linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2/cli/cmd/testdata/install_no_init_container.g...

934 lines
25 KiB
Plaintext
Raw Blame History

### Namespace ###
kind: Namespace
apiVersion: v1
metadata:
name: linkerd
### Service Account Controller ###
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: linkerd-controller
namespace: linkerd
### Controller RBAC ###
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: linkerd-linkerd-controller
rules:
- apiGroups: ["extensions", "apps"]
resources: ["daemonsets", "deployments", "replicasets", "statefulsets"]
verbs: ["list", "get", "watch"]
- apiGroups: [""]
resources: ["pods", "endpoints", "services", "replicationcontrollers", "namespaces"]
verbs: ["list", "get", "watch"]
- apiGroups: ["linkerd.io"]
resources: ["serviceprofiles"]
verbs: ["list", "get", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: linkerd-linkerd-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: linkerd-linkerd-controller
subjects:
- kind: ServiceAccount
name: linkerd-controller
namespace: linkerd
### Service Account Prometheus ###
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: linkerd-prometheus
namespace: linkerd
### Prometheus RBAC ###
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: linkerd-linkerd-prometheus
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: linkerd-linkerd-prometheus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: linkerd-linkerd-prometheus
subjects:
- kind: ServiceAccount
name: linkerd-prometheus
namespace: linkerd
### Controller ###
---
kind: Service
apiVersion: v1
metadata:
name: linkerd-controller-api
namespace: linkerd
labels:
linkerd.io/control-plane-component: controller
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
type: ClusterIP
selector:
linkerd.io/control-plane-component: controller
ports:
- name: http
port: 8085
targetPort: 8085
---
kind: Service
apiVersion: v1
metadata:
name: linkerd-destination
namespace: linkerd
labels:
linkerd.io/control-plane-component: controller
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
type: ClusterIP
selector:
linkerd.io/control-plane-component: controller
ports:
- name: grpc
port: 8086
targetPort: 8086
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: controller
name: linkerd-controller
namespace: linkerd
spec:
replicas: 1
strategy: {}
template:
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
linkerd.io/proxy-version: dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: controller
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-controller
spec:
containers:
- args:
- public-api
- -prometheus-url=http://linkerd-prometheus.linkerd.svc.cluster.local:9090
- -controller-namespace=linkerd
- -single-namespace=false
- -log-level=info
image: gcr.io/linkerd-io/controller:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /ping
port: 9995
initialDelaySeconds: 10
name: public-api
ports:
- containerPort: 8085
name: http
- containerPort: 9995
name: admin-http
readinessProbe:
failureThreshold: 7
httpGet:
path: /ready
port: 9995
resources: {}
securityContext:
runAsUser: 2103
- args:
- destination
- -addr=:8086
- -controller-namespace=linkerd
- -single-namespace=false
- -enable-tls=false
- -enable-h2-upgrade=true
- -log-level=info
image: gcr.io/linkerd-io/controller:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /ping
port: 9996
initialDelaySeconds: 10
name: destination
ports:
- containerPort: 8086
name: grpc
- containerPort: 9996
name: admin-http
readinessProbe:
failureThreshold: 7
httpGet:
path: /ready
port: 9996
resources: {}
securityContext:
runAsUser: 2103
- args:
- tap
- -controller-namespace=linkerd
- -single-namespace=false
- -log-level=info
image: gcr.io/linkerd-io/controller:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /ping
port: 9998
initialDelaySeconds: 10
name: tap
ports:
- containerPort: 8088
name: grpc
- containerPort: 9998
name: admin-http
readinessProbe:
failureThreshold: 7
httpGet:
path: /ready
port: 9998
resources: {}
securityContext:
runAsUser: 2103
- env:
- name: LINKERD2_PROXY_LOG
value: warn,linkerd2_proxy=info
- name: LINKERD2_PROXY_CONTROL_URL
value: tcp://localhost.:8086
- name: LINKERD2_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: LINKERD2_PROXY_METRICS_LISTENER
value: tcp://0.0.0.0:4191
- name: LINKERD2_PROXY_OUTBOUND_LISTENER
value: tcp://127.0.0.1:4140
- name: LINKERD2_PROXY_INBOUND_LISTENER
value: tcp://0.0.0.0:4143
- name: LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
value: .
