...

Text file src/github.com/linkerd/linkerd2/multicluster/charts/linkerd-multicluster/templates/service-mirror-policy.yaml

Documentation: github.com/linkerd/linkerd2/multicluster/charts/linkerd-multicluster/templates

     1---
     2apiVersion: policy.linkerd.io/v1beta2
     3kind: Server
     4metadata:
     5  namespace: {{ .Release.Namespace }}
     6  name: service-mirror
     7  labels:
     8    linkerd.io/extension: multicluster
     9    component: linkerd-service-mirror
    10    {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
    11spec:
    12  podSelector:
    13    matchLabels:
    14      component: linkerd-service-mirror
    15  port: admin-http
    16  proxyProtocol: HTTP/1
    17---
    18apiVersion: policy.linkerd.io/v1alpha1
    19kind: AuthorizationPolicy
    20metadata:
    21  namespace: {{ .Release.Namespace }}
    22  name: service-mirror
    23  labels:
    24    linkerd.io/extension: multicluster
    25    component: linkerd-service-mirror
    26    {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
    27spec:
    28  targetRef:
    29    group: policy.linkerd.io
    30    kind: Server
    31    name: service-mirror
    32  requiredAuthenticationRefs:
    33    # In order to use `linkerd mc gateways` you need viz' Prometheus instance
    34    # to be able to reach the service-mirror. In order to also have a separate
    35    # Prometheus scrape the service-mirror an additional AuthorizationPolicy
    36    # resource should be created.
    37    - kind: ServiceAccount
    38      name: prometheus
    39      namespace: linkerd-viz

View as plain text