linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2/controller/proxy-injector/fake/data
History
Oliver Gould 7cc5e5c646
multicluster: Use the proxy as an HTTP gateway (#4528) 
This change modifies the linkerd-gateway component to use the inbound
proxy, rather than nginx, for gateway. This allows us to detect loops and
propagate identity through the gateway.

This change also cleans up port naming to `mc-gateway` and `mc-probe`
to resolve conflicts with Kubernetes validation.

---

* proxy: v2.99.0

The proxy can now operate as gateway, routing requests from its inbound
proxy to the outbound proxy, without passing the requests to a local
application. This supports Linkerd's multicluster feature by adding a
`Forwarded` header to propagate the original client identity and assist
in loop detection.

---

* Add loop detection to inbound & TCP forwarding (linkerd/linkerd2-proxy#527)
* Test loop detection (linkerd/linkerd2-proxy#532)
* fallback: Unwrap errors recursively (linkerd/linkerd2-proxy#534)
* app: Split inbound/outbound constructors into components (linkerd/linkerd2-proxy#533)
* Introduce a gateway between inbound and outbound (linkerd/linkerd2-proxy#540)
* gateway: Add a Forwarded header (linkerd/linkerd2-proxy#544)
* gateway: Return errors instead of responses (linkerd/linkerd2-proxy#547)
* Fail requests that loop through the gateway (linkerd/linkerd2-proxy#545)

* inject: Support config.linkerd.io/enable-gateway

This change introduces a new annotation,
config.linkerd.io/enable-gateway, that, when set, enables the proxy to
act as a gateway, routing all traffic targetting the inbound listener
through the outbound proxy.

This also removes the nginx default listener and gateway port of 4180,
instead using 4143 (the inbound port).

* proxy: v2.100.0

This change modifies the inbound gateway caching so that requests may be
routed to multiple leaves of a traffic split.

---

* inbound: Do not cache gateway services (linkerd/linkerd2-proxy#549)
 		2020-06-02 19:37:14 -07:00
..
deployment-inject-disabled.yaml Add pod spec annotation to disable injection in CLI and auto-injector (#2187) 2019-02-01 16:57:06 -08:00
deployment-with-injected-proxy.yaml Proxy init and sidecar containers auto-injection (#1714) 2018-10-10 12:09:22 -07:00
inject-init-container-spec.yaml Remove runAsGroup field from security context settings (#1986) 2018-12-13 15:12:13 -08:00
inject-linkerd-secrets-volume-spec.yaml Have the Webhook react to pod creation/update only (#2472) 2019-03-26 11:53:56 -05:00
inject-sidecar-container-spec.yaml multicluster: Use the proxy as an HTTP gateway (#4528) 2020-06-02 19:37:14 -07:00
namespace-inject-disabled.yaml Update auto-injector to require opt-in by namespace or pod (#2209) 2019-02-06 17:37:14 -08:00
namespace-inject-enabled.yaml Update auto-injector to require opt-in by namespace or pod (#2209) 2019-02-06 17:37:14 -08:00
pod-inject-empty.yaml Enhance webhook unit tests by checking returned JSON patch (#2615) 2019-04-03 15:39:27 -05:00
pod-inject-enabled.yaml Enhance webhook unit tests by checking returned JSON patch (#2615) 2019-04-03 15:39:27 -05:00
pod-with-debug-disabled.yaml Fix issue for debug containers when using custom Docker registry (#3873) 2020-01-17 10:18:03 -08:00
pod-with-debug-enabled.yaml Fix issue for debug containers when using custom Docker registry (#3873) 2020-01-17 10:18:03 -08:00
pod-with-debug.patch.json multicluster: Use the proxy as an HTTP gateway (#4528) 2020-06-02 19:37:14 -07:00
pod.patch.json multicluster: Use the proxy as an HTTP gateway (#4528) 2020-06-02 19:37:14 -07:00