linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update auto-inject to set LINKERD2_PROXY_ID in all cases (#2267) 

Signed-off-by: Kevin Lingerfelt <kl@buoyant.io>
This commit is contained in:
Kevin Lingerfelt 2019-02-12 11:08:06 -08:00 committed by GitHub
parent 0e25c680ca
commit 56c5ce6a31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
controller/proxy-injector/fake/data/inject-enabled-tls-disabled-response.yaml
View File

@ -68,6 +68,6 @@ request:
username: minikube-user username: minikube-user
response: response:
allowed: true allowed: true
patch: W3sib3AiOiJhZGQiLCJwYXRoIjoiL3NwZWMvdGVtcGxhdGUvc3BlYy9jb250YWluZXJzLy0iLCJ2YWx1ZSI6eyJuYW1lIjoibGlua2VyZC1wcm94eSIsImltYWdlIjoiZ2NyLmlvL2xpbmtlcmQtaW8vcHJveHk6djE4LjguNCIsInBvcnRzIjpbeyJuYW1lIjoibGlua2VyZC1wcm94eSIsImNvbnRhaW5lclBvcnQiOjQxNDN9LHsibmFtZSI6ImxpbmtlcmQtbWV0cmljcyIsImNvbnRhaW5lclBvcnQiOjQxOTF9XSwiZW52IjpbeyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfTE9HIiwidmFsdWUiOiJ3YXJuLGxpbmtlcmQyX3Byb3h5PWluZm8ifSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9DT05UUk9MX1VSTCIsInZhbHVlIjoidGNwOi8vbGlua2VyZC1wcm94eS1hcGkubGlua2VyZC5zdmMuY2x1c3Rlci5sb2NhbDo4MDg2In0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfQ09OVFJPTF9MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTkwIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfTUVUUklDU19MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTkxIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfT1VUQk9VTkRfTElTVEVORVIiLCJ2YWx1ZSI6InRjcDovLzEyNy4wLjAuMTo0MTQwIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfSU5CT1VORF9MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTQzIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfREVTVElOQVRJT05fUFJPRklMRV9TVUZGSVhFUyIsInZhbHVlIjoiLiJ9LHsibmFtZSI6IkxJTktFUkQyX1BST1hZX1BPRF9OQU1FU1BBQ0UiLCJ2YWx1ZUZyb20iOnsiZmllbGRSZWYiOnsiZmllbGRQYXRoIjoibWV0YWRhdGEubmFtZXNwYWNlIn19fSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9JTkJPVU5EX0FDQ0VQVF9LRUVQQUxJVkUiLCJ2YWx1ZSI6IjEwMDAwbXMifSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9PVVRCT1VORF9DT05ORUNUX0tFRVBBTElWRSIsInZhbHVlIjoiMTAwMDBtcyJ9LHsibmFtZSI6IkxJTktFUkQyX1BST1hZX0lEIn1dLCJyZXNvdXJjZXMiOnt9LCJsaXZlbmVzc1Byb2JlIjp7Imh0dHBHZXQiOnsicGF0aCI6Ii9tZXRyaWNzIiwicG9ydCI6NDE5MX0sImluaXRpYWxEZWxheVNlY29