mirror of https://github.com/linkerd/linkerd2.git
Add a flag to install-cni command to configure iptables wait flag (#3066)
Signed-off-by: Charles Pretzer <charles@buoyant.io>
This commit is contained in:
cpretzer
GitHub
parent
a213343978
commit
4e92064f3b
|
|
@ -9,7 +9,7 @@ RUN (proxy=$(bin/fetch-proxy $(cat proxy-version)) && \
|
|||
mv "$proxy" linkerd2-proxy)
|
||||
|
||||
## compile proxy-identity agent
|
||||
FROM gcr.io/linkerd-io/go-deps:813c9be3 as golang
|
||||
FROM gcr.io/linkerd-io/go-deps:c7fb42bd as golang
|
||||
WORKDIR /linkerd-build
|
||||
COPY pkg/flags pkg/flags
|
||||
COPY pkg/tls pkg/tls
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
## compile binaries
|
||||
FROM gcr.io/linkerd-io/go-deps:813c9be3 as golang
|
||||
FROM gcr.io/linkerd-io/go-deps:c7fb42bd as golang
|
||||
WORKDIR /linkerd-build
|
||||
COPY cli cli
|
||||
COPY charts charts
|
||||
|
|
|
|||
|
|
@ -175,6 +175,7 @@ func configureAndRunChecks(wout io.Writer, werr io.Writer, stage string, options
|
|||
APIAddr: apiAddr,
|
||||
VersionOverride: options.versionOverride,
|
||||
RetryDeadline: time.Now().Add(options.wait),
|
||||
NoInitContainer: options.cniEnabled,
|
||||
})
|
||||
|
||||
success := runChecks(wout, werr, hc, options.output)
|
||||
|
|
|
|||
|
|
@ -16,18 +16,20 @@ import (
|
|||
)
|
||||
|
||||
type installCNIPluginConfig struct {
|
||||
Namespace string
|
||||
CNIPluginImage string
|
||||
LogLevel string
|
||||
InboundPort uint
|
||||
OutboundPort uint
|
||||
IgnoreInboundPorts string
|
||||
IgnoreOutboundPorts string
|
||||
ProxyUID int64
|
||||
DestCNINetDir string
|
||||
DestCNIBinDir string
|
||||
CreatedByAnnotation string
|
||||
CliVersion string
|
||||
Namespace string
|
||||
ControllerNamespaceLabel string
|
||||
CNIPluginImage string
|
||||
LogLevel string
|
||||
InboundPort uint
|
||||
OutboundPort uint
|
||||
IgnoreInboundPorts string
|
||||
IgnoreOutboundPorts string
|
||||
ProxyUID int64
|
||||
DestCNINetDir string
|
||||
DestCNIBinDir string
|
||||
CreatedByAnnotation string
|
||||
CliVersion string
|
||||
UseWaitFlag bool
|
||||
}
|
||||
|
||||
type cniPluginOptions struct {
|
||||
|
|
@ -44,6 +46,7 @@ type cniPluginOptions struct {
|
|||
logLevel string
|
||||
destCNINetDir string
|
||||
destCNIBinDir string
|
||||
useWaitFlag bool
|
||||
}
|
||||
|
||||
func newCNIPluginOptions() *cniPluginOptions {
|
||||
|
|
@ -61,6 +64,7 @@ func newCNIPluginOptions() *cniPluginOptions {
|
|||
logLevel: "info",
|
||||
destCNINetDir: "/etc/cni/net.d",
|
||||
destCNIBinDir: "/opt/cni/bin",
|
||||
useWaitFlag: false,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -116,10 +120,15 @@ assumes that the 'linkerd install' command will be executed with the
|
|||
cmd.PersistentFlags().UintVar(&options.proxyAdminPort, "admin-port", options.proxyAdminPort, "Proxy port to serve metrics on")
|
||||
cmd.PersistentFlags().UintSliceVar(&options.ignoreInboundPorts, "skip-inbound-ports", options.ignoreInboundPorts, "Ports that should skip the proxy and send directly to the application")
|
||||
cmd.PersistentFlags().UintSliceVar(&options.ignoreOutboundPorts, "skip-outbound-ports", options.ignoreOutboundPorts, "Outbound ports that should skip the proxy")
|
||||
cmd.PersistentFlags().StringVar(&options.cniPluginImage, "cni-image", options.cniPluginImage, "Image for the cni-plugin.")
|
||||
cmd.PersistentFlags().StringVar(&options.logLevel, "cni-log-level", options.logLevel, "Log level for the cni-plugin.")
|
||||
cmd.PersistentFlags().StringVar(&options.destCNINetDir, "dest-cni-net-dir", options.destCNINetDir, "Directory on the host where the CNI configuration will be placed.")
|
||||
cmd.PersistentFlags().StringVar(&options.destCNIBinDir, "dest-cni-bin-dir", options.destCNIBinDir, "Directory on the host where the CNI plugin binaries reside.")
