Workload Group
WorkloadGroup
describes a collection of workload instances. It provides a specification that the workload instances can use to bootstrap their proxies, including the metadata and identity. It is only intended to be used with non-k8s workloads like Virtual Machines, and is meant to mimic the existing sidecar injection and deployment specification model used for Kubernetes workloads to bootstrap Istio proxies.
The following example declares a workload group representing a collection of workloads that will be registered under reviews
in namespace bookinfo
. The set of labels will be associated with each workload instance during the bootstrap process, and the ports 3550 and 8080 will be associated with the workload group and use service account default
. app.kubernetes.io/version
is just an arbitrary example of a label.
apiVersion: networking.istio.io/v1beta1
kind: WorkloadGroup
metadata:
name: reviews
namespace: bookinfo
spec:
metadata:
labels:
app.kubernetes.io/name: reviews
app.kubernetes.io/version: "1.3.4"
template:
ports:
grpc: 3550
http: 8080
serviceAccount: default
probe:
initialDelaySeconds: 5
timeoutSeconds: 3
periodSeconds: 4
successThreshold: 3
failureThreshold: 3
httpGet:
path: /foo/bar
host: 127.0.0.1
port: 3100
scheme: HTTPS
httpHeaders:
- name: Lit-Header
value: Im-The-Best
WorkloadGroup
WorkloadGroup
enables specifying the properties of a single workload for bootstrap and provides a template for WorkloadEntry
, similar to how Deployment
specifies properties of workloads via Pod
templates. A WorkloadGroup
can have more than one WorkloadEntry
. WorkloadGroup
has no relationship to resources which control service registry like ServiceEntry
and as such doesn’t configure host name for these workloads.
Field | Type | Description | Required |
---|---|---|---|
metadata | ObjectMeta | Metadata that will be used for all corresponding | No |
template | WorkloadEntry | Template to be used for the generation of | Yes |
probe | ReadinessProbe |
| No |
ReadinessProbe
Field | Type | Description | Required |
---|---|---|---|
initialDelaySeconds | int32 | Number of seconds after the container has started before readiness probes are initiated. | No |
timeoutSeconds | int32 | Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1 second. | No |
periodSeconds | int32 | How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1 second. | No |
successThreshold | int32 | Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1 second. | No |
failureThreshold | int32 | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3 seconds. | No |
httpGet | HTTPHealthCheckConfig (oneof) |
| No |
tcpSocket | TCPHealthCheckConfig (oneof) | Health is determined by if the proxy is able to connect. | No |
exec | ExecHealthCheckConfig (oneof) | Health is determined by how the command that is executed exited. | No |
HTTPHealthCheckConfig
Field | Type | Description | Required |
---|---|---|---|
path | string | Path to access on the HTTP server. | No |
port | uint32 | Port on which the endpoint lives. | Yes |
host | string | Host name to connect to, defaults to the pod IP. You probably want to set “Host” in httpHeaders instead. | No |
scheme | string | HTTP or HTTPS, defaults to HTTP | No |
httpHeaders | HTTPHeader[] | Headers the proxy will pass on to make the request. Allows repeated headers. | No |
HTTPHeader
Field | Type | Description | Required |
---|---|---|---|
name | string | The header field name | No |
value | string | The header field value | No |
TCPHealthCheckConfig
Field | Type | Description | Required |
---|---|---|---|
host | string | Host to connect to, defaults to localhost | No |
port | uint32 | Port of host | Yes |
ExecHealthCheckConfig
Field | Type | Description | Required |
---|---|---|---|
command | string[] | Command to run. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. | No |
WorkloadGroup.ObjectMeta
ObjectMeta
describes metadata that will be attached to a WorkloadEntry
. It is a subset of the supported Kubernetes metadata.
Field | Type | Description | Required |
---|---|---|---|
labels | map<string, string> | Labels to attach | No |
annotations | map<string, string> | Annotations to attach | No |