mirror of https://github.com/linkerd/linkerd2.git
feat(helm): Allow specifying podAnnotations per deployment (#13388)
Fixes #13389 Values added: - `destinationController.podAnnotations` - annotations only for `linkerd-destination` - `identity.podAnnotations` - annotations only for `linkerd-identity` - `proxyInjector.podAnnotations` - annotations only for `linkerd-proxy-injector` Each deployment's podAnnotations take precedence over global one by means of [mergeOverwrite](https://helm.sh/docs/chart_template_guide/function_list/#mergeoverwrite-mustmergeoverwrite). Signed-off-by: Takumi Sue <u630868b@alumni.osaka-u.ac.jp>
This commit is contained in:
Takumi Sue
GitHub
parent
396af7c946
commit
a20fc0bfa1
|
|
@ -163,6 +163,7 @@ Kubernetes: `>=1.22.0-0`
|
|||
| destinationController.meshedHttp2ClientProtobuf.keep_alive.interval.seconds | int | `10` | |
|
||||
| destinationController.meshedHttp2ClientProtobuf.keep_alive.timeout.seconds | int | `3` | |
|
||||
| destinationController.meshedHttp2ClientProtobuf.keep_alive.while_idle | bool | `true` | |
|
||||
| destinationController.podAnnotations | object | `{}` | Additional annotations to add to destination pods |
|
||||
| destinationController.readinessProbe.timeoutSeconds | int | `1` | |
|
||||
| disableHeartBeat | bool | `false` | Set to true to not start the heartbeat cronjob |
|
||||
| disableIPv6 | bool | `true` | disables routing IPv6 traffic in addition to IPv4 traffic through the proxy (IPv6 routing only available as of proxy-init v2.3.0 and linkerd-cni v1.4.0) |
|
||||
|
|
@ -183,6 +184,7 @@ Kubernetes: `>=1.22.0-0`
|
|||
| identity.kubeAPI.clientBurst | int | `200` | Burst value over clientQPS |
|
||||
| identity.kubeAPI.clientQPS | int | `100` | Maximum QPS sent to the kube-apiserver before throttling. See [token bucket rate limiter implementation](https://github.com/kubernetes/client-go/blob/v12.0.0/util/flowcontrol/throttle.go) |
|
||||
| identity.livenessProbe.timeoutSeconds | int | `1` | |
|
||||
| identity.podAnnotations | object | `{}` | Additional annotations to add to identity pods |
|
||||
| identity.readinessProbe.timeoutSeconds | int | `1` | |
|
||||
| identity.serviceAccountTokenProjection | bool | `true` | Use [Service Account token Volume projection](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection) for pod validation instead of the default token |
|
||||
| identityTrustAnchorsPEM | string | `""` | Trust root certificate (ECDSA). It must be provided during install. |
|
||||
|
|
@ -311,6 +313,7 @@ Kubernetes: `>=1.22.0-0`
|
|||
| proxyInjector.livenessProbe.timeoutSeconds | int | `1` | |
|
||||
| proxyInjector.namespaceSelector | object | `{"matchExpressions":[{"key":"config.linkerd.io/admission-webhooks","operator":"NotIn","values":["disabled"]},{"key":"kubernetes.io/metadata.name","operator":"NotIn","values":["kube-system","cert-manager"]}]}` | Namespace selector used by admission webhook. |
|
||||
| proxyInjector.objectSelector | object | `{"matchExpressions":[{"key":"linkerd.io/control-plane-component","operator":"DoesNotExist"},{"key":"linkerd.io/cni-resource","operator":"DoesNotExist"}]}` | Object selector used by admission webhook. |
|
||||
| proxyInjector.podAnnotations | object | `{}` | Additional annotations to add to proxy-injector pods |
|
||||
| proxyInjector.readinessProbe.timeoutSeconds | int | `1` | |
|
||||
| proxyInjector.timeoutSeconds | int | `10` | Timeout in seconds before the API Server cancels a request to the proxy injector. If timeout is exceeded, the webhookfailurePolicy is used. |
|
||||
| revisionHistoryLimit | int | `10` | Specifies the number of old ReplicaSets to retain to allow rollback. |
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ spec:
|
|||
checksum/config: {{ include (print $.Template.BasePath "/destination-rbac.yaml") . | sha256sum }}
|
||||
{{ include "partials.annotations.created-by" . }}
|
||||
{{- include "partials.proxy.annotations" . | nindent 8}}
|
||||
{{- with .Values.podAnnotations }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.destinationController.podAnnotations) }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
config.linkerd.io/default-inbound-policy: "all-unauthenticated"
|
||||
labels:
|
||||
linkerd.io/control-plane-component: destination
