Note: these steps apply to Linkderd installed via Microk8s. They should be adaptable to other environments, but I don’t have other installs to test against.<\/p>\n\n\n\n
This is another possible variant to the instructions provided in the official MetalLB documentation<\/a>. There are good reasons why to use something like Nginx for ingress, as it opens up various authentication possibilities. The approach documented here is just another variant of the Kustomize approach<\/a> to change the There are 3 steps, which all have to happen in the linkerd namespace. First, create a service definition of type \n Next, output the YAML of the deployment by executing:<\/p>\n <\/p>\n <\/p>\n <\/p>\n <\/p>\n Looks for the second occurrence of the ‘enforce-hosts’ strings in the yaml file (the first is in the annotation). Alter the RegEx to the value for me. As I’m running a test instance with a client getting IP addresses via DHCP, I set this to the (insecure!) wildcard value:<\/p>\n <\/p>\n <\/p>\n <\/p>\n <\/p>\n I actually deleted deployment.apps\/linkerd-web rather than just applying the new version. Your mileage may vary here. It’s worth pointing out there is another service defined straight out of the box (service\/linkerd-web) which you don’t need to change. <\/p>\n <\/p>\n <\/p>\n I had a couple of bites at this, and at one point uninstalled and reinstalled via the microk8s command line, which seems to work very cleanly.<\/p>\n <\/p>","protected":false},"excerpt":{"rendered":" Note: these steps apply to Linkderd installed via Microk8s. They should be adaptable to other environments, but I don’t have other installs to test against. This is another possible variant to the instructions provided in the official MetalLB documentation. There … Continue reading enforced-hosts<\/code> value, but applying the change manually by a YAML rewrite.<\/p>\n\n\n\nLoadBalancer <\/code>that uses the annotations defined in pod\/linkerd-web<\/code>.<\/p>\n\n\n\n\napiVersion: v1\nkind: Service\nmetadata:\n name: linkerd-lb\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: 8084\n selector:\n linkerd.io\/control-plane-component: web\n linkerd.io\/control-plane-ns: linkerd\n type: LoadBalancer\n\n<\/pre>\n<\/p>\n\n\n
kubectl get deployment.apps\/linkerd-web -o yaml > linkerdwebdeployment.yaml<\/code><\/p>\n- -enforced-host=.*<\/code><\/p>\n