Skip to main content
Version: 1.4.x

Enable use of deterministic names for Istio objects

Tetrate Service Bridge (TSB) uses Istio for the local control plane within each cluster. One side effect of this structure is that all configurations that you create for TSB by default go through some translation via TSB, before they are applied as Istio configurations.

One particularly visible area where this becomes apparent is in the names of Istio objects that are eventually created. For example, you can see this in the Istio Gateway objects in a cluster.

To see this, execute the following command to list the Istio Gateway objects:

kubectl get gateways -A

You should seen an output resembling the following:

NAMESPACE   NAME                                AGE
bookinfo    bookinfo-gateway-90b4735c349fce1c   7d5h
httpbin     httpbin-api-213752a8e443c3e9        2d7h

Notice the hashes at the end of each Istio object’s names (e.g 90b4735c349fce1c). These hashes are added by TSB to avoid naming collisions within the TSB ManagementPlane. The generated names are then used to create the Istio Gateway objects, resulting in the long names shown above.

This results in object names with non-deterministic names since the suffixes vary each time TSB generates them.

The fact that TSB does not Istio object names deterministically does not affect any of the TSB operations, but it does make the object names slightly harder to match. This may be simple to workaround for humans, if cumbersome.

On the other hand, this is a problem for some tooling that require naming patterns to be deterministic. For example, Argo Rollouts expects deterministic naming, and therefore has problems working with TSB otherwise.

Enabling USe of Deterministic Istio Object Names

Since version 1.3.0 the ability to create Istio object names in a deterministic manner has been added to TSB. To enable this feature, you will need to use overlays to configure the environment variable ENABLE_RESTORE_ORIGINAL_NAMES.

Before enabling this feature on a live TSB instance, please be aware that when you enable this feature on live TSB deployment, there will be some downtime. This is because new Istio objects (without the hash prefix) will need to be created to replace existing ones, and it requires some time before new objects are applied to the proxies.

Future Releases

Consistent Istio Object Naming is currently an Alpha feature, and is therefore not enabled by default. Future releases of TSB may change this and enable the feature by default for new installation.

Using kubectl, apply an overlay similar to the following example on the ControlPlane CRs. Please make sure you have read and understood the description of overlay samples, and how to apply them. This sample only shows the minimum amount of information to identify the changes. Depending on your environment you may need to modify your manifest accordingly.

Make sure that you have your environment configured such that kubectl is performing the operation against the cluster that you want to modify.

apiVersion: install.tetrate.io/v1alpha1
kind: ControlPlane
metadata:
  name: controlplane
  namespace: istio-system
spec:
  components:
    xcp:
      kubespec:
        overlays:
        - apiVersion: install.xcp.tetrate.io/v1alpha1
          kind: EdgeXcp
          name: edge-xcp
          patches:
          - path: spec.components.edgeServer.kubeSpec.overlays
            value:
            - apiVersion: apps/v1
              kind: Deployment
              name: edge
              patches:
              - path: spec.template.spec.containers.[name:edge].env[-1]
                value:
                  name: ENABLE_RESTORE_ORIGINAL_NAMES
                  value: "true"

After applying the above overlay, Istio objects in your clusters should now be generating names are deterministic, like the output below.

NAMESPACE   NAME               AGE
bookinfo    bookinfo-gateway   29s
httpbin     httpbin-api        29s