Linkerd 2.10 (Step by Step) — Customizing Linkerd Configuration with Kustomize

The Linkerd 2.10 Chinese manual is being continuously revised and updated:

https://linkerd.hacker-linner.com

Kustomize can be used to patch the output of linkerd install in a consistent way, rather than forking the Linkerd installation and upgrade process. This allows installations to be customized to add installation-specific features.

First, save the output of install into a YAML file. This will be the base resource that Kustomize will use to patch and generate content that is added to the cluster.

 linkerd install > linkerd.yaml

When upgrading, make sure to populate this file with the contents from linkerd upgrade . With the latest kustomize versions, this can be done automatically using the exec plugin.

Next, create a kustomization.yaml file. This file will contain the instructions for Kustomize, listing the base resources and the transformations performed on those resources. Right now, this looks pretty empty:

 resources:
 - linkerd.yaml

Now, let's see how to do some example customizations.

Kustomize allows any number of patches, transforms, and generators. These examples show one modification at a time, but you can make as many modifications as you want in a single kustomization.yaml file.

Adding Priority Class

There are several components in the control plane that can benefit from being associated with a critical PriorityClass. While this configuration is not currently supported as a flag to linkerd install, it is not difficult to add using Kustomize.

First, create a file called priority-class.yaml, which will create a PriorityClass resource.

 apiVersion: scheduling.k8s.io/v1
 description: Used for critical linkerd pods that must run in the cluster, but
  can be moved to another node if necessary.
 kind: PriorityClass
 metadata:
 name : linkerd-critical
 value: 1000000000

1000000000 is the maximum value. User defined priorities are allowed, adjust accordingly.

Next, create a file called patch-priority-class.yaml which will contain the override. This override will explain what needs to be modified.

 apiVersion: apps/v1
 kind: Deployment
 metadata:
 name : linkerd-identity
 spec:
 template:
 spec:
      priorityClassName: linkerd-critical
 ---  
 apiVersion: apps/v1
 kind: Deployment
 metadata:
 name : linkerd-controller
 spec:
 template:
 spec:
      priorityClassName: linkerd-critical

Then, add this as a strategy merge option to kustomization.yaml:

 resources:
 -priority-class.yaml
 - linkerd.yaml
 patchesStrategicMerge:
 -patch-priority-class.yaml

Applying this to your cluster requires taking the output of kustomize build and piping it to kubectl apply. For example, you could run:

 kubectl kustomize build . | kubectl apply -f -

Modify Grafana configuration

Interested in enabling authentication for Grafana? You can do this with a one-time modification to the ConfigMap. Unfortunately, these changes will eventually be reverted every time a linkerd upgrade occurs. Instead, create a file called grafana.yaml and add your modifications:

 kind: ConfigMap
 apiVersion: v1
 metadata:
 name : grafana-config
 data:
 grafana.ini: |-
 instance_name = grafana 
 
 [server]
    root_url = %(protocol)s://%(domain)s:/grafana/ 
 
 [analytics]
 check_for_updates = false  

Then, add this as a strategy merge option to kustomization.yaml:

 resources:
 - linkerd.yaml
 patchesStrategicMerge:
 -grafana.yaml

Finally, apply it to your cluster by generating the YAML using kustomize build and piping the output to kubectl apply .

 kubectl kustomize build . | kubectl apply -f -

【Editor's recommendation】

1. How do you use these 7 Linux commands?
2. Perhaps this is the best Git tutorial so far.
3. A Brief Analysis of the Infrastructure of WeChat Mini Programs
4. The regret medicine is here! Detailed graphic tutorial on how to downgrade from iOS 15 to iOS 14.6
5. Popular language projects based on WebAssembly