diff --git a/dev-infrastructure/scripts/istio.sh b/dev-infrastructure/scripts/istio.sh index 5c445a8a7..9b7f9c7ee 100755 --- a/dev-infrastructure/scripts/istio.sh +++ b/dev-infrastructure/scripts/istio.sh @@ -58,15 +58,6 @@ echo "========================================================================== # ISTIO_NAMESPACE="aks-istio-system" -CURRENT_TAG_REVISION=$(istioctl tag list --istioNamespace "${ISTIO_NAMESPACE}" -o json | jq --arg tag "${TAG}" '.[] | select(.tag == $tag).revision' -r) -CURRENT_VERSION=$(kubectl get pods -n aks-istio-system -o jsonpath="{.items[0].metadata.name}" | grep -oP '(?<=istiod-)[^-]+-[^-]+-[^-]+') -echo "********** Ensure tag ${TAG} exists **************" -if [ -z "$CURRENT_TAG_REVISION" ]; then - echo "Tag ${TAG} does not exist yet. Creating it with version ${CURRENT_VERSION}" - istioctl tag set "${TAG}" --revision "${CURRENT_VERSION}" --istioNamespace "${ISTIO_NAMESPACE}" -else - echo "Tag ${TAG} already exists and refers to version ${CURRENT_TAG_REVISION}" -fi echo "********** ISTIO Upgrade **************" # Followed this guide for istio upgrade https://learn.microsoft.com/en-us/azure/aks/istio-upgrade @@ -82,13 +73,41 @@ echo "********** Istio Upgrade Started with version ${NEWVERSION} ************** istioctl tag set "$TAG" --revision "${NEWVERSION}" --istioNamespace ${ISTIO_NAMESPACE} --overwrite #Get the namespaces with the label istio.io/rev=$TAG -for namespace in $( kubectl get namespaces --selector=istio.io/rev="$TAG" -o jsonpath='{.items[*].metadata.name}' ); do - for pod in $( kubectl get pods -n "$namespace" -o jsonpath='{.items[*].metadata.name}' ); do - istio_version=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.annotations.sidecar\.istio\.io/status}' | grep -oP '(?<="revision":")[^"]*') - if [[ "$istio_version" != "$NEWVERSION" ]]; then - owner_kind=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].kind}') - owner_name=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].name}') - +# for namespace in $( kubectl get namespaces --selector=istio.io/rev="$TAG" -o jsonpath='{.items[*].metadata.name}' ); do +# for pod in $( kubectl get pods -n "$namespace" -o jsonpath='{.items[*].metadata.name}' ); do +# istio_version=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.annotations.sidecar\.istio\.io/status}' | grep -oP '(?<="revision":")[^"]*') +# if [[ "$istio_version" != "$NEWVERSION" ]]; then +# owner_kind=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].kind}') +# owner_name=$(kubectl get pod "$pod" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].name}') + +# case "$owner_kind" in +# "ReplicaSet") +# deployment=$(kubectl get replicaset "$owner_name" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].name}') +# if [[ -n "$deployment" ]]; then +# kubectl rollout restart deployment "$deployment" -n "$namespace" +# continue 2 +# else +# kubectl delete pod "$pod" -n "$namespace" +# fi +# ;; +# "StatefulSet") +# deployment=$(kubectl get replicaset "$owner_name" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].name}') +# kubectl rollout restart deployment "$deployment" -n "$namespace" +# continue 2 +# ;; +# *) +# # Don't do anything for (Cron)Job, or no owner pod for now. +# ;; +# esac + +# fi +# done +# done +for namespace in $(kubectl get namespaces --selector=istio.io/rev="$TAG" -o jsonpath='{.items[*].metadata.name}'); do + pods="$(kubectl get pods --namespace "${namespace}" -o json)" + for pod in $(jq <<<"${pods}" --raw-output --arg NEWVERSION "${NEWVERSION}" '.items[] | select(.metadata.annotations["sidecar.istio.io/status"] | fromjson.revision != $NEWVERSION) | .metadata.name'); do + owner_kind=$(jq <<<"${pods}" --raw-output --arg NAME "${pod}" '.items[] | select(.metadata.name == $NAME) | .metadata.ownerReferences[0].kind') + owner_name=$(jq <<<"${pods}" --raw-output --arg NAME "${pod}" '.items[] | select(.metadata.name == $NAME) | .metadata.ownerReferences[0].name') case "$owner_kind" in "ReplicaSet") deployment=$(kubectl get replicaset "$owner_name" -n "$namespace" -o jsonpath='{.metadata.ownerReferences[0].name}') @@ -108,10 +127,8 @@ for namespace in $( kubectl get namespaces --selector=istio.io/rev="$TAG" -o jso # Don't do anything for (Cron)Job, or no owner pod for now. ;; esac - - fi + # etc done done - echo "********** ISTIO Upgrade Finished**************"