In this chapter, we will install the Linkerd command-line interface (CLI) and then install the control plane. We will install a demo application and inject a Linkerd sidecar proxy after it is connected to show you how to enable a sidecar proxy for existing applications. Then, we will install the nginx ingress controller and create an Ingress route to access this microservice from outside the Kubernetes cluster. We will install Buoyant's booksapp microservice and enable automatic sidecar injection so that proxies get injected while a new application is being installed. Then, we'll create an Ingress rule to route the traffic to the booksapp microservice.

In a nutshell, we will cover the following topics in this chapter:

• Installing Linkerd's CLI using the latest version
• Installing the control plane
• Defining cluster-wide roles and permissions
• Validating...

To complete the exercises in this chapter, you will need the following:

• A Windows 10/Apple MacBook, as per the minimum configurations requirement
• A Kubernetes environment
• Internet access to your host machine in order to download applications in the VM running Kubernetes

For detailed information regarding the installation of Kubernetes, please refer to Chapter 6, Building Your Own Kubernetes Environment. The scripts that are used for the Linkerd section of this book are managed at https://github.com/servicemeshbook/linkerd.

Check if the keepalived pods are showing a READY 1/1 state and that the STATUS is Running:

$ kubectl -n keepalived get pods

The scripts that are used for Linkerd are available at https://github.com/servicemeshbook/linkerd. Let's clone the git repository...

Installing Linkerd is simple and easy to do in a Kubernetes cluster. It begins with the installation of the Linkerd CLI, which is used to install Linkerd in a Kubernetes environment. At the time of writing, Linkerd 2.6.0 is the latest stable version, and we will use this version so that we're consistent with the exercises that we will be performing to understand and learn about Linkerd. Follow these steps to install Linkerd:

1. Visit https://github.com/linkerd/linkerd2/releases to check the latest releases of Linkerd.
2. Run the following command to list the Linkerd releases:

$ curl -Ls https://api.github.com/repos/linkerd/linkerd2/releases | grep tag_name

You will see stable-2.6.0 release in the list, and that is what we will use in this chapter to install Linkerd.

3. Run the following command to install the Linkerd CLI in the VM environment:

$ cd ...

The service mesh technology is evolving fast, and Linkerd has an aggressive release schedule for rolling out new changes. Linkerd has two channels for their releases: stable releases for production, and edge releases. Edge releases have new features and functions, and they roll up in a stable release on maturity.

We will only use stable releases in this book. By the time you read this book, there may be a new stable release already out there. The scripts that will be used in this section of this book will be regularly updated so that they correspond to the new releases of Linkerd. Please refer to https://github.com/servicemeshbook/linkerd for the updated scripts. However, we suggest that you select the version of Linkerd that's being used in this chapter so that everything's consistent with the hands-on exercises.

Now, we will install the Linkerd...

Linkerd relies on the Ingress controller through your Kubernetes provider. In our case, we are using the bare-minimum Kubernetes cluster to keep resource consumption at a minimum so that we can perform the hands-on exercises. Let's get started:

1. Now, we can install the nginx Ingress controller in our cluster using Helm chart at https://github.com/nginxinc/kubernetes-ingress/tree/v1.5.3/deployments/helm-chart:

$ helm repo add nginx-stable https://helm.nginx.com/stable
"nginx-stable" has been added to your repositories

$ helm repo update

$ helm install nginx-stable/nginx-ingress --name nginx --namespace kube-system \
--set fullnameOverride=nginx \
--set controller.name=nginx-controller \
--set controller.config.name=nginx-config \
--set controller.service.name=nginx-controller \
--set controller.serviceAccount.name=nginx
<<removed>>
NOTES:
The NGINX...

There are multiple ways to access the management UI. The preferred method is to use the Linkerd dashboard. This will open a tunnel between the localhost and the Kubernetes cluster. You can access the Linkerd dashboard using a port. Let's take a look:

1. Access the dashboard by running the following command:

$ linkerd dashboard
Linkerd dashboard available at:
http://localhost:50750
Grafana dashboard available at:
http://localhost:50750/grafana
Opening Linkerd dashboard in the default browser
START /usr/bin/google-chrome-stable "http://localhost:50750"

Visit http://localhost:50750 in your browser to view the dashboard

The Linkerd dashboard will open in the browser using http://localhost:50750. We will learn how to access this dashboard later. Now, press Ctrl+ C to stop this proxy.

2. Check if the Ingress is working:

$ curl -s -H "Host:...

Linkerd provides a demo emojivoto application that can be used to explore the capabilities of Linkerd. This app is installed in the emojivoto namespace. We will grant the cluster_admin role to it, like so:

$ kubectl create clusterrolebinding emojivoto-cluster-role-binding \
--clusterrole=cluster-admin --group=system:serviceaccounts:emojivoto
clusterrolebinding.rbac.authorization.k8s.io/emojivoto-cluster-role-binding created

In the following subsection, we will install this demo emojivoto application.

To install the demo emojivoto application, follow these steps:

1. Deploy the emojivoto application through its YAML file:

$ curl -Ls https://run.linkerd.io/emojivoto...

In this chapter, we looked at Linkerd, which provides a very smooth and easy install process. Linkerd is an attractive option in certain environments as a service mesh. Linkerd provides the Linkerd CLI, which runs on either Linux, Windows, or MacBook to offer an easy way for us to install its control plane if we only have kubectl access to the remote Kubernetes cluster.

Automatic sidecar injection through the admission webhook controller allows us to easily place all the already deployed applications into a service mesh data plane. The web dashboard of Linkerd provides instant insights into the control and data planes. Linkerd relies upon an external Ingress gateway.

In the next chapter, we will explore the traffic management capabilities of Linkerd. In the vocabulary of Linkerd, traffic management is termed reliability.

1. You can only install the Linkerd control plane through SSH to the master node of the Kubernetes cluster.

A) True
B) False

2. You need a cluster-admin role to install a control plane configuration.

A) True
B) False

3. You need a cluster-admin role to install the Linkerd control plane.

A) True
B) False

4. Linkerd allows us to automatically inject sidecars if we label our namespace with linkerd.io/inject: enabled.

A) True
B) False

5. If we want to exclude a pod so that it gets its own sidecar proxy, we can label the pod with linkerd.io/inject: disabled.

A) True
B) False

• Getting Started, Linkerd, available at https://linkerd.io/2/getting-started/, accessed 5 May 2019