983fc55abc
For mesh expansion, we need to register an ExternalWorkload's service membership. Service memberships describe which Service objects an ExternalWorkload is part of (i.e. which service can be used to route traffic to an external endpoint). Service membership will allow the control plane to discover configuration associated with an external endpoint when performing discovery on a service target. To build these memberships, we introduce a new controller to the destination service, responsible for watching Service and ExternalWorkload objects, and for writing out EndpointSlice objects for each Service that selects one or more external endpoints. As a first step, we add a new externalworkload module and a new controller in the that watches services and workloads. In a follow-up change, the ExternalEndpointManager will additionally perform the necessary reconciliation by writing EndpointSlice objects. Since Linkerd's control plane may run in HA, we also add a lease object that will be used by the manager. When a lease is claimed, a flag is turned on in the manager to let it know it may perform writes. A more compact list of changes: * Add a new externalworkload module * Add an EndpointsController in the module along with necessary mechanisms to watch resources. * Add RBAC rules to the destination service: * Allow policy and destination to read ExternalWorkload objects * Allow destination to create / update / read Lease objects --------- Signed-off-by: Matei David <matei@buoyant.io> |
||
|---|---|---|
| .devcontainer | ||
| .github | ||
| audits | ||
| bin | ||
| charts | ||
| cli | ||
| controller | ||
| grafana | ||
| jaeger | ||
| multicluster | ||
| pkg | ||
| policy-controller | ||
| policy-test | ||
| proto | ||
| proxy-identity | ||
| test | ||
| testutil | ||
| viz | ||
| web | ||
| .dockerignore | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .golangci.yml | ||
| .helmdocsignore | ||
| .markdownlint.yaml | ||
| .proxy-version | ||
| ADOPTERS.md | ||
| BUILD.md | ||
| CHANGES.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| DCO | ||
| Dockerfile-debug | ||
| Dockerfile-proxy | ||
| EXTENSIONS.md | ||
| GOVERNANCE.md | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| README.md | ||
| RELEASE.md | ||
| ROADMAP.md | ||
| SECURITY.md | ||
| STEERING.md | ||
| TEST.md | ||
| deny.toml | ||
| go.mod | ||
| go.sum | ||
| justfile | ||
| rust-toolchain.toml | ||
| tools.go | ||
README.md
Linkerd
🎈 Welcome to Linkerd! 👋
Linkerd is an ultralight, security-first service mesh for Kubernetes. Linkerd adds critical security, observability, and reliability features to your Kubernetes stack with no code change required.
Linkerd is a Cloud Native Computing Foundation (CNCF) project.
Repo layout
This is the primary repo for the Linkerd 2.x line of development.
The complete list of Linkerd repos is:
- linkerd2: Main Linkerd 2.x repo, including control plane and CLI
- linkerd2-proxy: Linkerd 2.x data plane proxy
- linkerd2-proxy-api: Linkerd 2.x gRPC API bindings
- linkerd: Linkerd 1.x
- website: linkerd.io website (including docs for 1.x and 2.x)
Quickstart and documentation
You can run Linkerd on any modern Kubernetes cluster in a matter of seconds. See the Linkerd Getting Started Guide for how.
For more comprehensive documentation, start with the Linkerd docs. (The doc source code is available in the website repo.)
Working in this repo
BUILD.md includes general information on how to work in this repo.
We ❤️ pull requests! See CONTRIBUTING.md for info on
contributing changes.
Get involved
- Join Linkerd's user mailing list, developer mailing list, and announcements mailing list.
- Follow @Linkerd on Twitter.
- Join the Linkerd Slack.
- Join us in the regular online community meetings!
Community meetings
We host regular online meetings for contributors, adopters, maintainers, and anyone else interested to connect in a synchronous fashion. These meetings usually take place the last Thursday of the month at 9am Pacific / 4pm UTC.
We're a friendly group, so please feel free to join us!
Steering Committee meetings
We host regular online meetings for the Linkerd Steering Committee. All are welcome to attend, but audio and video participation is limited to Steering Committee members and maintainers. These meetings are currently scheduled on an ad-hoc basis and announced on the linkerd-users mailing list.
Code of Conduct
This project is for everyone. We ask that our users and contributors take a few minutes to review our Code of Conduct.
Security
See SECURITY.md for our security policy, including how to report vulnerabilities.
Linkerd undergoes periodic third-party security audits and we publish the results here.
License
Copyright 2023 the Linkerd Authors. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.