Linkerd

Hub

linkerd2: Linkerd gives you observability, reliability, and security for your microservices — with no code change required.

— Open in Artifact Hub

Certificates and keys

Use a script ./hack/scripts/linkerd-certificates.sh. Ex for Homelab:

STEP=step-cli ./hack/scripts/linkerd-certificates.sh k3sh omelab                                                                                                                                                  Generate secrets into: .secrets/k3s/homelab/linkerd
Trust anchor certificate
✔ Would you like to overwrite .secrets/k3s/homelab/linkerd/ca.crt [y/n]: y
Your certificate has been saved in .secrets/k3s/homelab/linkerd/ca.crt.: y
Your private key has been saved in .secrets/k3s/homelab/linkerd/ca.key.
Issuer certificate and key
✔ Would you like to overwrite .secrets/k3s/homelab/linkerd/issuer.key [y/n]: y
✔ Would you like to overwrite .secrets/k3s/homelab/linkerd/issuer.crt [y/n]: y
Your certificate has been saved in .secrets/k3s/homelab/linkerd/issuer.crt.
Your private key has been saved in .secrets/k3s/homelab/linkerd/issuer.key.
Create Kubernetes secret

Encrypt using Sops and update manifests:

❯ make sops-encrypt ENV=homelab CLOUD=k3s FILE=secrets.yaml
❯ mv secrets.yaml ./kubernetes/overlays/k3s/homelab/linkerd/linkerd/certificates.yaml

Gitops

Last modified 11.10.2021: Update: components versions (7f9dcd0)