bugfix: add fix for istio on multi-cloud playground#404
Open
alaye-ms wants to merge 1 commit into
Open
Conversation
Signed-off-by: Alexander Laye <alaye@microsoft.com>
alaye-ms
requested review from
WentingWu666666,
hossain-rayhan and
xgerman
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the multi-cloud playground Fleet/Istio setup to improve multi-cluster deployment reliability by upgrading Istio and adjusting how Fleet placements and admission webhooks behave on the hub cluster.
Changes:
- Upgrades the Istio tooling version used by the multi-cloud deployment script.
- Refactors Fleet placement so the namespace is placed independently (NamespaceOnly) and app resources are placed via a namespaced
ResourcePlacement. - Adds a hub webhook failurePolicy workaround to allow applying placement resources when the hub has no running webhook endpoints; updates base placement selectors to use labels.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
documentdb-playground/multi-cloud-deployment/documentdb-cluster.yaml |
Splits namespace placement (CRP) from application resource placement (RP) for Fleet. |
documentdb-playground/multi-cloud-deployment/documentdb-base.yaml |
Switches some Fleet selectors to label-based selection and updates CNPG CRD list. |
documentdb-playground/multi-cloud-deployment/deploy.sh |
Upgrades Istio version and adjusts istioctl installation flow. |
documentdb-playground/multi-cloud-deployment/deploy-documentdb.sh |
Adds hub validating webhook workaround and updates placement resource names. |
Comment on lines
160
to
165
| if kubectl --context "$HUB_CONTEXT" get documentdb documentdb-preview -n documentdb-preview-ns &>/dev/null 2>&1; then | ||
| EXISTING_RESOURCES="${EXISTING_RESOURCES}documentdb " | ||
| fi | ||
| if kubectl --context "$HUB_CONTEXT" get clusterresourceplacement documentdb-crp &>/dev/null 2>&1; then | ||
| if kubectl --context "$HUB_CONTEXT" get clusterresourceplacement documentdb-namespace-crp &>/dev/null 2>&1; then | ||
| EXISTING_RESOURCES="${EXISTING_RESOURCES}clusterresourceplacement " | ||
| fi |
Comment on lines
180
to
183
| echo "Deleting existing resources..." | ||
| kubectl --context "$HUB_CONTEXT" delete clusterresourceplacement documentdb-crp --ignore-not-found=true | ||
| kubectl --context "$HUB_CONTEXT" delete clusterresourceplacement documentdb-namespace-crp --ignore-not-found=true | ||
| kubectl --context "$HUB_CONTEXT" delete resourceplacement documentdb-resource-rp -n documentdb-preview-ns --ignore-not-found=true | ||
| kubectl --context "$HUB_CONTEXT" delete namespace documentdb-preview-ns --ignore-not-found=true |
Comment on lines
+127
to
+130
| if kubectl --context "$HUB_CONTEXT" get validatingwebhookconfiguration documentdb-validating-webhook &>/dev/null; then | ||
| WEBHOOK_ENDPOINTS=$(kubectl --context "$HUB_CONTEXT" get endpoints documentdb-webhook-service \ | ||
| -n documentdb-operator \ | ||
| -o jsonpath='{.subsets[*].addresses[*].ip}' 2>/dev/null || true) |
Comment on lines
+488
to
+492
| ISTIO_VERSION="1.30.1" | ||
| pushd "$temp_dir" | ||
| curl -L https://istio.io/downloadIstio | ISTIO_VERSION=$ISTIO_VERSION TARGET_ARCH=x86_64 sh - >/dev/null 2>&1 | ||
| popd | ||
| export PATH="$temp_dir/istio-$ISTIO_VERSION/bin:$PATH" |
|
🤖 Auto-triaged by documentdb-triage-tool. Applied: Reasoningcomponent from path globs (playground); effort from diff stats (81+31 LOC, 4 files); LLM: Fixes a broken istio configuration in the multi-cloud playground by upgrading the version and adding a webhook workaround for fleet. If a label is wrong, remove it manually and ping |
WentingWu666666
approved these changes
Jun 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Upgrade istio version on the multi-cloud playground, and also add a workaround for the webhook for fleet.