|
||||
cmd.PersistentFlags().StringVar(&options.cniPluginImage, "cni-image", options.cniPluginImage, "Image for the cni-plugin")
|
||||
cmd.PersistentFlags().StringVar(&options.logLevel, "cni-log-level", options.logLevel, "Log level for the cni-plugin")
|
||||
cmd.PersistentFlags().StringVar(&options.destCNINetDir, "dest-cni-net-dir", options.destCNINetDir, "Directory on the host where the CNI configuration will be placed")
|
||||
cmd.PersistentFlags().StringVar(&options.destCNIBinDir, "dest-cni-bin-dir", options.destCNIBinDir, "Directory on the host where the CNI plugin binaries reside")
|
||||
cmd.PersistentFlags().BoolVar(
|
||||
&options.useWaitFlag,
|
||||
"use-wait-flag",
|
||||
options.useWaitFlag,
|
||||
"Configures the CNI plugin to use the \"-w\" flag for the iptables command. (default false)")
|
||||
|
||||
return cmd
|
||||
}
|
||||
|
|
@ -142,18 +151,20 @@ func validateAndBuildCNIConfig(options *cniPluginOptions) (*installCNIPluginConf
|
|||
}
|
||||
|
||||
return &installCNIPluginConfig{
|
||||
Namespace: controlPlaneNamespace,
|
||||
CNIPluginImage: options.taggedCNIPluginImage(),
|
||||
LogLevel: options.logLevel,
|
||||
InboundPort: options.inboundPort,
|
||||
OutboundPort: options.outboundPort,
|
||||
IgnoreInboundPorts: strings.Join(ignoreInboundPorts, ","),
|
||||
IgnoreOutboundPorts: strings.Join(ignoreOutboundPorts, ","),
|
||||
ProxyUID: options.proxyUID,
|
||||
DestCNINetDir: options.destCNINetDir,
|
||||
DestCNIBinDir: options.destCNIBinDir,
|
||||
CreatedByAnnotation: k8s.CreatedByAnnotation,
|
||||
CliVersion: k8s.CreatedByAnnotationValue(),
|
||||
Namespace: controlPlaneNamespace,
|
||||
ControllerNamespaceLabel: k8s.ControllerNSLabel,
|
||||
CNIPluginImage: options.taggedCNIPluginImage(),
|
||||
LogLevel: options.logLevel,
|
||||
InboundPort: options.inboundPort,
|
||||
OutboundPort: options.outboundPort,
|
||||
IgnoreInboundPorts: strings.Join(ignoreInboundPorts, ","),
|
||||
IgnoreOutboundPorts: strings.Join(ignoreOutboundPorts, ","),
|
||||
ProxyUID: options.proxyUID,
|
||||
DestCNINetDir: options.destCNINetDir,
|
||||
DestCNIBinDir: options.destCNIBinDir,
|
||||
CreatedByAnnotation: k8s.CreatedByAnnotation,
|
||||
CliVersion: k8s.CreatedByAnnotationValue(),
|
||||
UseWaitFlag: options.useWaitFlag,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -250,7 +250,7 @@ resources for the Linkerd control plane. This command should be followed by
|
|||
# Install Linkerd into a non-default namespace.
|
||||
linkerd install config -l linkerdtest | kubectl apply -f -`,
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
if err := errIfGlobalResourcesExist(); err != nil && !options.ignoreCluster {
|
||||
if err := errIfGlobalResourcesExist(options); err != nil && !options.ignoreCluster {
|
||||
fmt.Fprintf(os.Stderr, errMsgGlobalResourcesExist, err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
|
@ -287,7 +287,7 @@ control plane. It should be run after "linkerd install config".`,
|
|||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
// check if global resources exist to determine if the `install config`
|
||||
// stage succeeded
|
||||
if err := errIfGlobalResourcesExist(); err == nil && !options.skipChecks {
|
||||
if err := errIfGlobalResourcesExist(options); err == nil && !options.skipChecks {
|
||||
fmt.Fprintf(os.Stderr, errMsgGlobalResourcesMissing, controlPlaneNamespace)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
|
@ -342,7 +342,7 @@ control plane.`,
|
|||
# Installation may also be broken up into two stages by user privilege, via
|
||||
# subcommands.`,
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
if err := errIfGlobalResourcesExist(); err != nil && !options.ignoreCluster {
|
||||
if err := errIfGlobalResourcesExist(options); err != nil && !options.ignoreCluster {
|
||||
fmt.Fprintf(os.Stderr, errMsgGlobalResourcesExist, err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
|
@ -931,7 +931,7 @@ func (options *installOptions) proxyConfig() *pb.Proxy {
|
|||
}
|
||||
}
|
||||
|
||||
func errIfGlobalResourcesExist() error {
|
||||
func errIfGlobalResourcesExist(options *installOptions) error {
|
||||
checks := []healthcheck.CategoryID{
|
||||
healthcheck.KubernetesAPIChecks,
|
||||
healthcheck.LinkerdPreInstallGlobalResourcesChecks,
|
||||
|
|
@ -941,6 +941,7 @@ func errIfGlobalResourcesExist() error {
|
|||
ControlPlaneNamespace: controlPlaneNamespace,
|
||||
KubeConfig: kubeconfigPath,
|
||||
Impersonate: impersonate,
|
||||
NoInitContainer: options.noInitContainer,
|
||||
})
|
||||
|
||||
errMsgs := []string{}
