ba14dc3fc7
* Health check: check if proxies trust anchors match configuration If Linkerd is reinstalled or if the trust anchors are modified while proxies are running on the cluster, they will contain an outdated `LINKERD2_PROXY_IDENTITY_TRUST_ANCHORS` certificate. This changeset adds support for `linkerd check`, so it checks if there is any proxy running on the cluster, and performing the check against the configuration trust anchor. If there's a failure (considered a warning), `linkerd check` will notify the user about what pods are the offenders (and in what namespace each one is), and also a hint to remediate the issue (restarting the pods). * Add integration tests for proxy certificate check Fixes #3344 Signed-off-by: Rafael Fernández López <ereslibre@ereslibre.es> |
||
|---|---|---|
| .github | ||
| bin | ||
| charts | ||
| cli | ||
| cni-plugin | ||
| controller | ||
| grafana | ||
| pkg | ||
| proto | ||
| proxy-identity | ||
| test | ||
| testutil | ||
| web | ||
| .dockerignore | ||
| .editorconfig | ||
| .gcp.json.enc | ||
| .gitattributes | ||
| .gitignore | ||
| .golangci.yml | ||
| .proxy-version | ||
| ADOPTERS.md | ||
| BUILD.md | ||
| CHANGES.md | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| DCO | ||
| Dockerfile-base | ||
| Dockerfile-debug | ||
| Dockerfile-go-deps | ||
| Dockerfile-proxy | ||
| GOVERNANCE.md | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| README.md | ||
| SECURITY_AUDIT.pdf | ||
| TEST.md | ||
| go.mod | ||
| go.sum | ||
README.md
🎈 Welcome to Linkerd! 👋
Linkerd is a service mesh, designed to give platform-wide observability, reliability, and security without requiring configuration or code changes.
Linkerd is a Cloud Native Computing Foundation (CNCF) project.
Repo layout
This is the primary repo for the Linkerd 2.x line of development.
The complete list of Linkerd repos is:
- linkerd2: Main Linkerd 2.x repo, including control plane and CLI
- linkerd2-proxy: Linkerd 2.x data plane proxy
- linkerd2-proxy-api: Linkerd 2.x gRPC API bindings
- linkerd: Linkerd 1.x
- website: linkerd.io website (including docs for 1.x and 2.x)
Quickstart and documentation
You can run Linkerd on any Kubernetes 1.12+ cluster in a matter of seconds. See the Linkerd Getting Started Guide for how.
For more comprehensive documentation, start with the Linkerd docs. (The doc source code is available in the website repo.)
Working in this repo
BUILD.md includes general information on how to work in this repo.
We ❤️ pull requests! See CONTRIBUTING.md for info on
contributing changes.
Get involved
- Join Linkerd's user mailing list, developer mailing list, and announcements mailing list.
- Follow @linkerd on Twitter.
- Join the Linkerd Slack.
- Join us in the regular online community meetings!
Community meetings
We host regular online meetings for contributors, adopters, maintainers, and anyone else interested to connect in a synchronous fashion. These meetings take place the last Wednesday of the month at 9am Pacific / 4pm UTC.
We're a friendly group, so please feel free to join us!
Code of conduct
This project is for everyone. We ask that our users and contributors take a few minutes to review our code of conduct.
Security
Security Audit
A third party security audit was performed by Cure53. You can see the full report here.
License
Copyright 2019, Linkerd Authors. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.