diff --git a/stable/appmesh-controller/Chart.yaml b/stable/appmesh-controller/Chart.yaml index 15219d1a8..ce98cc5e8 100644 --- a/stable/appmesh-controller/Chart.yaml +++ b/stable/appmesh-controller/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: appmesh-controller description: App Mesh controller Helm chart for Kubernetes -version: 1.12.5 -appVersion: 1.12.5 +version: 1.12.7 +appVersion: 1.12.7 home: https://github.com/aws/eks-charts icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/stable/appmesh-controller/README.md b/stable/appmesh-controller/README.md index 6123871f9..c3044e944 100644 --- a/stable/appmesh-controller/README.md +++ b/stable/appmesh-controller/README.md @@ -90,6 +90,25 @@ helm upgrade -i appmesh-controller eks/appmesh-controller \ The [configuration](#configuration) section lists the parameters that can be configured during installation. +**Note** +If you want to start the controller in the EKS private cluster, enable the app mesh and service discovery VPC endpoints to the linked private subnet first. Also accountId is a required field now as `--set accountId=$AWS_ACCOUNT_ID`. +If you want to enable X-ray tracing in private cluster, enable the X-ray VPC endpoint. Also, ECR VPC endpoint [does not support public repository](https://docs.aws.amazon.com/AmazonECR/latest/userguide/vpc-endpoints.html). Controller uses `public.ecr.aws/xray/aws-xray-daemon:latest` by default, so you need to pull this image to local and [push it into your personal ECR repository](https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-push-ecr-image.html). Set it when deploying the controller like: +``` +helm upgrade -i appmesh-controller eks/appmesh-controller \ + --namespace appmesh-system \ + --set region=$AWS_REGION \ + --set serviceAccount.create=false \ + --set serviceAccount.name=appmesh-controller \ + --set accountId=$AWS_ACCOUNT_ID \ + --set log.level=debug \ + --set tracing.enabled=true \ + --set tracing.provider=x-ray \ + --set xray.image.repository={your-account-id}.dkr.ecr.{your-region}.amazonaws.com/{your-repository} \ + --set xray.image.tag={your-xray-daemon-image-tag} +``` +Verify if the X-ray daemon being injected successfully when binding application deployment with virtual node/gateway. +More troubleshooting please see: https://docs.aws.amazon.com/eks/latest/userguide/private-clusters.html + **Note** Make sure that the Envoy proxies have the following IAM policies attached for the Envoy to authenticate with AWS App Mesh and fetch it's configuration - https://raw.githubusercontent.com/aws/aws-app-mesh-controller-for-k8s/master/config/iam/envoy-iam-policy.json diff --git a/stable/appmesh-controller/ci/values.yaml b/stable/appmesh-controller/ci/values.yaml index d0c49e6bd..bc6dfb8f4 100644 --- a/stable/appmesh-controller/ci/values.yaml +++ b/stable/appmesh-controller/ci/values.yaml @@ -5,5 +5,5 @@ accountId: 123456789 region: us-west-2 image: repository: public.ecr.aws/appmesh/appmesh-controller - tag: v1.12.5 + tag: v1.12.7 pullPolicy: IfNotPresent diff --git a/stable/appmesh-controller/crds/crds.yaml b/stable/appmesh-controller/crds/crds.yaml index b169180c3..90537e320 100644 --- a/stable/appmesh-controller/crds/crds.yaml +++ b/stable/appmesh-controller/crds/crds.yaml @@ -3914,7 +3914,6 @@ spec: type: object required: - action - - match type: object required: - name diff --git a/stable/appmesh-controller/test.yaml b/stable/appmesh-controller/test.yaml index 071cd8f0d..40a7c30c7 100644 --- a/stable/appmesh-controller/test.yaml +++ b/stable/appmesh-controller/test.yaml @@ -12,7 +12,7 @@ useAwsFIPSEndpoint: false image: repository: 840364872350.dkr.ecr.us-west-2.amazonaws.com/amazon/appmesh-controller - tag: v1.12.5 + tag: v1.12.7 pullPolicy: IfNotPresent sidecar: diff --git a/stable/appmesh-controller/values.yaml b/stable/appmesh-controller/values.yaml index 2e1c74645..f28e8c2ac 100644 --- a/stable/appmesh-controller/values.yaml +++ b/stable/appmesh-controller/values.yaml @@ -13,7 +13,7 @@ useAwsFIPSEndpoint: false image: repository: 840364872350.dkr.ecr.us-west-2.amazonaws.com/amazon/appmesh-controller - tag: v1.12.5 + tag: v1.12.7 pullPolicy: IfNotPresent sidecar: