Istio service mesh (#590)

* istio swap for osm

* spelling

* case issue

* fixing failed deploy

.github/workflows_dep/regressionparams/openservicemesh.json → .github/workflows_dep/regressionparams/istioServiceMesh.json

@@ -3,10 +3,10 @@
   "contentVersion": "1.0.0.0",
   "parameters": {
     "resourceName": {
-      "value": "az-k8s-osmd"
+      "value": "az-k8s-ist"
     },
-    "openServiceMeshAddon" : {
-        "value" : true
+    "serviceMeshProfile" : {
+        "value" : "Istio"
     }
   }
 }

bicep/main.bicep

@@ -1094,7 +1094,6 @@ param warIngressNginx bool = false
 @description('The name of the NEW resource group to create the AKS cluster managed resources in')
 param managedNodeResourceGroup string = ''
 
-
 // Preview feature requires: az feature register --namespace "Microsoft.ContainerService" --name "NRGLockdownPreview"
 @allowed([
   'ReadOnly'
@@ -1103,6 +1102,25 @@ param managedNodeResourceGroup string = ''
 @description('The restriction level applied to the cluster node resource group')
 param restrictionLevelNodeResourceGroup string = 'Unrestricted'
 
+@allowed(['', 'Istio'])
+@description('The service mesh profile to use')
+param serviceMeshProfile string = ''
+
+@description('The ingress gateway to use for the Istio service mesh')
+param istioIngressGatewayMode string = ''
+
+var serviceMeshProfileObj = {
+  istio: {
+    components: {
+      ingressGateways: empty(istioIngressGatewayMode) ? null : [{
+        enabled: true
+        mode: istioIngressGatewayMode
+      }]
+    }
+  }
+  mode: 'Istio'
+}
+
 @description('System Pool presets are derived from the recommended system pool specs')
 var systemPoolPresets = {
   CostOptimised : {
@@ -1159,7 +1177,6 @@ var systemPoolBase = {
 
 var agentPoolProfiles = JustUseSystemPool ? array(systemPoolBase) : concat(array(union(systemPoolBase, SystemPoolType=='Custom' && SystemPoolCustomPreset != {} ? SystemPoolCustomPreset : systemPoolPresets[SystemPoolType])))
 
-
 output userNodePoolName string = nodePoolName
 output systemNodePoolName string = JustUseSystemPool ? nodePoolName : 'npsystem'
 
@@ -1312,7 +1329,8 @@ var aksProperties = union({
 aksOutboundTrafficType == 'managedNATGateway' ? managedNATGatewayProfile : {},
 defenderForContainers && createLaw ? azureDefenderSecurityProfile : {},
 keyVaultKmsCreateAndPrereqs || !empty(keyVaultKmsByoKeyId) ? azureKeyVaultKms : {},
-!empty(managedNodeResourceGroup) ? {  nodeResourceGroup: managedNodeResourceGroup} : {}
+!empty(managedNodeResourceGroup) ? {  nodeResourceGroup: managedNodeResourceGroup} : {},
+!empty(serviceMeshProfile) ? { serviceMeshProfile: serviceMeshProfileObj } : {}
 )
 
 resource aks 'Microsoft.ContainerService/managedClusters@2023-03-02-preview' = {

cspell.json

@@ -71,6 +71,7 @@
         "ilbsub",
         "Inconsolata",
         "initializr",
+        "Istio",
         "jsondecode",
         "jsonencode",
         "Jumpboxes",

helper/src/components/addonsTab.js

@@ -505,10 +505,19 @@ export default function ({ tabValues, updateFn, featureFlag, invalidArray }) {
 
             <Stack.Item align="start">
                 <Label required={true}>
-                    Open Service Mesh : Enable Open Service Mesh on the AKS Cluster
-                    (<a target="_new" href="https://docs.microsoft.com/azure/aks/open-service-mesh-about">docs</a>)
+                    Service Mesh
+                    (<a target="_new" href="https://learn.microsoft.com/en-us/azure/aks/servicemesh-about">docs</a>)
                 </Label>
-                <Checkbox styles={{ root: { marginLeft: '50px' } }} inputProps={{ "data-testid": "addons-osm-Checkbox"}} checked={addons.openServiceMeshAddon} onChange={(ev, v) => updateFn("openServiceMeshAddon", v)} label="Install the Open Service Mesh AddOn" />
+                <Checkbox
+                  styles={{ root: { marginLeft: '50px' } }}
+                  inputProps={{ "data-testid": "addons-asm-Checkbox"}}
+                  checked={addons.serviceMeshProfile}
+                  onChange={(ev, v) => updateFn("serviceMeshProfile", v ? "Istio" : "")}
+                  label="Install the Istio Service Mesh AddOn (Preview)" />
+                {
+                    addons.serviceMeshProfile &&
+                    ( <PreviewDialog previewLink={"https://learn.microsoft.com/en-us/azure/aks/istio-deploy-addon"}/> )
+                }
             </Stack.Item>
 
             <Separator className="notopmargin" />

helper/src/components/deployTab.js

@@ -81,7 +81,7 @@ export default function DeployTab({ defaults, updateFn, tabValues, invalidArray,
         ...( addons.createAksMetricAlerts !== defaults.addons.createAksMetricAlerts && {createAksMetricAlerts: addons.createAksMetricAlerts })
        }),
     ...(addons.networkPolicy !== "none" && !net.ebpfDataplane && { networkPolicy: addons.networkPolicy }),
-    ...(defaults.addons.openServiceMeshAddon !== addons.openServiceMeshAddon && {openServiceMeshAddon: addons.openServiceMeshAddon }),
+    ...(defaults.addons.serviceMeshProfile !== addons.serviceMeshProfile && {serviceMeshProfile: addons.serviceMeshProfile }),
     ...(addons.azurepolicy !== "none" && { azurepolicy: addons.azurepolicy }),
     ...(addons.azurepolicy !== "none" && addons.azurePolicyInitiative !== defaults.addons.azurePolicyInitiative && { azurePolicyInitiative: addons.azurePolicyInitiative }),
     ...(net.networkPlugin !== defaults.net.networkPlugin && {networkPlugin: net.networkPlugin}),

helper/src/config.json

@@ -71,7 +71,7 @@
             "fluxGitOpsAddon": false,
             "networkPolicy": "none",
             "kedaAddon": false,
-            "openServiceMeshAddon": false,
+            "serviceMeshProfile": "",
             "blobCSIDriver": false,
             "fileCSIDriver": true,
             "diskCSIDriver": true,