Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.

cloud-native golang kubernetes linkerd rust service-mesh

Go to file

Oliver Gould ee076e225a proxy: v2.183.0 (#8869 ) This release updates the proxy to configure inbound route configurations--including authorizations and filters--via discovery from the control plane. If the controller does not yet configure routes, the proxy uses a default route. Route authorizations always extend the server's authorizations, so routes need not be defined to admit traffic. However, if a server have at least one route, only traffic that matches a route will be permitted, otherwise requests fail with a 404. If the proxy receives a router filter of an unknown type (i.e., because the controller is running a later version of the API that includes new types), then the proxy will FAIL all requests on that route with an internal server error. It's considered safer to fail hard in this case, rather than to silently ignore a configured policy that could potentially be security-sensitive. --- * build(deps): bump smallvec from 1.8.1 to 1.9.0 (linkerd/linkerd2-proxy#1795) * build(deps): bump serde_json from 1.0.81 to 1.0.82 (linkerd/linkerd2-proxy#1797) * build(deps): bump either from 1.6.1 to 1.7.0 (linkerd/linkerd2-proxy#1798) * Add an HTTP route redirect filter (linkerd/linkerd2-proxy#1799) * Add HTTP and gRPC route failure-injection filters (linkerd/linkerd2-proxy#1805) * build(deps): bump tracing-subscriber from 0.3.11 to 0.3.14 (linkerd/linkerd2-proxy#1806) * build(deps): bump pin-project from 1.0.10 to 1.0.11 (linkerd/linkerd2-proxy#1807) * build(deps): bump unicode-normalization from 0.1.20 to 0.1.21 (linkerd/linkerd2-proxy#1808) * build(deps): bump fixedbitset from 0.4.1 to 0.4.2 (linkerd/linkerd2-proxy#1809) * build(deps): bump serde from 1.0.137 to 1.0.138 (linkerd/linkerd2-proxy#1810) * build(deps): bump regex from 1.5.6 to 1.6.0 * build(deps): bump once_cell from 1.12.0 to 1.13.0 * build(deps): bump hyper from 0.14.19 to 0.14.20 (linkerd/linkerd2-proxy#1816) * add shutdown grace period timeout for graceful shutdowns (linkerd/linkerd2-proxy#1815) * dev: Update dev tooling (linkerd/linkerd2-proxy#1820) * build(deps): bump serde from 1.0.138 to 1.0.139 (linkerd/linkerd2-proxy#1819) * build(deps): bump hashbrown from 0.12.1 to 0.12.2 (linkerd/linkerd2-proxy#1818) * build(deps): bump prettyplease from 0.1.15 to 0.1.16 (linkerd/linkerd2-proxy#1821) * Revert "build(deps): bump tracing-subscriber from 0.3.11 to 0.3.14 (linkerd/linkerd2-proxy#1806)" (#1822) * Configure inbound HTTP routes via gRPC (linkerd/linkerd2-proxy#1814) Signed-off-by: Oliver Gould <ver@buoyant.io>		2022-07-13 18:37:27 -07:00
.devcontainer	Add action to lint GitHub workflows (#8737 )	2022-07-08 10:51:40 +01:00
.github	build(deps): bump actions/setup-go from 3.2.0 to 3.2.1 (#8853 )	2022-07-12 09:48:46 -06:00
audits	add Trail of Bits audit; reorganize into audits/ (#8735 )	2022-06-24 13:34:56 -07:00
bin	Revert "feat: use direct image import in policy controller tests (#8771 )" (#8813 )	2022-07-05 13:33:00 -07:00
charts	Add changes for edge-22.7.1 (#8833 )	2022-07-10 11:39:56 -06:00
cli	Unset `policyValidator.keyPEM` in `linkerd-config` (#8827 )	2022-07-07 20:53:37 -06:00
cni-plugin	Fix CNI plugin event processing (#8778 )	2022-06-30 18:04:46 +01:00
controller	Remove kube-system exclusions from watchers (#8720 )	2022-07-11 13:52:27 -06:00
grafana	Parametrized datasource in grafana dashboards, better script handling (#7603 )	2022-01-14 11:30:19 -05:00
jaeger	Allow extension deployments to be evicted by autoscaler (#8828 )	2022-07-12 10:46:31 -07:00
multicluster	Allow extension deployments to be evicted by autoscaler (#8828 )	2022-07-12 10:46:31 -07:00
pkg	Speedup `linkerd authz` by checking pod labels (#8794 )	2022-07-07 17:31:54 -06:00
policy-controller	policy: Index authorization policies with no authentications (#8865 )	2022-07-13 11:42:23 -07:00
policy-test	policy: Index authorization policies with no authentications (#8865 )	2022-07-13 11:42:23 -07:00
proto	Remove legacy upgrade and it's references (#7309 )	2021-11-29 20:08:58 +05:30
proxy-identity	Add `gosec` and `errcheck` lints (#7954 )	2022-03-03 10:09:51 -07:00
test	Use prommatch everywhere (#8674 )	2022-06-21 21:48:51 -06:00
testutil	Use prommatch everywhere (#8674 )	2022-06-21 21:48:51 -06:00
viz	Add port to helm Values (#8855 )	2022-07-13 08:22:23 -06:00
web	Upgrade to moment 2.29.4 (#8856 )	2022-07-13 06:48:31 -07:00
.dockerignore	Update to `linkerd2-proxy-api` v0.5.0 (#8229 )	2022-04-11 11:46:16 -07:00
.editorconfig	Add PodDisruptionBudgets to control plane (#5398 ) (#5406 )	2021-01-06 09:19:15 -05:00
.gitattributes	Update gitattributes to improve PR file visilibity (#6767 )	2021-08-30 14:52:53 -07:00
.gitignore	Upload code coverage of unit tests to codecov (#6321 )	2021-06-23 10:15:01 -06:00
.golangci.yml	Deprecate Gateways API and skip lints until 2.13 (#8600 )	2022-06-07 14:19:11 -06:00
.helmdocsignore	Add automatic readme generation for charts (#5316 )	2020-12-02 14:37:45 -05:00
.markdownlint.yaml	Lint all markdown files in CI (#4402 )	2020-05-19 23:03:50 -07:00
.proxy-version	proxy: v2.183.0 (#8869 )	2022-07-13 18:37:27 -07:00
ADOPTERS.md	Update ADOPTERS.md (#8648 )	2022-06-13 07:03:12 -05:00
BUILD.md	Run lint action from the devcontainer, remove bin/lint script (#7895 )	2022-02-17 14:46:57 -08:00
CHANGES.md	Fix edge heading version (#8850 )	2022-07-11 13:00:20 -07:00
CODE_OF_CONDUCT.md	Lint all markdown files (#4403 )	2020-05-19 09:59:26 -07:00
CONTRIBUTING.md	Spelling (#6215 )	2021-06-07 15:16:59 -06:00
Cargo.lock	build(deps): bump clap from 3.2.8 to 3.2.10 (#8852 )	2022-07-12 09:49:07 -06:00
Cargo.toml	Test the policy controller admission webhook (#8008 )	2022-03-07 11:53:28 -08:00
DCO	Add contributing doc and DCO file (#88 )	2017-12-22 14:54:27 -08:00
Dockerfile-debug	Update debian to bullseye (#8287 )	2022-04-19 14:25:30 -07:00
Dockerfile-proxy	Update Go to the latest 1.17 release (#8603 )	2022-06-03 08:33:21 -05:00
EXTENSIONS.md	Versioned `linkerd check` hint URLs (#6102 )	2021-05-10 13:21:15 -05:00
GOVERNANCE.md	add preamble to GOVERNANCE.md (#6008 )	2021-04-12 17:49:20 -05:00
LICENSE	Introducing Conduit, the ultralight service mesh	2017-12-05 00:24:55 +00:00
MAINTAINERS.md	Add @mateiidavid to maintainers (#6597 )	2021-08-04 09:02:47 -07:00
README.md	add godoc links to README (#8649 )	2022-06-13 07:06:01 -05:00
RELEASE.md	Add release instructions (#7574 )	2022-01-12 10:24:24 -08:00
ROADMAP.md	Update roadmap (#7413 )	2021-12-13 16:11:32 -05:00
SECURITY.md	add Trail of Bits audit; reorganize into audits/ (#8735 )	2022-06-24 13:34:56 -07:00
STEERING.md	add STEERING.md (#5607 )	2021-01-27 09:39:32 -06:00
TEST.md	Remove browser integration tests (#6583 )	2021-08-04 10:28:50 -07:00
deny.toml	Update to kube v0.72, kubert v0.7 (#8483 )	2022-05-16 10:35:08 -07:00
go.mod	build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0 (#8857 )	2022-07-13 06:48:57 -07:00
go.sum	build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0 (#8857 )	2022-07-13 06:48:57 -07:00
rust-toolchain	Update to Rust v1.60 (#8286 )	2022-04-19 14:25:54 -07:00
tools.go	Update protoc (#6333 )	2021-06-21 16:37:57 -07:00

README.md

Linkerd

🎈 Welcome to Linkerd! 👋

Linkerd is an ultralight, security-first service mesh for Kubernetes. Linkerd adds critical security, observability, and reliability features to your Kubernetes stack with no code change required.

Linkerd is a Cloud Native Computing Foundation (CNCF) project.

Repo layout

This is the primary repo for the Linkerd 2.x line of development.

The complete list of Linkerd repos is:

linkerd2: Main Linkerd 2.x repo, including control plane and CLI
linkerd2-proxy: Linkerd 2.x data plane proxy
linkerd2-proxy-api: Linkerd 2.x gRPC API bindings
linkerd: Linkerd 1.x
website: linkerd.io website (including docs for 1.x and 2.x)

Quickstart and documentation

You can run Linkerd on any modern Kubernetes cluster in a matter of seconds. See the Linkerd Getting Started Guide for how.

For more comprehensive documentation, start with the Linkerd docs. (The doc source code is available in the website repo.)

Working in this repo

BUILD.md includes general information on how to work in this repo.

We ❤️ pull requests! See CONTRIBUTING.md for info on contributing changes.

Get involved

Join Linkerd's user mailing list, developer mailing list, and announcements mailing list.
Follow @Linkerd on Twitter.
Join the Linkerd Slack.
Join us in the regular online community meetings!

Community meetings

We host regular online meetings for contributors, adopters, maintainers, and anyone else interested to connect in a synchronous fashion. These meetings usually take place the last Thursday of the month at 9am Pacific / 4pm UTC.

We're a friendly group, so please feel free to join us!

Steering Committee meetings

We host regular online meetings for the Linkerd Steering Committee. All are welcome to attend, but audio and video participation is limited to Steering Committee members and maintainers. These meetings are currently scheduled on an ad-hoc basis and announced on the linkerd-users mailing list.

Code of Conduct

This project is for everyone. We ask that our users and contributors take a few minutes to review our Code of Conduct.

Security

See SECURITY.md for our security policy, including how to report vulnerabilities.

A third party security audit was performed by Cure53 in June 2019. You can see the full report here.

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.