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -275,7 +275,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -297,7 +297,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -460,7 +460,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -623,7 +623,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -151,7 +151,7 @@ spec:
|
|||
- 4190,9998,7777,8888
|
||||
- --outbound-ports-to-ignore
|
||||
- "9999"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -297,7 +297,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -140,7 +140,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -135,7 +135,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -135,7 +135,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,1234
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ items:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -293,7 +293,7 @@ items:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ items:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -293,7 +293,7 @@ items:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -301,7 +301,7 @@ spec:
|
|||
- "2102"
|
||||
- --inbound-ports-to-ignore
|
||||
- 4190,4191
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ apiVersion: policy/v1beta1
|
|||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: linkerd-linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
spec:
|
||||
allowPrivilegeEscalation: false
|
||||
fsGroup:
|
||||
|
|
@ -28,12 +31,18 @@ kind: ServiceAccount
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: linkerd
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: linkerd
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: ['extensions', 'policy']
|
||||
resources: ['podsecuritypolicies']
|
||||
|
|
@ -46,6 +55,9 @@ kind: RoleBinding
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: linkerd
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
|
|
@ -61,6 +73,9 @@ kind: ClusterRole
|
|||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods", "nodes", "namespaces"]
|
||||
|
|
@ -70,6 +85,9 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
|||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
|
|
@ -85,6 +103,9 @@ apiVersion: v1
|
|||
metadata:
|
||||
name: linkerd-cni-config
|
||||
namespace: linkerd
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
data:
|
||||
incoming_proxy_port: "4143"
|
||||
outgoing_proxy_port: "4140"
|
||||
|
|
@ -95,6 +116,7 @@ data:
|
|||
log_level: "info"
|
||||
dest_cni_net_dir: "/etc/cni/net.d"
|
||||
dest_cni_bin_dir: "/opt/cni/bin"
|
||||
use_wait_flag: "false"
|
||||
# The CNI network configuration to install on each node. The special
|
||||
# values in this config will be automatically populated.
|
||||
cni_network_config: |-
|
||||
|
|
@ -117,7 +139,8 @@ data:
|
|||
"ports-to-redirect": [__PORTS_TO_REDIRECT__],
|
||||
"inbound-ports-to-ignore": [__INBOUND_PORTS_TO_IGNORE__],
|
||||
"outbound-ports-to-ignore": [__OUTBOUND_PORTS_TO_IGNORE__],
|
||||
"simulate": __SIMULATE__
|
||||
"simulate": __SIMULATE__,
|
||||
"use-wait-flag": __USE_WAIT_FLAG__
|
||||
}
|
||||
}
|
||||
---
|
||||
|
|
@ -130,6 +153,8 @@ metadata:
|
|||
namespace: linkerd
|
||||
labels:
|
||||
k8s-app: linkerd-cni
|
||||
linkerd.io/control-plane-ns: linkerd
|
||||
linkerd.io/cni-resource: "true"
|
||||
annotations:
|
||||
linkerd.io/created-by: linkerd/cli dev-undefined
|
||||
spec:
|
||||
|
|
@ -202,6 +227,8 @@ spec:
|
|||
key: log_level
|
||||
- name: SLEEP
|
||||
value: "true"
|
||||
- name: USE_WAIT_FLAG
|
||||
value: "false"
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ apiVersion: policy/v1beta1
|
|||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: linkerd-other-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
spec:
|
||||
allowPrivilegeEscalation: false
|
||||
fsGroup:
|
||||
|
|
@ -28,12 +31,18 @@ kind: ServiceAccount
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: ['extensions', 'policy']
|
||||
resources: ['podsecuritypolicies']
|
||||
|
|
@ -46,6 +55,9 @@ kind: RoleBinding
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
|
|
@ -61,6 +73,9 @@ kind: ClusterRole
|
|||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods", "nodes", "namespaces"]
|
||||
|
|
@ -70,6 +85,9 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
|||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
|
|
@ -85,6 +103,9 @@ apiVersion: v1
|
|||
metadata:
|
||||
name: linkerd-cni-config
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
data:
|
||||
incoming_proxy_port: "5143"
|
||||
outgoing_proxy_port: "5140"
|
||||
|
|
@ -95,6 +116,7 @@ data:
|
|||
log_level: "debug"
|
||||
dest_cni_net_dir: "/etc/kubernetes/cni/net.d"
|
||||
dest_cni_bin_dir: "/opt/my-cni/bin"
|
||||
use_wait_flag: "false"
