• Stars
    star
    1,978
  • Rank 23,438 (Top 0.5 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created over 6 years ago
  • Updated about 1 month ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A purpose-built proxy for the Linkerd service mesh. Written in Rust.

The Linkerd Proxy

linkerd2

GitHub license Slack Status

This repo contains the transparent proxy component of Linkerd2. While the Linkerd2 proxy is heavily influenced by the Linkerd 1.X proxy, it comprises an entirely new codebase implemented in the Rust programming language.

This proxy's features include:

  • Transparent, zero-config proxying for HTTP, HTTP/2, and arbitrary TCP protocols.
  • Automatic Prometheus metrics export for HTTP and TCP traffic;
  • Transparent, zero-config WebSocket proxying;
  • Automatic, latency-aware, layer-7 load balancing;
  • Automatic layer-4 load balancing for non-HTTP traffic;
  • Automatic TLS (experimental);
  • An on-demand diagnostic tap API.

This proxy is primarily intended to run on Linux in containerized environments like Kubernetes, though it may also work on other Unix-like systems (like macOS).

The proxy supports service discovery via DNS and the linkerd2 Destination gRPC API.

The Linkerd project is hosted by the Cloud Native Computing Foundation (CNCF).

Building the project

We use just-cargo which provide a thin wrapper around just and cargo.

We recommend that you use the included Dev Container to avoid setting up the complex development environment by hand.

Just

A justfile is provided to automate most build tasks. It provides the following recipes:

  • just build -- Compiles the proxy on your local system using cargo
  • just test -- Runs unit and integration tests on your local system using cargo
  • just docker -- Builds a Docker container image that can be used for testing.

Cargo

Usually, Cargo, Rust's package manager, is used to build and test this project. If you don't have Cargo installed, we suggest getting it via https://rustup.rs/.

Devcontainer

A Devcontainer is provided for use with Visual Studio Code. It includes all of the tooling needed to build and test the proxy.

Repository Structure

This project is broken into many small libraries, or crates, so that components may be compiled & tested independently. The following crate targets are especially important:

Code of conduct

This project is for everyone. We ask that our users and contributors take a few minutes to review our code of conduct.

Security

We test our code by way of fuzzing and this is described in FUZZING.md.

A third party security audit focused on fuzzing Linkerd2-proxy was performed by Ada Logics in 2021. The full report is available here.

License

linkerd2-proxy is copyright 2018 the linkerd2-proxy authors. All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

More Repositories

1

linkerd2

Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.
Go
9,729
star
2

linkerd

Old repo for Linkerd 1.x. See the linkerd2 repo for Linkerd 2.x.
Scala
5,333
star
3

linkerd-tcp

A TCP/TLS load balancer for Linkerd 1.x.
Rust
521
star
4

linkerd-examples

Examples of how to configure and run linkerd
Go
428
star
5

linkerd-viz

Top-line service metrics dashboard for Linkerd 1.
Shell
111
star
6

linkerd2-proxy-api

A service mesh for Kubernetes and beyond. gRPC API bindings repo for Linkerd 2.x.
Rust
81
star
7

tacho

A Futures-aware metrics library for recording statistics about your running system.
Rust
66
star
8

linkerd-await

A program that blocks on linkerd readiness
Rust
65
star
9

website

Source code for the linkerd.io website
JavaScript
44
star
10

linkerd2-proxy-init

Init container that sets up the iptables rules to forward traffic into the Linkerd2 sidecar proxy
Go
36
star
11

namerctl

A utility for controlling namerd
Go
30
star
12

linkerd-zipkin

linkerd telemeter plugins for writing trace data to zipkin
Scala
28
star
13

linkerd-failover

Linkerd Failover Operator
Rust
26
star
14

k8s-gateway-api-rs

Rust bindings for the Kubernetes Gateway API
Rust
22
star
15

linkerd-smi

SMI (Service Mesh Interface) extension for Linkerd 2.x
Go
22
star
16

polixy

Linkerd Policy Prototype
Rust
14
star
17

linkerd-inject

For transparent proxy injection
Go
14
star
18

drain-rs

A crate that supports graceful shutdown
Rust
11
star
19

linkerd2-mock-dst

A mock version of the Linkerd 2 Destination service, for testing purposes.
Rust
6
star
20

rfc

Architectural proposals related to Linkerd.
Shell
4
star
21

gsoc

The home of GSOC or the Linkerd project.
4
star
22

dev

Development tooling for Linkerd repositories
Dockerfile
4
star
23

linkerd2-ci-metrics

CI reports
Go
2
star
24

docs-archive

2
star
25

linkerd2-action-gcloud

Github action for configuring the gcloud CLI and optionally create/destroy GKE clusters on-demand
JavaScript
2
star
26

rustup-nightly-docker

A base docker image with rustup. Mostly for CI.
2
star
27

linkerd-extension-init

A utility for initializing Linkerd extension namespaces after installation
Rust
1
star
28

linkerd2-conformance

A Conformance Validation tool for Linkerd 2.X
Go
1
star