in pkg/inject/sidecar_builder.go [192:238]
func buildEnvoySidecar(vars EnvoyTemplateVariables, env map[string]string) (corev1.Container, error) {
envoy := corev1.Container{
Name: "envoy",
Image: fmt.Sprintf("%s:%s", vars.SidecarImageRepository, vars.SidecarImageTag),
SecurityContext: &corev1.SecurityContext{
RunAsUser: aws.Int64(1337),
},
Ports: []corev1.ContainerPort{
{
Name: "stats",
ContainerPort: vars.AdminAccessPort,
Protocol: "TCP",
},
},
Lifecycle: &corev1.Lifecycle{
PostStart: nil,
PreStop: &corev1.LifecycleHandler{
Exec: &corev1.ExecAction{Command: []string{
"sh", "-c", fmt.Sprintf("sleep %s", vars.PreStopDelay),
}},
},
},
}
if vars.WaitUntilProxyReady {
envoy.Lifecycle.PostStart = &corev1.LifecycleHandler{
Exec: &corev1.ExecAction{Command: []string{
// use bash regex and rematch to parse and check envoy version is >= 1.22.2.1
"sh", "-c", fmt.Sprintf("if [[ $(/usr/bin/envoy --version) =~ ([0-9]+)\\.([0-9]+)\\.([0-9]+)-appmesh\\.([0-9]+) && "+
"${BASH_REMATCH[1]} -ge 2 || (${BASH_REMATCH[1]} -ge 1 && ${BASH_REMATCH[2]} -gt 22) || (${BASH_REMATCH[1]} -ge 1 && "+
"${BASH_REMATCH[2]} -ge 22 && ${BASH_REMATCH[3]} -gt 2) || (${BASH_REMATCH[1]} -ge 1 && ${BASH_REMATCH[2]} -ge 22 && "+
"${BASH_REMATCH[3]} -ge 2 && ${BASH_REMATCH[4]} -gt 0) ]]; then APPNET_AGENT_POLL_ENVOY_READINESS_TIMEOUT_S=%d "+
"APPNET_AGENT_POLL_ENVOY_READINESS_INTERVAL_S=%d /usr/bin/agent -envoyReadiness; else echo 'WaitUntilProxyReady "+
"is not supported in Envoy version < 1.22.2.1'; fi", vars.PostStartTimeout, vars.PostStartInterval),
}},
}
}
vname := fmt.Sprintf("mesh/%s/virtualNode/%s", vars.MeshName, vars.VirtualGatewayOrNodeName)
if err := updateEnvMapForEnvoy(vars, env, vname); err != nil {
return envoy, err
}
envoy.Env = getEnvoyEnv(env)
return envoy, nil
}