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ spec:
|
|||
annotations:
|
||||
{{ include "partials.annotations.created-by" . }}
|
||||
{{- include "partials.proxy.annotations" . | nindent 8}}
|
||||
{{- with .Values.podAnnotations }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.identity.podAnnotations) }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
config.linkerd.io/default-inbound-policy: "all-unauthenticated"
|
||||
labels:
|
||||
linkerd.io/control-plane-component: identity
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ spec:
|
|||
checksum/config: {{ include (print $.Template.BasePath "/proxy-injector-rbac.yaml") . | sha256sum }}
|
||||
{{ include "partials.annotations.created-by" . }}
|
||||
{{- include "partials.proxy.annotations" . | nindent 8}}
|
||||
{{- with .Values.podAnnotations }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
{{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.identity.podAnnotations) }}{{ toYaml . | trim | nindent 8 }}{{- end }}
|
||||
config.linkerd.io/opaque-ports: "8443"
|
||||
config.linkerd.io/default-inbound-policy: "all-unauthenticated"
|
||||
labels:
|
||||
|
|
|
|||
|
|
@ -384,6 +384,8 @@ destinationController:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
# -- Additional annotations to add to destination pods
|
||||
podAnnotations: {}
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
readinessProbe:
|
||||
|
|
@ -428,6 +430,9 @@ identity:
|
|||
|
||||
kubeAPI: *kubeapi
|
||||
|
||||
# -- Additional annotations to add to identity pods
|
||||
podAnnotations: {}
|
||||
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
readinessProbe:
|
||||
|
|
@ -505,6 +510,9 @@ proxyInjector:
|
|||
# for more information.
|
||||
injectCaFromSecret: ""
|
||||
|
||||
# -- Additional annotations to add to proxy-injector pods
|
||||
podAnnotations: {}
|
||||
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
readinessProbe:
|
||||
|
|
@ -668,4 +676,3 @@ podMonitor:
|
|||
egress:
|
||||
# -- The namespace that is used to store egress configuration that affects all client workloads in the cluster
|
||||
globalEgressNetworkNamespace: linkerd-egress
|
||||
|
||||
|
|
@ -60,7 +60,7 @@ func TestRender(t *testing.T) {
|
|||
CNIEnabled: false,
|
||||
IdentityTrustDomain: defaultValues.IdentityTrustDomain,
|
||||
IdentityTrustAnchorsPEM: defaultValues.IdentityTrustAnchorsPEM,
|
||||
DestinationController: map[string]any{},
|
||||
DestinationController: defaultValues.DestinationController,
|
||||
PodAnnotations: map[string]string{},
|
||||
PodLabels: map[string]string{},
|
||||
PriorityClassName: "PriorityClassName",
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1542,7 +1541,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1554,7 +1552,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: false
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1529,7 +1528,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1541,7 +1539,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1545,7 +1544,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1557,7 +1555,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -599,6 +596,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -817,6 +815,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1667,7 +1666,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1679,7 +1677,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -599,6 +596,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -817,6 +815,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1667,7 +1666,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1679,7 +1677,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -462,8 +462,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -471,8 +469,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: true
|
||||
|
|
