Workload Auto Registration

Workload Auto Registration represents a registry record of a workload onboarded into the mesh.

Workload Auto Registration captures essential information about the workload allowing Workload Onboarding Plane to generate boot configuration for the Istio Sidecar that will be started alongside this workload.

WorkloadAutoRegistration resource is not supposed to be edited by the users. Instead, it gets created automatically as part of the Workload Onboarding flow.

Users can introspect WorkloadAutoRegistration resources for the purposes of observability and troubleshooting of Workload Onboarding.

To leverage k8s resource garbage collection (i.e. cascade removal),

WorkloadAutoRegistration resource is owned by the WorkloadGroup resource the workload has joined to
WorkloadAutoRegistration resource owns the Istio WorkloadEntry resource that describes the workload to the Istio Control Plane.

WorkloadGroup
|
| (owns)
|
└── WorkloadAutoRegistration
    |
    | (owns)
    |
    └── WorkloadEntry

E.g.,

apiVersion: runtime.onboarding.tetrate.io/v1alpha1
kind: WorkloadAutoRegistration
metadata:
  namespace: bookinfo
  name: ratings-aws-aws-123456789012-ca-central-1b-ec2-i-1234567890abcdef0
  ownerReferences:
  - apiVersion: networking.istio.io/v1beta1
    blockOwnerDeletion: true
    controller: true
    kind: WorkloadGroup
    name: ratings
    uid: fb67dbad-b063-40e5-a958-098fbe7b40f4
spec:
  identity:
    aws:
      partition: aws
      account: '123456789012'
      region: ca-central-1
      zone: ca-central-1b
      ec2:
        instance_id: i-1234567890abcdef0
  registration:
    agent:
      version: '1.4.0'
    sidecar:
      istio:
        version: '1.8.5-abcd'
    host:
      addresses:
      - ip: 10.0.0.1
        type: VPC
      - ip: 1.2.3.4
        type: INTERNET
    workload:
      labels:
        cloud: aws
        class: ec2
        version: v3
    settings:
      connectedOver: INTERNET
status:
  activeAgentConnection:
    connectedTo: onboarding-plane-745bf76677-974tq
  conditions:
  - type: AgentConnected
    status: True
    reason: ConnectionEstablished
    lastTransitionTime: "2020-12-02T18:26:08Z"

AgentConnection

AgentConnection specifies information about the persistent connection between the Workload Onboarding Agent and a Workload Onboarding Plane instance.

Field	Description	Validation Rule
connectedTo	string REQUIRED Identifier of the `Workload Onboarding Plane` instance the `Agent` is connected to.	string = { min_len: `1` }

WorkloadAutoRegistrationSpec

WorkloadAutoRegistrationSpec is the specification of the workload’s registration within the mesh.

Field	Description	Validation Rule
identity	tetrateio.api.onboarding.config.types.identity.v1alpha1.WorkloadIdentity REQUIRED Platform-specific identity of the workload.	message = { required: `true` }
registration	tetrateio.api.onboarding.config.types.registration.v1alpha1.Registration REQUIRED Workload registration information.	message = { required: `true` }

WorkloadAutoRegistrationStatus

WorkloadAutoRegistrationStatus represents the current status of the workload’s registration within the mesh.

Field	Description	Validation Rule
observedGeneration	int64 The most recent generation observed by the `WorkloadAutoRegistration` controller.	–
conditions	List of tetrateio.api.onboarding.config.types.core.v1alpha1.Condition Currently observed conditions.	repeated = { items: `{message:{required:true}}` }
activeAgentConnection	tetrateio.api.onboarding.config.runtime.v1alpha1.AgentConnection Information about the active persistent connection between the `Workload Onboarding Agent` and a `Workload Onboarding Plane` instance.	–