uZHMiOjEwfSwicmVhZGluZXNzUHJvYmUiOnsiaHR0cEdldCI6eyJwYXRoIjoiL21ldHJpY3MiLCJwb3J0Ijo0MTkxfSwiaW5pdGlhbERlbGF5U2Vjb25kcyI6MTB9LCJ0ZXJtaW5hdGlvbk1lc3NhZ2VQb2xpY3kiOiJGYWxsYmFja1RvTG9nc09uRXJyb3IiLCJpbWFnZVB1bGxQb2xpY3kiOiJJZk5vdFByZXNlbnQiLCJzZWN1cml0eUNvbnRleHQiOnsicnVuQXNVc2VyIjoyMTAyfX19LHsib3AiOiJhZGQiLCJwYXRoIjoiL3NwZWMvdGVtcGxhdGUvc3BlYy9pbml0Q29udGFpbmVycyIsInZhbHVlIjpbXX0seyJvcCI6ImFkZCIsInBhdGgiOiIvc3BlYy90ZW1wbGF0ZS9zcGVjL2luaXRDb250YWluZXJzLy0iLCJ2YWx1ZSI6eyJuYW1lIjoibGlua2VyZC1pbml0IiwiaW1hZ2UiOiJnY3IuaW8vbGlua2VyZC1pby9wcm94eS1pbml0OnYxOC44LjQiLCJhcmdzIjpbIi0taW5jb21pbmctcHJveHktcG9ydCIsIjQxNDMiLCItLW91dGdvaW5nLXByb3h5LXBvcnQiLCI0MTQwIiwiLS1wcm94eS11aWQiLCIyMTAyIiwiLS1pbmJvdW5kLXBvcnRzLXRvLWlnbm9yZSIsIjQxOTAsNDE5MSJdLCJyZXNvdXJjZXMiOnt9LCJ0ZXJtaW5hdGlvbk1lc3NhZ2VQb2xpY3kiOiJGYWxsYmFja1RvTG9nc09uRXJyb3IiLCJpbWFnZVB1bGxQb2xpY3kiOiJJZk5vdFByZXNlbnQiLCJzZWN1cml0eUNvbnRleHQiOnsiY2FwYWJpbGl0aWVzIjp7ImFkZCI6WyJORVRfQURNSU4iXX0sInByaXZpbGVnZWQiOmZhbHNlLCJydW5Bc1VzZXIiOjAsInJ1bkFzTm9uUm9vdCI6ZmFsc2V9fX0seyJvcCI6ImFkZCIsInBhdGgiOiIvc3BlYy90ZW1wbGF0ZS9tZXRhZGF0YS9sYWJlbHMiLCJ2YWx1ZSI6eyJhcHAiOiJuZ2lueCIsImxpbmtlcmQuaW8vY29udHJvbC1wbGFuZS1ucyI6ImxpbmtlcmQiLCJsaW5rZXJkLmlvL3Byb3h5LWRlcGxveW1lbnQiOiJuZ2lueCJ9fSx7Im9wIjoiYWRkIiwicGF0aCI6Ii9tZXRhZGF0YS9sYWJlbHMiLCJ2YWx1ZSI6eyJhcHAiOiJuZ2lueCIsImxpbmtlcmQuaW8vY29udHJvbC1wbGFuZS1ucyI6ImxpbmtlcmQiLCJsaW5rZXJkLmlvL3Byb3h5LWRlcGxveW1lbnQiOiJuZ2lueCJ9fSx7Im9wIjoiYWRkIiwicGF0aCI6Ii9zcGVjL3RlbXBsYXRlL21ldGFkYXRhL2Fubm90YXRpb25zIiwidmFsdWUiOnsiY3JlYXRlZC1ieSI6ImlzaW0iLCJsaW5rZXJkLmlvL2NyZWF0ZWQtYnkiOiJsaW5rZXJkL3Byb3h5LWluamVjdG9yIHYxOC44LjQiLCJsaW5rZXJkLmlvL2luamVjdCI6ImVuYWJsZWQiLCJsaW5rZXJkLmlvL3Byb3h5LXZlcnNpb24iOiJ2MTguOC40In19XQ== patch: W3sib3AiOiJhZGQiLCJwYXRoIjoiL3NwZWMvdGVtcGxhdGUvc3BlYy9jb250YWluZXJzLy0iLCJ2YWx1ZSI6eyJuYW1lIjoibGlua2VyZC1wcm94eSIsImltYWdlIjoiZ2NyLmlvL2xpbmtlcmQtaW8vcHJveHk6djE4LjguNCIsInBvcnRzIjpbeyJuYW1lIjoibGlua2VyZC1wcm94eSIsImNvbnRhaW5lclBvcnQiOjQxNDN9LHsibmFtZSI6ImxpbmtlcmQtbWV0cmljcyIsImNvbnRhaW5lclBvcnQiOjQxOTF9XSwiZW52IjpbeyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfTE9HIiwidmFsdWUiOiJ3YXJuLGxpbmtlcmQyX3Byb3h5PWluZm8ifSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9DT05UUk9MX1VSTCIsInZhbHVlIjoidGNwOi8vbGlua2VyZC1wcm94eS1hcGkubGlua2VyZC5zdmMuY2x1c3Rlci