Adds a ServiceAccount, ClusterRole, and ClusterRoleBinding to the conduit install output that allows the Conduit controller read access to the k8s API.
I have tested this on RBAC-enabled minikube and minikube without RBAC.
Previously every use of `BoundPort` repeated a bunch of logic.
Move the repeated logic to `BoundPort` itself. Just remove the no-op
handshaking logic; new handshaking logic will be added to `BoundPort`
when TLS is added.
Previously the default value of this setting was in lib.rs instead of
being automatically set in `Config` like all the other defaults, which
was inconsistent and confusing.
Fix this by moving the defaulting logic to `Config`.
Validated by running the test suite.
Previously the logic related to listening for incoming TCP connections
was duplicated in several places.
Begin centralizing this logic. Future commits will centralize it
further.
No validation was done other than running the test suite.
Previously `Process` did its own environment variable parsing and did
not benefit from the improved error handling that `config` now has.
Additionally, future changes will need access to these same environment
variables in other parts of the proxy.
Move `Process`'s environment variable parsing to `config` to address
both of these issues. Now there are no uses of `env::var` outside of
`config` except for logging, which is the final desired state.
I validated this manually.
* Proxy: Use production config parsing in tests
Previosuly the testing code for the proxy was sensitive to the values
of environment variables unintentionally, because `Config` looked at
the environment variables. Also, the tests were largely avoiding
testing the production configuration parsing code since they were
doing their own parsing.
Now the tests avoid looking at environment variables other than
`ENV_LOG`, which makes them more resilient. Also the tests now parse
the settings using the same code as production use uses.
I validated this manually.
Previously, as soon as we would encounter one environment variable with
an invalid value we would exit. This is frustrating behavior when
deploying to Kubernetes and there are multiple problems because the
edit-compile-test cycle is so slow.
Fix this by parsing all the environment variables and logging error
messages before exiting.
I validated this manually.
* updates to README linking to docs and getting started
* minor line break revisions
* markdown revisions and simplification
* updating line breaks and errant spaces
* updates grammar and simplifies language
* Revamp metrics processing in MetricUtils
- Try to improve documentation of functions
- Remove nested data from processed metrics - they were often duplicated data
- Split out timeseries processing from rollup processing
- Remove the 'rollup' level of nesting
- Limit the number of timeseries we fetch on the deployments page
This PR adds a configurable timeout duration after which in-flight telemetry reports are dropped, cancelling the corresponding RPC request to the control plane.
I've also made the `Timeout` implementation used in `TimeoutConnect` generic, and reused it in multiple places, including the timeout for in-flight reports.
Signed-off-by: Eliza Weisman <eliza@buoyant.io>
Fix various loose ends in the web app:
* Add Tooltip to status dots explaining color meaning
* Adjust formatting of RPS numbers
* Pass in current success rate to the HealthPane
* Fix page header styling caused by content being in wrong div
* Align the metric value for inbound SR in Health Pane
* Status Dot tweaks
* Improve rendering of status dots when there are a lot of them
* Add support for path stats in cli and web api
The cli stat command supports grouping by pod and deployment. With this
change, it will also support grouping by path, in order to facilitate a
summary stats per individual endpoint.
* Right-align numeric columns in stat output
Problem:
Simulate proxy would seemingly hang when used.
In simulate-proxy we were using rand.Uint32() to generate Count. This is way too big (in telemetry/server.go we call latencyStat.observe() Count times, so this loop was taking fovever).
Solution:
Use a count of 1 (as the surrounding loop will generate count requests)
Validation:
Script now works without hanging.
* Proxy: Improve error reporting for invalid environment variables
Previously when an environment variable had an invalid value the
process would exit with an error that did not mention which
environment variable is invalid.
Start fixing this by routing environment variable parsing through
functions that always know the name of the environment variable when
they report errors.
I validated this change manually.
* Proxy: Improve configuration URL parsing
Previously there was a bit of duplicated logic between parsing `Addr`
and `HostAndPort` values.
Factor out the common logic. In the process, improve the error
reporting in the cases where parsing fails.
We’ve built Conduit from the ground up to be the fastest, lightest,
simplest, and most secure service mesh in the world. It features an
incredibly fast and safe data plane written in Rust, a simple yet
powerful control plane written in Go, and a design that’s focused on
performance, security, and usability. Most importantly, Conduit
incorporates the many lessons we’ve learned from over 18 months of
production service mesh experience with Linkerd.
This repository contains a few tightly-related components:
- `proxy` -- an HTTP/2 proxy written in Rust;
- `controller` -- a control plane written in Go with gRPC;
- `web` -- a UI written in React, served by Go.
Alex Leong
Brian Smith
Risha Mars
Sterling White
Eliza Weisman
Kevin Lingerfelt
Franziska von der Goltz
Oliver Gould
Dennis Adjei-Baah