|
||||
# The CNI network configuration to install on each node. The special
|
||||
# values in this config will be automatically populated.
|
||||
cni_network_config: |-
|
||||
|
|
@ -117,7 +139,8 @@ data:
|
|||
"ports-to-redirect": [__PORTS_TO_REDIRECT__],
|
||||
"inbound-ports-to-ignore": [__INBOUND_PORTS_TO_IGNORE__],
|
||||
"outbound-ports-to-ignore": [__OUTBOUND_PORTS_TO_IGNORE__],
|
||||
"simulate": __SIMULATE__
|
||||
"simulate": __SIMULATE__,
|
||||
"use-wait-flag": __USE_WAIT_FLAG__
|
||||
}
|
||||
}
|
||||
---
|
||||
|
|
@ -130,6 +153,8 @@ metadata:
|
|||
namespace: other
|
||||
labels:
|
||||
k8s-app: linkerd-cni
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
annotations:
|
||||
linkerd.io/created-by: linkerd/cli dev-undefined
|
||||
spec:
|
||||
|
|
@ -202,6 +227,8 @@ spec:
|
|||
key: log_level
|
||||
- name: SLEEP
|
||||
value: "true"
|
||||
- name: USE_WAIT_FLAG
|
||||
value: "false"
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ apiVersion: policy/v1beta1
|
|||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: linkerd-other-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
spec:
|
||||
allowPrivilegeEscalation: false
|
||||
fsGroup:
|
||||
|
|
@ -28,12 +31,18 @@ kind: ServiceAccount
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: ['extensions', 'policy']
|
||||
resources: ['podsecuritypolicies']
|
||||
|
|
@ -46,6 +55,9 @@ kind: RoleBinding
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
|
|
@ -61,6 +73,9 @@ kind: ClusterRole
|
|||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods", "nodes", "namespaces"]
|
||||
|
|
@ -70,6 +85,9 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
|||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
|
|
@ -85,6 +103,9 @@ apiVersion: v1
|
|||
metadata:
|
||||
name: linkerd-cni-config
|
||||
namespace: other
|
||||
labels:
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
data:
|
||||
incoming_proxy_port: "5143"
|
||||
outgoing_proxy_port: "5140"
|
||||
|
|
@ -95,6 +116,7 @@ data:
|
|||
log_level: "debug"
|
||||
dest_cni_net_dir: "/etc/kubernetes/cni/net.d"
|
||||
dest_cni_bin_dir: "/etc/kubernetes/cni/net.d"
|
||||
use_wait_flag: "false"
|
||||
# The CNI network configuration to install on each node. The special
|
||||
# values in this config will be automatically populated.
|
||||
cni_network_config: |-
|
||||
|
|
@ -117,7 +139,8 @@ data:
|
|||
"ports-to-redirect": [__PORTS_TO_REDIRECT__],
|
||||
"inbound-ports-to-ignore": [__INBOUND_PORTS_TO_IGNORE__],
|
||||
"outbound-ports-to-ignore": [__OUTBOUND_PORTS_TO_IGNORE__],
|
||||
"simulate": __SIMULATE__
|
||||
"simulate": __SIMULATE__,
|
||||
"use-wait-flag": __USE_WAIT_FLAG__
|
||||
}
|
||||
}
|
||||
---
|
||||
|
|
@ -130,6 +153,8 @@ metadata:
|
|||
namespace: other
|
||||
labels:
|
||||
k8s-app: linkerd-cni
|
||||
linkerd.io/control-plane-ns: other
|
||||
linkerd.io/cni-resource: "true"
|
||||
annotations:
|
||||
linkerd.io/created-by: linkerd/cli dev-undefined
|
||||
spec:
|
||||
|
|
@ -202,6 +227,8 @@ spec:
|
|||
key: log_level
|
||||
- name: SLEEP
|
||||
value: "true"
|
||||
- name: USE_WAIT_FLAG
|
||||
value: "false"
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIBATAKBggqhkjOPQQDAjAYMRYwFAYDVQQDEw1jbHVzdGVy\nLmxvY2FsMB4XDTE5MDMwMzAxNTk1MloXDTI5MDIyODAyMDM1MlowGDEWMBQGA1UE\nAxMNY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAChpAt0\nxtgO9qbVtEtDK80N6iCL2Htyf2kIv2m5QkJ1y0TFQi5hTVe3wtspJ8YpZF0pl364\n6TiYeXB8tOOhIACjQjBAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBE\nAiBQ/AAwF8kG8VOmRSUTPakSSa/N4mqK2HsZuhQXCmiZHwIgZEzI5DCkpU7w3SIv\nOLO4Zsk1XrGZHGsmyiEyvYF9lpY=\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[]}
|
||||
---
|
||||
|
|
@ -211,7 +211,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -472,7 +472,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -725,7 +725,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1048,7 +1048,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1317,7 +1317,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1515,7 +1515,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1743,7 +1743,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1957,7 +1957,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -694,7 +694,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIBATAKBggqhkjOPQQDAjAYMRYwFAYDVQQDEw1jbHVzdGVy\nLmxvY2FsMB4XDTE5MDMwMzAxNTk1MloXDTI5MDIyODAyMDM1MlowGDEWMBQGA1UE\nAxMNY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAChpAt0\nxtgO9qbVtEtDK80N6iCL2Htyf2kIv2m5QkJ1y0TFQi5hTVe3wtspJ8YpZF0pl364\n6TiYeXB8tOOhIACjQjBAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBE\nAiBQ/AAwF8kG8VOmRSUTPakSSa/N4mqK2HsZuhQXCmiZHwIgZEzI5DCkpU7w3SIv\nOLO4Zsk1XrGZHGsmyiEyvYF9lpY=\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[]}
|
||||
---
|
||||
|
|
