mirror of https://github.com/linkerd/linkerd2.git
983fc55abc
For mesh expansion, we need to register an ExternalWorkload's service membership. Service memberships describe which Service objects an ExternalWorkload is part of (i.e. which service can be used to route traffic to an external endpoint). Service membership will allow the control plane to discover configuration associated with an external endpoint when performing discovery on a service target. To build these memberships, we introduce a new controller to the destination service, responsible for watching Service and ExternalWorkload objects, and for writing out EndpointSlice objects for each Service that selects one or more external endpoints. As a first step, we add a new externalworkload module and a new controller in the that watches services and workloads. In a follow-up change, the ExternalEndpointManager will additionally perform the necessary reconciliation by writing EndpointSlice objects. Since Linkerd's control plane may run in HA, we also add a lease object that will be used by the manager. When a lease is claimed, a flag is turned on in the manager to let it know it may perform writes. A more compact list of changes: * Add a new externalworkload module * Add an EndpointsController in the module along with necessary mechanisms to watch resources. * Add RBAC rules to the destination service: * Allow policy and destination to read ExternalWorkload objects * Allow destination to create / update / read Lease objects --------- Signed-off-by: Matei David <matei@buoyant.io> |
||
|---|---|---|
| .. | ||
| destination | ||
| util | ||