- name: LINKERD2_PROXY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LINKERD2_PROXY_INBOUND_ACCEPT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_OUTBOUND_CONNECT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_ID
value: linkerd-controller.deployment.$LINKERD2_PROXY_POD_NAMESPACE.linkerd-managed.linkerd.svc.cluster.local
image: gcr.io/linkerd-io/proxy:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
name: linkerd-proxy
ports:
- containerPort: 4143
name: linkerd-proxy
- containerPort: 4191
name: linkerd-metrics
readinessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
resources: {}
securityContext:
runAsUser: 2102
terminationMessagePolicy: FallbackToLogsOnError
serviceAccountName: linkerd-controller
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: serviceprofiles.linkerd.io
namespace: linkerd
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
group: linkerd.io
version: v1alpha1
scope: Namespaced
names:
plural: serviceprofiles
singular: serviceprofile
kind: ServiceProfile
shortNames:
- sp
validation:
openAPIV3Schema:
properties:
spec:
required:
- routes
properties:
retryBudget:
required:
- minRetriesPerSecond
- retryRatio
- ttl
type: object
properties:
minRetriesPerSecond:
type: integer
retryRatio:
type: number
ttl:
type: string
routes:
type: array
items:
type: object
required:
- name
- condition
properties:
name:
type: string
timeout:
type: string
condition:
type: object
minProperties: 1
properties:
method:
type: string
pathRegex:
type: string
all:
type: array
items:
type: object
any:
type: array
items:
type: object
not:
type: object
responseClasses:
type: array
items:
type: object
required:
- condition
properties:
isFailure:
type: boolean
condition:
type: object
properties:
status:
type: object
minProperties: 1
properties:
min:
type: integer
minimum: 100
maximum: 599
max:
type: integer
minimum: 100
maximum: 599
all:
type: array
items:
type: object
any:
type: array
items:
type: object
not:
type: object
### Service Account Web ###
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: linkerd-web
namespace: linkerd
### Web ###
---
kind: Service
apiVersion: v1
metadata:
name: linkerd-web
namespace: linkerd
labels:
linkerd.io/control-plane-component: web
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
type: ClusterIP
selector:
linkerd.io/control-plane-component: web
ports:
- name: http
port: 8084
targetPort: 8084
- name: admin-http
port: 9994
targetPort: 9994
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: web
name: linkerd-web
namespace: linkerd
spec:
replicas: 1
strategy: {}
template:
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
linkerd.io/proxy-version: dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: web
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-web
spec:
containers:
- args:
- -api-addr=linkerd-controller-api.linkerd.svc.cluster.local:8085
- -grafana-addr=linkerd-grafana.linkerd.svc.cluster.local:3000
- -uuid=deaab91a-f4ab-448a-b7d1-c832a2fa0a60
- -controller-namespace=linkerd
- -single-namespace=false
- -log-level=info
image: gcr.io/linkerd-io/web:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /ping
port: 9994
initialDelaySeconds: 10
name: web
ports:
- containerPort: 8084
name: http
- containerPort: 9994
name: admin-http
readinessProbe:
failureThreshold: 7
httpGet:
path: /ready
port: 9994
resources: {}
securityContext:
runAsUser: 2103
- env:
- name: LINKERD2_PROXY_LOG
value: warn,linkerd2_proxy=info
- name: LINKERD2_PROXY_CONTROL_URL
value: tcp://linkerd-destination.linkerd.svc.cluster.local:8086
- name: LINKERD2_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: LINKERD2_PROXY_METRICS_LISTENER
value: tcp://0.0.0.0:4191
- name: LINKERD2_PROXY_OUTBOUND_LISTENER
value: tcp://127.0.0.1:4140
- name: LINKERD2_PROXY_INBOUND_LISTENER
value: tcp://0.0.0.0:4143
- name: LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
value: .
