Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

images: start building an apko-general iptables image #50545

Merged
merged 2 commits into from May 2, 2024
Merged

images: start building an apko-general iptables image #50545

merged 2 commits into from May 2, 2024

Conversation

howardjohn
Copy link
Member

@howardjohn howardjohn commented Apr 19, 2024
edited

For #44510

This will need a PR to istio/tools to add apko, so putting a hold.

Note this doesn't yet change Istio to use it, only to build it.

@howardjohn howardjohn added the release-notes-none Indicates a PR that does not require release notes. label Apr 19, 2024
@istio-testing
Copy link
Collaborator

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@istio-testing istio-testing added do-not-merge/work-in-progress Block merging of a PR because it isn't ready yet. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Apr 19, 2024
@howardjohn howardjohn added do-not-merge/hold Block automatic merging of a PR. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Apr 19, 2024
@istio-testing istio-testing added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Apr 19, 2024
@howardjohn howardjohn changed the title docekr/apko builder images: start building an apko-general iptables image Apr 19, 2024
@howardjohn howardjohn marked this pull request as ready for review April 19, 2024 00:13
@istio-testing istio-testing removed the do-not-merge/work-in-progress Block merging of a PR because it isn't ready yet. label Apr 19, 2024
costinm
costinm approved these changes Apr 19, 2024
View reviewed changes
Copy link
Contributor

@costinm costinm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great idea.

Few suggestions ( we can do that in separate PRs):

  • add envoy user too, 1337
  • can use use /home/istio-proxy as home ?

As a larger topic, should we maybe explore a base image for sidecars without iptables - for istio-CNI users ? As we move towards ambient and sandwitched sidecars, plus sidecar containers - it may be worth having a more secure and constrained image - would also be good for waypoints/gateways.

@howardjohn
images: start building an apko-general iptables image
e8bdb5f 
For istio#44510

This will need a PR to istio/tools to add `apko`, so putting a hold.

Note this doesn't yet change Istio to use it, only to build it.
@howardjohn
add libgcc for ztunnel
49b1182
@howardjohn howardjohn mentioned this pull request May 2, 2024
Merged
@howardjohn howardjohn removed the do-not-merge/hold Block automatic merging of a PR. label May 2, 2024
@istio-testing istio-testing merged commit e123547 into istio:master May 2, 2024
27 of 28 checks passed
@howardjohn howardjohn mentioned this pull request May 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@costinm costinm costinm approved these changes

@jacob-delgado jacob-delgado jacob-delgado approved these changes

@linsun linsun Awaiting requested review from linsun linsun is a code owner

@stevenctl stevenctl Awaiting requested review from stevenctl stevenctl is a code owner

@ericvn ericvn Awaiting requested review from ericvn ericvn is a code owner

@hzxuzhonghu hzxuzhonghu Awaiting requested review from hzxuzhonghu hzxuzhonghu is a code owner

Assignees
No one assigned
Labels
release-notes-none Indicates a PR that does not require release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@howardjohn @istio-testing @costinm @jacob-delgado