...
1---
2apiVersion: policy.linkerd.io/v1beta2
3kind: Server
4metadata:
5 namespace: {{ .Release.Namespace }}
6 name: service-mirror
7 labels:
8 linkerd.io/extension: multicluster
9 component: linkerd-service-mirror
10 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
11spec:
12 podSelector:
13 matchLabels:
14 component: linkerd-service-mirror
15 port: admin-http
16 proxyProtocol: HTTP/1
17---
18apiVersion: policy.linkerd.io/v1alpha1
19kind: AuthorizationPolicy
20metadata:
21 namespace: {{ .Release.Namespace }}
22 name: service-mirror
23 labels:
24 linkerd.io/extension: multicluster
25 component: linkerd-service-mirror
26 {{- with .Values.commonLabels }}{{ toYaml . | trim | nindent 4 }}{{- end }}
27spec:
28 targetRef:
29 group: policy.linkerd.io
30 kind: Server
31 name: service-mirror
32 requiredAuthenticationRefs:
33 # In order to use `linkerd mc gateways` you need viz' Prometheus instance
34 # to be able to reach the service-mirror. In order to also have a separate
35 # Prometheus scrape the service-mirror an additional AuthorizationPolicy
36 # resource should be created.
37 - kind: ServiceAccount
38 name: prometheus
39 namespace: linkerd-viz
View as plain text