@ -892,7 +892,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1153,7 +1153,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1406,7 +1406,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1729,7 +1729,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1998,7 +1998,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2196,7 +2196,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2424,7 +2424,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2638,7 +2638,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -694,7 +694,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIBATAKBggqhkjOPQQDAjAYMRYwFAYDVQQDEw1jbHVzdGVy\nLmxvY2FsMB4XDTE5MDMwMzAxNTk1MloXDTI5MDIyODAyMDM1MlowGDEWMBQGA1UE\nAxMNY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAChpAt0\nxtgO9qbVtEtDK80N6iCL2Htyf2kIv2m5QkJ1y0TFQi5hTVe3wtspJ8YpZF0pl364\n6TiYeXB8tOOhIACjQjBAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBE\nAiBQ/AAwF8kG8VOmRSUTPakSSa/N4mqK2HsZuhQXCmiZHwIgZEzI5DCkpU7w3SIv\nOLO4Zsk1XrGZHGsmyiEyvYF9lpY=\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"100m","requestMemory":"20Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"100m","requestMemory":"20Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[{"name":"ha","value":"true"}]}
|
||||
---
|
||||
|
|
@ -924,7 +924,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1223,7 +1223,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1494,7 +1494,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1829,7 +1829,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2110,7 +2110,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2340,7 +2340,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2600,7 +2600,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2846,7 +2846,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -694,7 +694,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIBATAKBggqhkjOPQQDAjAYMRYwFAYDVQQDEw1jbHVzdGVy\nLmxvY2FsMB4XDTE5MDMwMzAxNTk1MloXDTI5MDIyODAyMDM1MlowGDEWMBQGA1UE\nAxMNY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAChpAt0\nxtgO9qbVtEtDK80N6iCL2Htyf2kIv2m5QkJ1y0TFQi5hTVe3wtspJ8YpZF0pl364\n6TiYeXB8tOOhIACjQjBAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBE\nAiBQ/AAwF8kG8VOmRSUTPakSSa/N4mqK2HsZuhQXCmiZHwIgZEzI5DCkpU7w3SIv\nOLO4Zsk1XrGZHGsmyiEyvYF9lpY=\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"400m","requestMemory":"300Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"400m","requestMemory":"300Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[{"name":"ha","value":"true"},{"name":"controller-replicas","value":"2"},{"name":"proxy-cpu-request","value":"400m"},{"name":"proxy-memory-request","value":"300Mi"}]}
|
||||
---
|
||||
|
|
@ -924,7 +924,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1223,7 +1223,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1494,7 +1494,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1829,7 +1829,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2110,7 +2110,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2340,7 +2340,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2600,7 +2600,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2846,7 +2846,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -691,7 +691,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":true,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBYDCCAQegAwIBAgIBATAKBggqhkjOPQQDAjAYMRYwFAYDVQQDEw1jbHVzdGVy\nLmxvY2FsMB4XDTE5MDMwMzAxNTk1MloXDTI5MDIyODAyMDM1MlowGDEWMBQGA1UE\nAxMNY2x1c3Rlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAChpAt0\nxtgO9qbVtEtDK80N6iCL2Htyf2kIv2m5QkJ1y0TFQi5hTVe3wtspJ8YpZF0pl364\n6TiYeXB8tOOhIACjQjBAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF\nBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAgNHADBE\nAiBQ/AAwF8kG8VOmRSUTPakSSa/N4mqK2HsZuhQXCmiZHwIgZEzI5DCkpU7w3SIv\nOLO4Zsk1XrGZHGsmyiEyvYF9lpY=\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[{"name":"linkerd-cni-enabled","value":"true"}]}
|
||||
---
|
||||
|
|
|
|||
|
|
@ -694,7 +694,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"UPGRADE-CONTROL-PLANE-VERSION","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBgzCCASmgAwIBAgIBATAKBggqhkjOPQQDAjApMScwJQYDVQQDEx5pZGVudGl0\neS5saW5rZXJkLmNsdXN0ZXIubG9jYWwwHhcNMTkwNDA0MjM1MzM3WhcNMjAwNDAz\nMjM1MzU3WjApMScwJQYDVQQDEx5pZGVudGl0eS5saW5rZXJkLmNsdXN0ZXIubG9j\nYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT+Sb5X4wi4XP0X3rJwMp23VBdg\nEMMU8EU+KG8UI2LmC5Vjg5RWLOW6BJjBmjXViKM+b+1/oKAeOg6FrJk8qyFlo0Iw\nQDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKUFG3sYOS++bakW\nYmJZU45iCdTLtaelMDSFiHoC9eBKAiBDWzzo+/CYLLmn33bAEn8pQnogP4Fx06aj\n+U9K4WlbzA==\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"UPGRADE-PROXY-VERSION","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"UPGRADE-PROXY-VERSION","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"57af298c-58b0-43fc-8d88-3c338789bfbc","cliVersion":"dev-undefined","flags":[]}
