Experimental Support for ambient on Windows #1461
Conversation
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
|
Skipping CI for Draft Pull Request. |
istio-testing
added
the
do-not-merge/work-in-progress
|
😊 Welcome @keithmattix! This is either your first contribution to the Istio ztunnel repo, or it's been You can learn more about the Istio working groups, Code of Conduct, and contribution guidelines Thanks for contributing! Courtesy of your friendly welcome wagon. |
istio-testing
added
the
size/XXL
proto/zds.proto
Outdated
| // Add a workload to the ztunnel. this will be accompanied by ancillary data contianing | ||
| // the workload's netns file descriptor. | ||
| message AddWorkload { | ||
| string uid = 1; | ||
| WorkloadInfo workload_info = 2; | ||
| // The namespace for the workload. Windows only. | ||
| WindowsNamespace windows_namespace = 3; |
There was a problem hiding this comment.
Why not make this an optional in WorkloadInfo?
There was a problem hiding this comment.
Honestly I think it was in an earlier draft of this, but I can't remember why the shift. Agreed that an optional is much cleaner
There was a problem hiding this comment.
Ah, I remember now, it was because I wanted to model it like the auxiliary data (i.e. the FD) from the unix domain socket communication. I don't really have any preference, and went ahead and just stuck it on workload_info
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
Signed-off-by: Keith Mattix II <[email protected]>
|
|
||
| cfg_if::cfg_if! { | ||
| if #[cfg(target_os = "windows")] { | ||
| output = Command::new("powershell.exe") |
There was a problem hiding this comment.
| output = Command::new("powershell.exe") | |
| let output = Command::new("powershell.exe") |
| } | ||
| } | ||
|
|
||
| match output { | ||
| Ok(output) => { |
There was a problem hiding this comment.
Minor issue here where it doesn't print anything when powershell fails to execute the script (eg. because of permission policies).
Ok(output) => {
if output.status.success() {
for line in String::from_utf8(output.stdout).unwrap().lines() {
// Each line looks like `istio.io/pkg/version.buildGitRevision=abc`
if let Some((key, value)) = line.split_once('=') {
let key = key.split('.').last().unwrap();
println!("cargo:rustc-env=ZTUNNEL_BUILD_{key}={value}");
} else {
println!("cargo:warning=invalid build output {line}");
}
}
} else {
println!(
"cargo:warning=build info script failed (stderr): {}",
String::from_utf8(output.stderr)
.unwrap()
.replace("\r\n", "")
);
}
}
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Part of istio/istio#27893. Istio CNI piece is at istio/istio#55216
More information to follow in an upcoming IstioDay talk as well as a blog post, but in summary: we've made substantial progress towards support Istio on Windows, and we decided the time is right to share where we are with the community! After discussing with the rest of Istio TOC, we have agreed that a long-lived experimental branch is the best place for this code to live for now as we work towards productionizing it and getting CI set up.
What works
What doesn't work
I'm opening this PR as a draft for folks to take a look and comment on the diff/approach before merging it into the experimental branch. Feel free to reach out with any questions or concerns. Welcome to Istio, Windows!