- name: LINKERD2_PROXY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LINKERD2_PROXY_INBOUND_ACCEPT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_OUTBOUND_CONNECT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_ID
value: linkerd-web.deployment.$LINKERD2_PROXY_POD_NAMESPACE.linkerd-managed.linkerd.svc.cluster.local
image: gcr.io/linkerd-io/proxy:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
name: linkerd-proxy
ports:
- containerPort: 4143
name: linkerd-proxy
- containerPort: 4191
name: linkerd-metrics
readinessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
resources: {}
securityContext:
runAsUser: 2102
terminationMessagePolicy: FallbackToLogsOnError
serviceAccountName: linkerd-web
status: {}
---
kind: Service
apiVersion: v1
metadata:
name: linkerd-prometheus
namespace: linkerd
labels:
linkerd.io/control-plane-component: prometheus
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
type: ClusterIP
selector:
linkerd.io/control-plane-component: prometheus
ports:
- name: admin-http
port: 9090
targetPort: 9090
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: prometheus
name: linkerd-prometheus
namespace: linkerd
spec:
replicas: 1
strategy: {}
template:
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
linkerd.io/proxy-version: dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: prometheus
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-prometheus
spec:
containers:
- args:
- --storage.tsdb.path=/data
- --storage.tsdb.retention=6h
- --config.file=/etc/prometheus/prometheus.yml
image: prom/prometheus:v2.7.1
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /-/healthy
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
name: prometheus
ports:
- containerPort: 9090
name: admin-http
readinessProbe:
httpGet:
path: /-/ready
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
resources: {}
securityContext:
runAsUser: 65534
volumeMounts:
- mountPath: /data
name: data
- mountPath: /etc/prometheus
name: prometheus-config
readOnly: true
- env:
- name: LINKERD2_PROXY_LOG
value: warn,linkerd2_proxy=info
- name: LINKERD2_PROXY_CONTROL_URL
value: tcp://linkerd-destination.linkerd.svc.cluster.local:8086
- name: LINKERD2_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: LINKERD2_PROXY_METRICS_LISTENER
value: tcp://0.0.0.0:4191
- name: LINKERD2_PROXY_OUTBOUND_LISTENER
value: tcp://127.0.0.1:4140
- name: LINKERD2_PROXY_INBOUND_LISTENER
value: tcp://0.0.0.0:4143
- name: LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
value: .
- name: LINKERD2_PROXY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LINKERD2_PROXY_INBOUND_ACCEPT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_OUTBOUND_CONNECT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_ID
value: linkerd-prometheus.deployment.$LINKERD2_PROXY_POD_NAMESPACE.linkerd-managed.linkerd.svc.cluster.local
- name: LINKERD2_PROXY_OUTBOUND_ROUTER_CAPACITY
value: "10000"
image: gcr.io/linkerd-io/proxy:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
name: linkerd-proxy
ports:
- containerPort: 4143
name: linkerd-proxy
- containerPort: 4191
name: linkerd-metrics
readinessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
resources: {}
securityContext:
runAsUser: 2102
terminationMessagePolicy: FallbackToLogsOnError
serviceAccountName: linkerd-prometheus
volumes:
- emptyDir: {}
name: data
- configMap:
name: linkerd-prometheus-config
name: prometheus-config
status: {}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: linkerd-prometheus-config
namespace: linkerd
labels:
linkerd.io/control-plane-component: prometheus
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
data:
prometheus.yml: |-
global:
scrape_interval: 10s
scrape_timeout: 10s
evaluation_interval: 10s
rule_files:
- /etc/prometheus/*_rules.yml
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'grafana'
kubernetes_sd_configs:
- role: pod
namespaces:
names: ['linkerd']
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_container_name
action: keep
regex: ^grafana$
- job_name: 'linkerd-controller'
kubernetes_sd_configs:
- role: pod
namespaces:
names: ['linkerd']
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_label_linkerd_io_control_plane_component
- __meta_kubernetes_pod_container_port_name
action: keep
regex: (.*);admin-http$
- source_labels: [__meta_kubernetes_pod_container_name]
action: replace
target_label: component
- job_name: 'linkerd-proxy'
kubernetes_sd_configs:
- role: pod
relabel_configs:
- source_labels:
- __meta_kubernetes_pod_container_name
- __meta_kubernetes_pod_container_port_name
- __meta_kubernetes_pod_label_linkerd_io_control_plane_ns
action: keep
regex: ^linkerd-proxy;linkerd-metrics;linkerd$
- source_labels: [__meta_kubernetes_namespace]
action: replace
target_label: namespace