|
||||
---
|
||||
|
|
@ -893,7 +893,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1155,7 +1155,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1409,7 +1409,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1733,7 +1733,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2003,7 +2003,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2202,7 +2202,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2431,7 +2431,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2646,7 +2646,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -694,7 +694,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"UPGRADE-CONTROL-PLANE-VERSION","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"-----BEGIN CERTIFICATE-----\nMIIBgzCCASmgAwIBAgIBATAKBggqhkjOPQQDAjApMScwJQYDVQQDEx5pZGVudGl0\neS5saW5rZXJkLmNsdXN0ZXIubG9jYWwwHhcNMTkwNDA0MjM1MzM3WhcNMjAwNDAz\nMjM1MzU3WjApMScwJQYDVQQDEx5pZGVudGl0eS5saW5rZXJkLmNsdXN0ZXIubG9j\nYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT+Sb5X4wi4XP0X3rJwMp23VBdg\nEMMU8EU+KG8UI2LmC5Vjg5RWLOW6BJjBmjXViKM+b+1/oKAeOg6FrJk8qyFlo0Iw\nQDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\nMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAKUFG3sYOS++bakW\nYmJZU45iCdTLtaelMDSFiHoC9eBKAiBDWzzo+/CYLLmn33bAEn8pQnogP4Fx06aj\n+U9K4WlbzA==\n-----END CERTIFICATE-----\n","issuanceLifetime":"86400s","clockSkewAllowance":"20s"},"autoInjectContext":null,"omitWebhookSideEffects":false,"clusterDomain":"cluster.local"}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"100m","requestMemory":"20Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"UPGRADE-PROXY-VERSION","proxyInitImageVersion":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"100m","requestMemory":"20Mi","limitCpu":"1","limitMemory":"250Mi"},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"UPGRADE-PROXY-VERSION","proxyInitImageVersion":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"57af298c-58b0-43fc-8d88-3c338789bfbc","cliVersion":"dev-undefined","flags":[{"name":"ha","value":"true"}]}
|
||||
---
|
||||
|
|
@ -925,7 +925,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1225,7 +1225,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1497,7 +1497,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -1833,7 +1833,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2115,7 +2115,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2346,7 +2346,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2607,7 +2607,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
@ -2854,7 +2854,7 @@ spec:
|
|||
- 4190,4191
|
||||
- --outbound-ports-to-ignore
|
||||
- "443"
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.0.0
|
||||
image: gcr.io/linkerd-io/proxy-init:v1.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: linkerd-init
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -30,6 +30,9 @@ apiVersion: policy/v1beta1
|
|||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: linkerd-{{.Namespace}}-cni
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
spec:
|
||||
allowPrivilegeEscalation: false
|
||||
fsGroup:
|
||||
|
|
@ -50,12 +53,18 @@ kind: ServiceAccount
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: {{.Namespace}}
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: {{.Namespace}}
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: ['extensions', 'policy']
|
||||
resources: ['podsecuritypolicies']
|
||||
|
|
@ -68,6 +77,9 @@ kind: RoleBinding
|
|||
metadata:
|
||||
name: linkerd-cni
|
||||
namespace: {{.Namespace}}
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
|
|
@ -83,6 +95,9 @@ kind: ClusterRole
|
|||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods", "nodes", "namespaces"]
|
||||
|
|
@ -92,6 +107,9 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
|||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: linkerd-cni
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
|
|
@ -107,6 +125,9 @@ apiVersion: v1
|
|||
metadata:
|
||||
name: linkerd-cni-config
|
||||
namespace: {{.Namespace}}
|
||||
labels:
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
data:
|
||||
incoming_proxy_port: "{{.InboundPort}}"
|
||||
outgoing_proxy_port: "{{.OutboundPort}}"
|
||||
|
|
@ -117,6 +138,7 @@ data:
|
|||
log_level: "{{.LogLevel}}"
|
||||
dest_cni_net_dir: "{{.DestCNINetDir}}"
|
||||
dest_cni_bin_dir: "{{.DestCNIBinDir}}"
|
||||
use_wait_flag: "{{.UseWaitFlag}}"
|
||||
# The CNI network configuration to install on each node. The special
|
||||
# values in this config will be automatically populated.
|
||||
cni_network_config: |-
|
||||
|
|
@ -139,7 +161,8 @@ data:
|
|||
