Customizing Installation

Instead of forking the Linkerd install and upgrade process,Kustomize can be used to patch the output of linkerd install in a consistent way. This allows customization of the install to addfunctionality specific to installations.

To get started, save the output of install to a YAML file. This will be thebase resource that Kustomize uses to patch and generate what is added to yourcluster.

  1. linkerd install > linkerd.yaml

NoteWhen upgrading, make sure you populate this file with the content from linkerd upgrade. Using the latest kustomize releases, it would be possible toautomate this with an execplugin.

Next, create a kustomization.yaml file. This file will contain theinstructions for Kustomze listing the base resources and the transformations todo on those resources. Right now, this looks pretty empty:

  1. resources:
  2. - linkerd.yaml

Now, let's look at how to do some example customizations.

NoteKustomize allows as many patches, transforms and generators as you'd like. Theseexamples show modifications one at a time but it is possible to do as many asrequired in a single kustomization.yaml file.

Add PriorityClass

There are a couple components in the control plane that can benefit from beingassociated with a critical PriorityClass. While this configuration isn'tcurrently supported as a flag to linkerd install, it is not hard to add byusing Kustomize.

First, create a file named priority-class.yaml that will create define aPriorityClass resource.

  1. apiVersion: scheduling.k8s.io/v1
  2. description: Used for critical linkerd pods that must run in the cluster, but
  3. can be moved to another node if necessary.
  4. kind: PriorityClass
  5. metadata:
  6. name: linkerd-critical
  7. value: 1000000000

Note1000000000 is the max. allowed user-defined priority, adjustaccordingly.

Next, create a file named patch-priority-class.yaml that will contain theoverlay. This overlay will explain what needs to be modified.

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4. name: linkerd-identity
  5. spec:
  6. template:
  7. spec:
  8. priorityClassName: linkerd-critical
  9. ---
  10. apiVersion: apps/v1
  11. kind: Deployment
  12. metadata:
  13. name: linkerd-controller
  14. spec:
  15. template:
  16. spec:
  17. priorityClassName: linkerd-critical

Then, add this as a strategic merge option to kustomization.yaml:

  1. resources:
  2. - priority-class.yaml
  3. - linkerd.yaml
  4. patchesStrategicMerge:
  5. - patch-priority-class.yaml

Applying this to your cluster requires taking the output of kustomize buildand piping it to kubectl apply. For example you can run:

  1. kubectl kustomize build . | kubectl apply -f -

Modify Grafana Configuration

Interested in enabling authentication for Grafana? It is possible tomodify the ConfigMap as a one off to do this. Unfortunately, the changes willend up being reverted every time linkerd upgrade happens. Instead, create afile named grafana.yaml and add your modifications:

  1. kind: ConfigMap
  2. apiVersion: v1
  3. metadata:
  4. name: linkerd-grafana-config
  5. data:
  6. grafana.ini: |-
  7. instance_name = linkerd-grafana
  8. [server]
  9. root_url = %(protocol)s://%(domain)s:/grafana/
  10. [analytics]
  11. check_for_updates = false

Then, add this as a strategic merge option to kustomization.yaml:

  1. resources:
  2. - linkerd.yaml
  3. patchesStrategicMerge:
  4. - grafana.yaml

Finally, apply this to your cluster by generating YAML with kustomize buildand piping the output to kubectl apply.

  1. kubectl kustomize build . | kubectl apply -f -