@ -512,6 +509,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -721,6 +719,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1471,7 +1470,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1483,7 +1481,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -532,8 +532,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -541,8 +539,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -570,6 +567,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -767,6 +765,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1515,7 +1514,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1527,7 +1525,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -532,8 +532,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -541,8 +539,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -588,6 +585,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -794,6 +792,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1642,7 +1641,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1654,7 +1652,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -532,8 +532,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -541,8 +539,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -588,6 +585,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -794,6 +792,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1647,7 +1646,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1659,7 +1657,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -532,8 +532,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -541,8 +539,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -588,6 +585,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -798,6 +796,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1654,7 +1653,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1666,7 +1664,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -527,8 +527,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 1
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -536,8 +534,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources:
|
||||
cpu:
|
||||
|
|
@ -583,6 +580,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources:
|
||||
|
|
@ -784,6 +782,7 @@ data:
|
|||
operator: In
|
||||
values:
|
||||
- enabled
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources:
|
||||
cpu:
|
||||
|
|
@ -1632,7 +1631,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1644,7 +1642,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
resources:
|
||||
limits:
|
||||
memory: "250Mi"
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1533,7 +1532,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1545,7 +1543,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -521,7 +521,15 @@ data:
|
|||
name: DebugImageName
|
||||
pullPolicy: DebugImagePullPolicy
|
||||
version: DebugVersion
|
||||
destinationController: {}
|
||||
destinationController:
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
seconds: 10
|
||||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -561,6 +569,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -739,6 +748,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1466,6 +1476,7 @@ spec:
|
|||
- -default-opaque-ports=25,443,587,3306,5432,11211
|
||||
- -enable-ipv6=true
|
||||
- -enable-pprof=false
|
||||
- --meshed-http2-client-params={"keep_alive":{"interval":{"seconds":10},"timeout":{"seconds":3},"while_idle":true}}
|
||||
image: ControllerImage:LinkerdVersion
|
||||
imagePullPolicy: ImagePullPolicy
|
||||
livenessProbe:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -531,8 +531,6 @@ data:
|
|||
maxSurge: 25%
|
||||
maxUnavailable: 25%
|
||||
destinationController:
|
||||
livenessProbe:
|
||||
timeoutSeconds: 1
|
||||
meshedHttp2ClientProtobuf:
|
||||
keep_alive:
|
||||
interval:
|
||||
|
|
@ -540,8 +538,7 @@ data:
|
|||
timeout:
|
||||
seconds: 3
|
||||
while_idle: true
|
||||
readinessProbe:
|
||||
timeoutSeconds: 1
|
||||
podAnnotations: {}
|
||||
destinationProxyResources: null
|
||||
destinationResources: null
|
||||
disableHeartBeat: false
|
||||
|
|
@ -581,6 +578,7 @@ data:
|
|||
kubeAPI:
|
||||
clientBurst: 200
|
||||
clientQPS: 100
|
||||
podAnnotations: {}
|
||||
serviceAccountTokenProjection: true
|
||||
identityProxyResources: null
|
||||
identityResources: null
|
||||
|
|
@ -790,6 +788,7 @@ data:
|
|||
values:
|
||||
- kube-system
|
||||
- cert-manager
|
||||
podAnnotations: {}
|
||||
proxyInjectorProxyResources: null
|
||||
proxyInjectorResources: null
|
||||
revisionHistoryLimit: 10
|
||||
|
|
@ -1540,7 +1539,6 @@ spec:
|
|||
path: /ping
|
||||
port: 9996
|
||||
initialDelaySeconds: 10
|
||||
timeoutSeconds: 1
|
||||
name: destination
|
||||
ports:
|
||||
- containerPort: 8086
|