"ports-to-redirect": [__PORTS_TO_REDIRECT__],
|
||||
"inbound-ports-to-ignore": [__INBOUND_PORTS_TO_IGNORE__],
|
||||
"outbound-ports-to-ignore": [__OUTBOUND_PORTS_TO_IGNORE__],
|
||||
"simulate": __SIMULATE__
|
||||
"simulate": __SIMULATE__,
|
||||
"use-wait-flag": __USE_WAIT_FLAG__
|
||||
}
|
||||
}
|
||||
---
|
||||
|
|
@ -152,6 +175,8 @@ metadata:
|
|||
namespace: {{.Namespace}}
|
||||
labels:
|
||||
k8s-app: linkerd-cni
|
||||
{{.ControllerNamespaceLabel}}: {{.Namespace}}
|
||||
linkerd.io/cni-resource: "true"
|
||||
annotations:
|
||||
{{.CreatedByAnnotation}}: {{.CliVersion}}
|
||||
spec:
|
||||
|
|
@ -224,6 +249,8 @@ spec:
|
|||
key: log_level
|
||||
- name: SLEEP
|
||||
value: "true"
|
||||
- name: USE_WAIT_FLAG
|
||||
value: "{{.UseWaitFlag}}"
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
## compile cni-plugin utility
|
||||
FROM gcr.io/linkerd-io/go-deps:813c9be3 as golang
|
||||
FROM gcr.io/linkerd-io/go-deps:c7fb42bd as golang
|
||||
WORKDIR /linkerd-build
|
||||
COPY pkg pkg
|
||||
COPY controller controller
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@
|
|||
"ports-to-redirect": [__PORTS_TO_REDIRECT__],
|
||||
"inbound-ports-to-ignore": [__INBOUND_PORTS_TO_IGNORE__],
|
||||
"outbound-ports-to-ignore": [__OUTBOUND_PORTS_TO_IGNORE__],
|
||||
"simulate": __SIMULATE__
|
||||
"simulate": __SIMULATE__,
|
||||
"use-wait-flag": __USE_WAIT_FLAG__
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -182,6 +182,7 @@ sed -i s~__PORTS_TO_REDIRECT__~"${PORTS_TO_REDIRECT:=}"~g ${TMP_CONF}
|
|||
sed -i s~__INBOUND_PORTS_TO_IGNORE__~"${INBOUND_PORTS_TO_IGNORE:=}"~g ${TMP_CONF}
|
||||
sed -i s~__OUTBOUND_PORTS_TO_IGNORE__~"${OUTBOUND_PORTS_TO_IGNORE:=}"~g ${TMP_CONF}
|
||||
sed -i s~__SIMULATE__~"${SIMULATE:=false}"~g ${TMP_CONF}
|
||||
sed -i s~__USE_WAIT_FLAG__~"${USE_WAIT_FLAG:=false}"~g ${TMP_CONF}
|
||||
|
||||
CNI_OLD_CONF_PATH="${CNI_OLD_CONF_PATH:-${CNI_CONF_PATH}}"
|
||||
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ type ProxyInit struct {
|
|||
InboundPortsToIgnore []int `json:"inbound-ports-to-ignore"`
|
||||
OutboundPortsToIgnore []int `json:"outbound-ports-to-ignore"`
|
||||
Simulate bool `json:"simulate"`
|
||||
UseWaitFlag bool `json:"use-wait-flag"`
|
||||
}
|
||||
|
||||
// Kubernetes a K8s specific struct to hold config
|
||||
|
|
@ -201,6 +202,7 @@ func cmdAdd(args *skel.CmdArgs) error {
|
|||
OutboundPortsToIgnore: conf.ProxyInit.OutboundPortsToIgnore,
|
||||
SimulateOnly: conf.ProxyInit.Simulate,
|
||||
NetNs: args.Netns,
|
||||
UseWaitFlag: conf.ProxyInit.UseWaitFlag,
|
||||
}
|
||||
firewallConfiguration, err := cmd.BuildFirewallConfiguration(&options)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
## compile controller services
|
||||
FROM gcr.io/linkerd-io/go-deps:813c9be3 as golang
|
||||
FROM gcr.io/linkerd-io/go-deps:c7fb42bd as golang
|
||||
WORKDIR /linkerd-build
|
||||
COPY controller/gen controller/gen
|
||||
COPY pkg pkg
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@
|
|||
"--inbound-ports-to-ignore",
|
||||
"4190,4191"
|
||||
],
|
||||
"image": "gcr.io/linkerd-io/proxy-init:v1.0.0",
|
||||
"image": "gcr.io/linkerd-io/proxy-init:v1.1.0",
|
||||
"imagePullPolicy": "IfNotPresent",
|
||||
"name": "linkerd-init",
|
||||
"resources": {
|
||||
|
|
|
|||
2
go.mod
2
go.mod
|
|
@ -47,7 +47,7 @@ require (
|
|||
github.com/julienschmidt/httprouter v1.1.0
|
||||
github.com/kelseyhightower/envconfig v1.4.0 // indirect
|
||||
github.com/linkerd/linkerd2-proxy-api v0.1.9
|
||||
github.com/linkerd/linkerd2-proxy-init v1.0.0
|
||||
github.com/linkerd/linkerd2-proxy-init v1.1.0
|
||||
github.com/mattn/go-colorable v0.0.9 // indirect
|
||||
github.com/mattn/go-isatty v0.0.7
|
||||
github.com/mattn/go-runewidth v0.0.2
|
||||
|
|
|
|||
2
go.sum
2
go.sum
|
|
@ -146,6 +146,8 @@ github.com/linkerd/linkerd2-proxy-api v0.1.9 h1:QIFoVxJEjzPrAhWj2ZwRjUlCjL2VJAtO
|
|||
github.com/linkerd/linkerd2-proxy-api v0.1.9/go.mod h1:2WJHEYXoww5ALM6c1QspRFiROGZg08tGxCO1js0tTVA=
|
||||
github.com/linkerd/linkerd2-proxy-init v1.0.0 h1:FKpZtN1ZUojvps+ZQXDAuebA+78lf7Mt0ekqwYginRA=
|
||||
github.com/linkerd/linkerd2-proxy-init v1.0.0/go.mod h1:JNuEmZkYNFgBrd/89LMDRG4vDq3qEeU4qYm33M+UulU=
|
||||
github.com/linkerd/linkerd2-proxy-init v1.1.0 h1:CbUNLPcZYBq5NFBDQNhG6R3mCMtMch9Rc4bL4ZHP4tQ=
|
||||
github.com/linkerd/linkerd2-proxy-init v1.1.0/go.mod h1:JNuEmZkYNFgBrd/89LMDRG4vDq3qEeU4qYm33M+UulU=
|
||||
github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
||||
github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic=
|
||||
github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
|
|
@ -109,6 +110,12 @@ const (
|
|||
// `apiClient` from LinkerdControlPlaneExistenceChecks, and `latestVersions`
|
||||
// from LinkerdVersionChecks, so those checks must be added first.
