stackoom
  简体   繁体   中英

Linkerd authorization policy without ingress

 原文  2022-06-30 04:46:36       kubernetes/ servicemesh/ linkerd

Question

I am newbie to service mesh and k8 in general.

From my understanding Linkerd does not provide it's own ingress controller. In that case, in my understanding Linkerd does not have reverse-proxy in itself. However, it can still do authorization of the request. How is this possible? Is it the control plane responsible for authorization (eg mTLS) of inbound traffic (to pod)?

1 answers

solution1
 2 ACCPTED  2022-06-30 14:50:42

You are correct that Linkerd does not provide its own ingress controller, instead pairing with whichever existing ingress controller you want. Linkerd's mTLS, authn, authz features are used for internal service-to-service / pod-to-pod communication in the cluster. So the ingress handles the first contact with out-of-cluster traffic and hands it off to Linkerd for everything internal.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to expose Linkerd dashboard via Ingress Linkerd traffic split with Nginx Ingress Controller Do I have to define an ingress per service with Linkerd? Using namerd for DNS? (Or: how to configure an nginx ingress service with Linkerd) Authorization server behind kubernetes ingress? How to expose Linkerd Viz Dashboard via Ingress AWS Application Load balancer Kubernetes on-premise Ingress traffic policy local kubernetes - Ingress network policy not working as excpected Kubernetes - Ingress network policy from other pod kubernetes ingress network policy blocking services
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM