/envoy + rm -rf external/envoy rm -rf external/proxy rm external/package/envoy.tar.gz diff --git a/istio/1.12/patches/istio/20221103-fix-multi-namespace.patch b/istio/1.12/patches/istio/20221103-fix-multi-namespace.patch new file mode 100644 index 000000000..fe19f4dcc --- /dev/null +++ b/istio/1.12/patches/istio/20221103-fix-multi-namespace.patch @@ -0,0 +1,189 @@ +diff --git a/pilot/docker/Dockerfile.pilot b/pilot/docker/Dockerfile.pilot +index 601d78d12a..4a63a71ff5 100644 +--- a/pilot/docker/Dockerfile.pilot ++++ b/pilot/docker/Dockerfile.pilot +@@ -25,6 +25,8 @@ COPY gcp_envoy_bootstrap.json /var/lib/istio/envoy/gcp_envoy_bootstrap_tmpl.json + + COPY higress-pilot-start.sh /usr/local/bin/higress-pilot-start.sh + ++RUN chmod +x /usr/local/bin/higress-pilot-start.sh ++ + USER 1337:1337 + + ENTRYPOINT ["/usr/local/bin/higress-pilot-start.sh"] +diff --git a/pilot/pkg/model/ali_push_context.go b/pilot/pkg/model/ali_push_context.go +index 459bd78469..55ba7331e0 100644 +--- a/pilot/pkg/model/ali_push_context.go ++++ b/pilot/pkg/model/ali_push_context.go +@@ -1,6 +1,7 @@ + package model + + import ( ++ "path" + "sort" + "strings" + "time" +@@ -123,7 +124,7 @@ func createCRName(clusterId, autoGenerated string) string { + + // virtualServiceFilter will modify copied configs from underlying store. + // We merge routes into pre host of virtual service. +-func virtualServiceFilter(configs []config.Config) []config.Config { ++func VirtualServiceFilter(configs []config.Config) []config.Config { + var autoGenerated []*config.Config + configsForName := make(map[string]*config.Config, len(configs)) + +@@ -134,7 +135,7 @@ func virtualServiceFilter(configs []config.Config) []config.Config { + if strings.HasPrefix(c.Name, constants.IstioIngressGatewayName) { + autoGenerated = append(autoGenerated, &c) + } else { +- configsForName[c.Name] = &c ++ configsForName[path.Join(c.Namespace, c.Name)] = &c + } + } + +@@ -142,7 +143,7 @@ func virtualServiceFilter(configs []config.Config) []config.Config { + + for _, c := range autoGenerated { + targetName := createCRName(istioClusterId, c.Name) +- rawVS, exist := configsForName[targetName] ++ rawVS, exist := configsForName[path.Join(c.Namespace, targetName)] + if exist { + vs := rawVS.Spec.(*networking.VirtualService) + autoGeneratedVS := c.Spec.(*networking.VirtualService) +@@ -155,7 +156,7 @@ func virtualServiceFilter(configs []config.Config) []config.Config { + // We change the auto-generated config name to the format of cr name same with ops when ops + // don't have this host. + c.Name = targetName +- configsForName[targetName] = c ++ configsForName[path.Join(c.Namespace, targetName)] = c + } + } + +@@ -167,7 +168,7 @@ func virtualServiceFilter(configs []config.Config) []config.Config { + } + + // destinationFilter will modify copied configs from underlying store. +-func destinationFilter(configs []config.Config) []config.Config { ++func DestinationFilter(configs []config.Config) []config.Config { + var autoGenerated []*config.Config + configsForName := make(map[string]*config.Config, len(configs)) + +@@ -176,7 +177,7 @@ func destinationFilter(configs []config.Config) []config.Config { + if strings.HasPrefix(c.Name, constants.IstioIngressGatewayName) { + autoGenerated = append(autoGenerated, &c) + } else { +- configsForName[c.Name] = &c ++ configsForName[path.Join(c.Namespace, c.Name)] = &c + } + } + +@@ -185,12 +186,12 @@ func destinationFilter(configs []config.Config) []config.Config { + for _, c := range autoGenerated { + // DestinationRule name of ops is md5 without cluster id. + targetName := strings.TrimPrefix(c.Name, constants.IstioIngressGatewayName+"-") +- _, exist := configsForName[targetName] ++ _, exist := configsForName[path.Join(c.Namespace, targetName)] + if !exist { + // We change the auto-generated config name to the format of cr name same with ops when ops + // don't