|
||||
LinkerdDataPlaneChecks CategoryID = "linkerd-data-plane"
|
||||
|
||||
// linkerdCniResourceLabel is the label key that is used to identify
|
||||
// whether a Kubernetes resource is related to the install-cni command
|
||||
// The value is expected to be "true", "false" or "", where "false" and
|
||||
// "" are equal, making "false" the default
|
||||
linkerdCniResourceLabel = "linkerd.io/cni-resource"
|
||||
)
|
||||
|
||||
// HintBaseURL is the base URL on the linkerd.io website that all check hints
|
||||
|
|
@ -228,6 +235,7 @@ type Options struct {
|
|||
APIAddr string
|
||||
VersionOverride string
|
||||
RetryDeadline time.Time
|
||||
NoInitContainer bool
|
||||
}
|
||||
|
||||
// HealthChecker encapsulates all health check checkers, and clients required to
|
||||
|
|
@ -1020,7 +1028,12 @@ func (hc *HealthChecker) checkClusterRoles(shouldExist bool) error {
|
|||
}
|
||||
|
||||
objects := []runtime.Object{}
|
||||
|
||||
for _, item := range crList.Items {
|
||||
|
||||
if hc.skipNoInitContainerResources(item.ObjectMeta.Labels) {
|
||||
continue
|
||||
}
|
||||
item := item // pin
|
||||
objects = append(objects, &item)
|
||||
}
|
||||
|
|
@ -1038,7 +1051,12 @@ func (hc *HealthChecker) checkClusterRoleBindings(shouldExist bool) error {
|
|||
}
|
||||
|
||||
objects := []runtime.Object{}
|
||||
|
||||
for _, item := range crbList.Items {
|
||||
if hc.skipNoInitContainerResources(item.ObjectMeta.Labels) {
|
||||
continue
|
||||
}
|
||||
|
||||
item := item // pin
|
||||
objects = append(objects, &item)
|
||||
}
|
||||
|
|
@ -1129,6 +1147,11 @@ func (hc *HealthChecker) checkPodSecurityPolicies(shouldExist bool) error {
|
|||
|
||||
objects := []runtime.Object{}
|
||||
for _, item := range psp.Items {
|
||||
|
||||
if hc.skipNoInitContainerResources(item.ObjectMeta.Labels) {
|
||||
continue
|
||||
}
|
||||
|
||||
item := item // pin
|
||||
objects = append(objects, &item)
|
||||
}
|
||||
|
|
@ -1497,3 +1520,17 @@ func checkControlPlaneReplicaSets(rst []appsv1.ReplicaSet) error {
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (hc *HealthChecker) skipNoInitContainerResources(labelMap map[string]string) bool {
|
||||
|
||||
if hc.Options.NoInitContainer {
|
||||
skip, err := strconv.ParseBool(labelMap[linkerdCniResourceLabel])
|
||||
if err != nil {
|
||||
log.Errorf("Error parsing %v, %v",
|
||||
linkerdCniResourceLabel, err)
|
||||
}
|
||||
return skip
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2039,7 +2039,7 @@ data:
|
|||
global: |
|
||||
{"linkerdNamespace":"linkerd","cniEnabled":false,"version":"install-control-plane-version","identityContext":{"trustDomain":"cluster.local","trustAnchorsPem":"fake-trust-anchors-pem","issuanceLifetime":"86400s","clockSkewAllowance":"20s"}}
|
||||
proxy: |
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version", "proxy_init_image_version":"v1.0.0"}
|
||||
{"proxyImage":{"imageName":"gcr.io/linkerd-io/proxy","pullPolicy":"IfNotPresent"},"proxyInitImage":{"imageName":"gcr.io/linkerd-io/proxy-init","pullPolicy":"IfNotPresent"},"controlPort":{"port":4190},"ignoreInboundPorts":[],"ignoreOutboundPorts":[],"inboundPort":{"port":4143},"adminPort":{"port":4191},"outboundPort":{"port":4140},"resource":{"requestCpu":"","requestMemory":"","limitCpu":"","limitMemory":""},"proxyUid":"2102","logLevel":{"level":"warn,linkerd2_proxy=info"},"disableExternalProfiles":true,"proxyVersion":"install-proxy-version", "proxy_init_image_version":"v1.1.0"}
|
||||
install: |
|
||||
{"uuid":"deaab91a-f4ab-448a-b7d1-c832a2fa0a60","cliVersion":"dev-undefined","flags":[]}`,
|
||||
},
|
||||
|
|
@ -2085,7 +2085,7 @@ data:
|
|||
},
|
||||
DisableExternalProfiles: true,
|
||||
ProxyVersion: "install-proxy-version",
|
||||
ProxyInitImageVersion: "v1.0.0",
|
||||
ProxyInitImageVersion: "v1.1.0",
|
||||
}, Install: &configPb.Install{
|
||||
Uuid: "deaab91a-f4ab-448a-b7d1-c832a2fa0a60",
|
||||
CliVersion: "dev-undefined",
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ var Version = undefinedVersion
|
|||
// https://github.com/linkerd/linkerd2-proxy-init
|
||||
// This has to be kept in sync with the constraint version for
|
||||
// github.com/linkerd/linkerd2-proxy-init in /Gopkg.toml
|
||||
var ProxyInitVersion = "v1.0.0"
|
||||
var ProxyInitVersion = "v1.1.0"
|
||||
|
||||
const (
|
||||
// undefinedVersion should take the form `channel-version` to conform to
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ COPY web/app ./web/app
|
|||
RUN ./bin/web build
|
||||
|
||||
## compile go server
|
||||
FROM gcr.io/linkerd-io/go-deps:813c9be3 as golang
|
||||
FROM gcr.io/linkerd-io/go-deps:c7fb42bd as golang
|
||||
WORKDIR /linkerd-build
|
||||
RUN mkdir -p web
|
||||
COPY web/main.go web
|
||||
|
|
|
|||
Loading…
Reference in New Issue