- source_labels: [__meta_kubernetes_pod_name]
action: replace
target_label: pod
# special case k8s' "job" label, to not interfere with prometheus' "job"
# label
# __meta_kubernetes_pod_label_linkerd_io_proxy_job=foo =>
# k8s_job=foo
- source_labels: [__meta_kubernetes_pod_label_linkerd_io_proxy_job]
action: replace
target_label: k8s_job
# drop __meta_kubernetes_pod_label_linkerd_io_proxy_job
- action: labeldrop
regex: __meta_kubernetes_pod_label_linkerd_io_proxy_job
# __meta_kubernetes_pod_label_linkerd_io_proxy_deployment=foo =>
# deployment=foo
- action: labelmap
regex: __meta_kubernetes_pod_label_linkerd_io_proxy_(.+)
# drop all labels that we just made copies of in the previous labelmap
- action: labeldrop
regex: __meta_kubernetes_pod_label_linkerd_io_proxy_(.+)
# __meta_kubernetes_pod_label_linkerd_io_foo=bar =>
# foo=bar
- action: labelmap
regex: __meta_kubernetes_pod_label_linkerd_io_(.+)
### Service Account Grafana ###
---
kind: ServiceAccount
apiVersion: v1
metadata:
name: linkerd-grafana
namespace: linkerd
### Grafana ###
---
kind: Service
apiVersion: v1
metadata:
name: linkerd-grafana
namespace: linkerd
labels:
linkerd.io/control-plane-component: grafana
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
spec:
type: ClusterIP
selector:
linkerd.io/control-plane-component: grafana
ports:
- name: http
port: 3000
targetPort: 3000
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: grafana
name: linkerd-grafana
namespace: linkerd
spec:
replicas: 1
strategy: {}
template:
metadata:
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
linkerd.io/proxy-version: dev-undefined
creationTimestamp: null
labels:
linkerd.io/control-plane-component: grafana
linkerd.io/control-plane-ns: linkerd
linkerd.io/proxy-deployment: linkerd-grafana
spec:
containers:
- env:
- name: GF_PATHS_DATA
value: /data
image: gcr.io/linkerd-io/grafana:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /api/health
port: 3000
initialDelaySeconds: 30
name: grafana
ports:
- containerPort: 3000
name: http
readinessProbe:
httpGet:
path: /api/health
port: 3000
resources: {}
securityContext:
runAsUser: 472
volumeMounts:
- mountPath: /data
name: data
- mountPath: /etc/grafana
name: grafana-config
readOnly: true
- env:
- name: LINKERD2_PROXY_LOG
value: warn,linkerd2_proxy=info
- name: LINKERD2_PROXY_CONTROL_URL
value: tcp://linkerd-destination.linkerd.svc.cluster.local:8086
- name: LINKERD2_PROXY_CONTROL_LISTENER
value: tcp://0.0.0.0:4190
- name: LINKERD2_PROXY_METRICS_LISTENER
value: tcp://0.0.0.0:4191
- name: LINKERD2_PROXY_OUTBOUND_LISTENER
value: tcp://127.0.0.1:4140
- name: LINKERD2_PROXY_INBOUND_LISTENER
value: tcp://0.0.0.0:4143
- name: LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
value: .
- name: LINKERD2_PROXY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LINKERD2_PROXY_INBOUND_ACCEPT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_OUTBOUND_CONNECT_KEEPALIVE
value: 10000ms
- name: LINKERD2_PROXY_ID
value: linkerd-grafana.deployment.$LINKERD2_PROXY_POD_NAMESPACE.linkerd-managed.linkerd.svc.cluster.local
image: gcr.io/linkerd-io/proxy:dev-undefined
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
name: linkerd-proxy
ports:
- containerPort: 4143
name: linkerd-proxy
- containerPort: 4191
name: linkerd-metrics
readinessProbe:
httpGet:
path: /metrics
port: 4191
initialDelaySeconds: 10
resources: {}
securityContext:
runAsUser: 2102
terminationMessagePolicy: FallbackToLogsOnError
serviceAccountName: linkerd-grafana
volumes:
- emptyDir: {}
name: data
- configMap:
items:
- key: grafana.ini
path: grafana.ini
- key: datasources.yaml
path: provisioning/datasources/datasources.yaml
- key: dashboards.yaml
path: provisioning/dashboards/dashboards.yaml
name: linkerd-grafana-config
name: grafana-config
status: {}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: linkerd-grafana-config
namespace: linkerd
labels:
linkerd.io/control-plane-component: grafana
annotations:
linkerd.io/created-by: linkerd/cli dev-undefined
data:
grafana.ini: |-
instance_name = linkerd-grafana
[server]
root_url = %(protocol)s://%(domain)s:/grafana/
[auth]
disable_login_form = true
[auth.anonymous]
enabled = true
org_role = Editor
[auth.basic]
enabled = false
[analytics]
check_for_updates = false
datasources.yaml: |-
apiVersion: 1
datasources:
- name: prometheus
type: prometheus
access: proxy
orgId: 1
url: http://linkerd-prometheus.linkerd.svc.cluster.local:9090
isDefault: true
jsonData:
timeInterval: "5s"
version: 1
editable: true
dashboards.yaml: |-
apiVersion: 1
providers:
- name: 'default'
orgId: 1
folder: ''
type: file
disableDeletion: true
editable: true
options:
path: /var/lib/grafana/dashboards
homeDashboardId: linkerd-top-line
---
Reference in New Issue View Git Blame Copy Permalink