5sb2NhbDo4MDg2In0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfQ09OVFJPTF9MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTkwIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfTUVUUklDU19MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTkxIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfT1VUQk9VTkRfTElTVEVORVIiLCJ2YWx1ZSI6InRjcDovLzEyNy4wLjAuMTo0MTQwIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfSU5CT1VORF9MSVNURU5FUiIsInZhbHVlIjoidGNwOi8vMC4wLjAuMDo0MTQzIn0seyJuYW1lIjoiTElOS0VSRDJfUFJPWFlfREVTVElOQVRJT05fUFJPRklMRV9TVUZGSVhFUyIsInZhbHVlIjoiLiJ9LHsibmFtZSI6IkxJTktFUkQyX1BST1hZX1BPRF9OQU1FU1BBQ0UiLCJ2YWx1ZUZyb20iOnsiZmllbGRSZWYiOnsiZmllbGRQYXRoIjoibWV0YWRhdGEubmFtZXNwYWNlIn19fSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9JTkJPVU5EX0FDQ0VQVF9LRUVQQUxJVkUiLCJ2YWx1ZSI6IjEwMDAwbXMifSx7Im5hbWUiOiJMSU5LRVJEMl9QUk9YWV9PVVRCT1VORF9DT05ORUNUX0tFRVBBTElWRSIsInZhbHVlIjoiMTAwMDBtcyJ9LHsibmFtZSI6IkxJTktFUkQyX1BST1hZX0lEIiwidmFsdWUiOiJuZ2lueC5kZXBsb3ltZW50Lmt1YmUtcHVibGljLmxpbmtlcmQtbWFuYWdlZC5saW5rZXJkLnN2Yy5jbHVzdGVyLmxvY2FsIn1dLCJyZXNvdXJjZXMiOnt9LCJsaXZlbmVzc1Byb2JlIjp7Imh0dHBHZXQiOnsicGF0aCI6Ii9tZXRyaWNzIiwicG9ydCI6NDE5MX0sImluaXRpYWxEZWxheVNlY29uZHMiOjEwfSwicmVhZGluZXNzUHJvYmUiOnsiaHR0cEdldCI6eyJwYXRoIjoiL21ldHJpY3MiLCJwb3J0Ijo0MTkxfSwiaW5pdGlhbERlbGF5U2Vjb25kcyI6MTB9LCJ0ZXJtaW5hdGlvbk1lc3NhZ2VQb2xpY3kiOiJGYWxsYmFja1RvTG9nc09uRXJyb3IiLCJpbWFnZVB1bGxQb2xpY3kiOiJJZk5vdFByZXNlbnQiLCJzZWN1cml0eUNvbnRleHQiOnsicnVuQXNVc2VyIjoyMTAyfX19LHsib3AiOiJhZGQiLCJwYXRoIjoiL3NwZWMvdGVtcGxhdGUvc3BlYy9pbml0Q29udGFpbmVycyIsInZhbHVlIjpbXX0seyJvcCI6ImFkZCIsInBhdGgiOiIvc3BlYy90ZW1wbGF0ZS9zcGVjL2luaXRDb250YWluZXJzLy0iLCJ2YWx1ZSI6eyJuYW1lIjoibGlua2VyZC1pbml0IiwiaW1hZ2UiOiJnY3IuaW8vbGlua2VyZC1pby9wcm94eS1pbml0OnYxOC44LjQiLCJhcmdzIjpbIi0taW5jb21pbmctcHJveHktcG9ydCIsIjQxNDMiLCItLW91dGdvaW5nLXByb3h5LXBvcnQiLCI0MTQwIiwiLS1wcm94eS11aWQiLCIyMTAyIiwiLS1pbmJvdW5kLXBvcnRzLXRvLWlnbm9yZSIsIjQxOTAsNDE5MSJdLCJyZXNvdXJjZXMiOnt9LCJ0ZXJtaW5hdGlvbk1lc3NhZ2VQb2xpY3kiOiJGYWxsYmFja1RvTG9nc09uRXJyb3IiLCJpbWFnZVB1bGxQb2xpY3kiOiJJZk5vdFByZXNlbnQiLCJzZWN1cml0eUNvbnRleHQiOnsiY2FwYWJpbGl0aWVzIjp7ImFkZCI6WyJORVRfQURNSU4iXX0sInByaXZpbGVnZWQiOmZhbHNlLCJydW5Bc1VzZXIiOjAsInJ1bkFzTm9uUm9vdCI6ZmFsc2V9fX0seyJvcCI6ImFkZCIsInBhdGgiOiIvc3BlYy90ZW1wbGF0ZS9tZXRhZGF0YS9sYWJlbHMiLCJ2YWx1ZSI6eyJhcHAiOiJuZ2lueCIsImxpbmtlcmQuaW8vY29udHJvbC1wbGFuZS1ucyI6ImxpbmtlcmQiLCJsaW5rZXJkLmlvL3Byb3h5LWRlcGxveW1lbnQiOiJuZ2lueCJ9fSx7Im9wIjoiYWRkIiwicGF0aCI6Ii9tZXRhZGF0YS9sYWJlbHMiLCJ2YWx1ZSI6eyJhcHAiOiJuZ2lueCIsImxpbmtlcmQuaW8vY29udHJvbC1wbGFuZS1ucyI6ImxpbmtlcmQiLCJsaW5rZXJkLmlvL3Byb3h5LWRlcGxveW1lbnQiOiJuZ2lueCJ9fSx7Im9wIjoiYWRkIiwicGF0aCI6Ii9zcGVjL3RlbXBsYXRlL21ldGFkYXRhL2Fubm90YXRpb25zIiwidmFsdWUiOnsiY3JlYXRlZC1ieSI6ImlzaW0iLCJsaW5rZXJkLmlvL2NyZWF0ZWQtYnkiOiJsaW5rZXJkL3Byb3h5LWluamVjdG9yIHYxOC44LjQiLCJsaW5rZXJkLmlvL2luamVjdCI6ImVuYWJsZWQiLCJsaW5rZXJkLmlvL3Byb3h5LXZlcnNpb24iOiJ2MTguOC40In19XQ==
patchType: JSONPatch patchType: JSONPatch
uid: 3c3c45ff-bee9-11e8-9c41-b4d755961931 uid: 3c3c45ff-bee9-11e8-9c41-b4d755961931

29
controller/proxy-injector/webhook.go
View File

@ -127,14 +127,11 @@ func (w *Webhook) inject(request *admissionv1beta1.AdmissionRequest) (*admission
}, nil }, nil
} }
var identity *k8sPkg.TLSIdentity identity := &k8sPkg.TLSIdentity{
if w.tlsEnabled { Name: deployment.ObjectMeta.Name,
identity = &k8sPkg.TLSIdentity{ Kind: strings.ToLower(request.Kind.Kind),
Name: deployment.ObjectMeta.Name, Namespace: ns,
Kind: strings.ToLower(request.Kind.Kind), ControllerNamespace: w.controllerNamespace,
Namespace: ns,
ControllerNamespace: w.controllerNamespace,
}
} }
proxy, proxyInit, err := w.containersSpec(identity) proxy, proxyInit, err := w.containersSpec(identity)
@ -260,15 +257,13 @@ func (w *Webhook) containersSpec(identity *k8sPkg.TLSIdentity) (*corev1.Containe
return nil, nil, err return nil, nil, err
} }
if identity != nil { for index, env := range proxy.Env {
for index, env := range proxy.Env { if env.Name == envVarKeyProxyTLSPodIdentity {
if env.Name == envVarKeyProxyTLSPodIdentity { proxy.Env[index].Value = identity.ToDNSName()
proxy.Env[index].Value = identity.ToDNSName() } else if env.Name == envVarKeyProxyTLSControllerIdentity {
} else if env.Name == envVarKeyProxyTLSControllerIdentity { proxy.Env[index].Value = identity.ToControllerIdentity().ToDNSName()
proxy.Env[index].Value = identity.ToControllerIdentity().ToDNSName() } else if env.Name == envVarKeyProxyID {
} else if env.Name == envVarKeyProxyID { proxy.Env[index].Value = identity.ToDNSName()
proxy.Env[index].Value = identity.ToDNSName()
}
} }
} }