mirror of https://github.com/linkerd/linkerd2.git
Similarly to the `linkerd authz` command which lists all authorizations for a given resource and `linkerd viz stat` which can show metrics for policy resources, we introduce a `linkerd viz authz` command which shows metrics for server authorizations broken down by server for a given resource. It also shows the rate of unauthorized requests to each server. This is helpful for seeing a breakdown of which authorizations are being used and what proportion of traffic is being rejected. For example: ```console > linkerd viz authz -n emojivoto deploy SERVER AUTHZ SUCCESS RPS LATENCY_P50 LATENCY_P95 LATENCY_P99 emoji-grpc emoji-grpc 100.00% 1.8rps 1ms 1ms 1ms prom prom-prometheus - - - - - voting-grpc [UNAUTHORIZED] - 0.9rps - - - web-http web-public 50.00% 1.8rps 4ms 190ms 198ms ``` This shows us a few things right away: * all traffic to the emoji-grpc server is authorized by the emoji-grpc server authorization * the prom server defines a prom-prometheus server authorization, but it is not receiving any traffic * the voting-grpc server has no server authorizations, and thus all 0.9rps is getting rejected |
||
---|---|---|
.. | ||
table.go |