||||
|
|
@ -1552,7 +1550,6 @@ spec:
|
|||
httpGet:
|
||||
path: /ready
|
||||
port: 9996
|
||||
timeoutSeconds: 1
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ type (
|
|||
LinkerdVersion string `json:"linkerdVersion"`
|
||||
RevisionHistoryLimit uint `json:"revisionHistoryLimit"`
|
||||
|
||||
DestinationController map[string]interface{} `json:"destinationController"`
|
||||
DestinationController *DestinationController `json:"destinationController"`
|
||||
Heartbeat map[string]interface{} `json:"heartbeat"`
|
||||
SPValidator map[string]interface{} `json:"spValidator"`
|
||||
|
||||
|
|
@ -102,6 +102,11 @@ type (
|
|||
PodDisruptionBudget *PodDisruptionBudget `json:"podDisruptionBudget"`
|
||||
}
|
||||
|
||||
DestinationController struct {
|
||||
MeshedHttp2ClientProtobuf map[string]interface{} `json:"meshedHttp2ClientProtobuf"`
|
||||
PodAnnotations map[string]string `json:"podAnnotations"`
|
||||
}
|
||||
|
||||
// PodDisruptionBudget contains the fields to set the PDB
|
||||
PodDisruptionBudget struct {
|
||||
MaxUnavailable int `json:"maxUnavailable"`
|
||||
|
|
@ -295,10 +300,11 @@ type (
|
|||
// Identity contains the fields to set the identity variables in the proxy
|
||||
// sidecar container
|
||||
Identity struct {
|
||||
ExternalCA bool `json:"externalCA"`
|
||||
ServiceAccountTokenProjection bool `json:"serviceAccountTokenProjection"`
|
||||
Issuer *Issuer `json:"issuer"`
|
||||
KubeAPI *KubeAPI `json:"kubeAPI"`
|
||||
ExternalCA bool `json:"externalCA"`
|
||||
ServiceAccountTokenProjection bool `json:"serviceAccountTokenProjection"`
|
||||
Issuer *Issuer `json:"issuer"`
|
||||
KubeAPI *KubeAPI `json:"kubeAPI"`
|
||||
PodAnnotations map[string]string `json:"podAnnotations"`
|
||||
|
||||
AdditionalEnv []corev1.EnvVar `json:"additionalEnv"`
|
||||
ExperimentalEnv []corev1.EnvVar `json:"experimentalEnv"`
|
||||
|
|
@ -321,8 +327,9 @@ type (
|
|||
// ProxyInjector configures the proxy-injector webhook
|
||||
ProxyInjector struct {
|
||||
Webhook
|
||||
AdditionalEnv []corev1.EnvVar `json:"additionalEnv"`
|
||||
ExperimentalEnv []corev1.EnvVar `json:"experimentalEnv"`
|
||||
PodAnnotations map[string]string `json:"podAnnotations"`
|
||||
AdditionalEnv []corev1.EnvVar `json:"additionalEnv"`
|
||||
ExperimentalEnv []corev1.EnvVar `json:"experimentalEnv"`
|
||||
}
|
||||
|
||||
// Webhook Helm variables for a webhook
|
||||
|
|
|
|||
|
|
@ -90,16 +90,15 @@ func TestNewValues(t *testing.T) {
|
|||
ServiceMirror: &PodMonitorComponent{Enabled: true},
|
||||
Proxy: &PodMonitorComponent{Enabled: true},
|
||||
},
|
||||
DestinationController: map[string]interface{}{
|
||||
"meshedHttp2ClientProtobuf": map[string]interface{}{
|
||||
DestinationController: &DestinationController{
|
||||
MeshedHttp2ClientProtobuf: map[string]interface{}{
|
||||
"keep_alive": map[string]interface{}{
|
||||
"interval": map[string]interface{}{"seconds": 10.0},
|
||||
"timeout": map[string]interface{}{"seconds": 3.0},
|
||||
"while_idle": true,
|
||||
},
|
||||
},
|
||||
"livenessProbe": map[string]interface{}{"timeoutSeconds": 1.0},
|
||||
"readinessProbe": map[string]interface{}{"timeoutSeconds": 1.0},
|
||||
PodAnnotations: map[string]string{},
|
||||
},
|
||||
SPValidator: map[string]interface{}{
|
||||
"livenessProbe": map[string]interface{}{"timeoutSeconds": 1.0},
|
||||
|
|
@ -235,6 +234,7 @@ func TestNewValues(t *testing.T) {
|
|||
ClientQPS: 100,
|
||||
ClientBurst: 200,
|
||||
},
|
||||
PodAnnotations: map[string]string{},
|
||||
},
|
||||
NodeSelector: map[string]string{
|
||||
"kubernetes.io/os": "linux",
|
||||
|
|
@ -246,7 +246,10 @@ func TestNewValues(t *testing.T) {
|
|||
},
|
||||
},
|
||||
|
||||
ProxyInjector: &ProxyInjector{Webhook: Webhook{TLS: &TLS{}, NamespaceSelector: namespaceSelectorInjector}},
|
||||
ProxyInjector: &ProxyInjector{
|
||||
Webhook: Webhook{TLS: &TLS{}, NamespaceSelector: namespaceSelectorInjector},
|
||||
PodAnnotations: map[string]string{},
|
||||
},
|
||||
ProfileValidator: &Webhook{TLS: &TLS{}, NamespaceSelector: namespaceSelectorSimple},
|
||||
PolicyValidator: &Webhook{TLS: &TLS{}, NamespaceSelector: namespaceSelectorSimple},
|
||||
Egress: &Egress{GlobalEgressNetworkNamespace: "linkerd-egress"},
|
||||
|
|
|
|||
Loading…
Reference in New Issue