have destination rule for this service. + c.Name = targetName +- configsForName[targetName] = c ++ configsForName[path.Join(c.Namespace, targetName)] = c + } + } + +@@ -203,7 +204,7 @@ func destinationFilter(configs []config.Config) []config.Config { + + // gatewayFilter will modify copied configs from underlying store. + // We merge routes into pre host of virtual service. +-func gatewayFilter(configs []config.Config) []config.Config { ++func GatewayFilter(configs []config.Config) []config.Config { + var autoGenerated []*config.Config + configsForName := make(map[string]*config.Config, len(configs)) + +@@ -214,7 +215,7 @@ func gatewayFilter(configs []config.Config) []config.Config { + if strings.HasPrefix(c.Name, constants.IstioIngressGatewayName) { + autoGenerated = append(autoGenerated, &c) + } else { +- configsForName[c.Name] = &c ++ configsForName[path.Join(c.Namespace, c.Name)] = &c + } + } + +@@ -222,14 +223,14 @@ func gatewayFilter(configs []config.Config) []config.Config { + + for _, c := range autoGenerated { + targetName := createCRName(istioClusterId, c.Name) +- _, exist := configsForName[targetName] ++ _, exist := configsForName[path.Join(c.Namespace, targetName)] + // Note, if ops already has the host without tls and ingress has the same host with tls, + // we don't merge tls settings, i.e, we don't adopt ingress tls for this host. + if !exist { + // We change the auto-generated config name to the format of cr name same with ops when ops + // don't have this host. + c.Name = targetName +- configsForName[targetName] = c ++ configsForName[path.Join(c.Namespace, targetName)] = c + } + } + +diff --git a/pilot/pkg/model/push_context.go b/pilot/pkg/model/push_context.go +index b7e4957b62..89bc9e4e36 100644 +--- a/pilot/pkg/model/push_context.go ++++ b/pilot/pkg/model/push_context.go +@@ -1406,7 +1406,7 @@ func (ps *PushContext) initVirtualServices(env *Environment) error { + } + + // Added by ingress +- vservices = virtualServiceFilter(vservices) ++ vservices = VirtualServiceFilter(vservices) + // End added by ingress + + totalVirtualServices.Record(float64(len(virtualServices))) +@@ -1608,7 +1608,7 @@ func (ps *PushContext) initDestinationRules(env *Environment) error { + destRules[i] = configs[i].DeepCopy() + } + +- destRules = destinationFilter(destRules) ++ destRules = DestinationFilter(destRules) + + ps.SetDestinationRules(destRules) + return nil +@@ -1937,7 +1937,7 @@ func (ps *PushContext) initGateways(env *Environment) error { + for i := range gateways { + gateways[i] = gatewayConfigs[i].DeepCopy() + } +- gatewayConfigs = gatewayFilter(gateways) ++ gatewayConfigs = GatewayFilter(gateways) + // End added by ingress + + sortConfigByCreationTime(gatewayConfigs) +diff --git a/pilot/pkg/xds/debug.go b/pilot/pkg/xds/debug.go +index ac91ef312a..a5b4ea6943 100644 +--- a/pilot/pkg/xds/debug.go ++++ b/pilot/pkg/xds/debug.go +@@ -42,6 +42,7 @@ import ( + v3 "istio.io/istio/pilot/pkg/xds/v3" + "istio.io/istio/pkg/config" + "istio.io/istio/pkg/config/schema/collection" ++ "istio.io/istio/pkg/config/schema/gvk" + "istio.io/istio/pkg/network" + "istio.io/istio/pkg/util/protomarshal" + istiolog "istio.io/pkg/log" +@@ -463,6 +464,16 @@ func (s *DiscoveryServer) configz(w http.ResponseWriter, req *http.Request) { + configs := make([]kubernetesConfig, 0) + s.Env.IstioConfigStore.Schemas().ForEach(func(schema collection.Schema) bool { + cfg, _ := s.Env.IstioConfigStore.List(schema.Resource().GroupVersionKind(), "") ++ // Added by ingress ++ switch schema.Resource().GroupVersionKind().String() { ++ case gvk.Gateway.String(): ++ cfg = model.GatewayFilter(cfg) ++ case gvk.VirtualService.String(): ++ cfg = model.VirtualServiceFilter(cfg) ++ case gvk.DestinationRule.String(): ++ cfg = model.DestinationFilter(cfg) ++ } ++ // End added by ingress + for _, c := range cfg { + configs = append(configs, kubernetesConfig{c}) + }