conduit v19.10.5 Release Notes
-
๐ This edge release adds support for integrating Linkerd's PKI with an external ๐ certificate issuer such as
cert-manager
, adds distributed tracing support to the Linkerd control plane, and adds protection against DNS rebinding ๐ attacks to the web dashboard. In addition, it includes several improvements to the Linkerd CLI.- CLI
- Added a new
--identity-external-issuer
flag tolinkerd install
that configures Linkerd to use certificates issued by an external certificate issuer (such ascert-manager
) - Added support for injecting a namespace to
linkerd inject
(thanks @mayankshah1607!) - Added checks to
linkerd check --preinstall
ensuring Kubernetes Secrets can be created and accessed - Fixed
linkerd tap
sometimes displaying incorrect pod names for unmeshed IPs that match multiple running pods
- Added a new
- Controller
- Added support for using trust anchors from an external certificate issuer
(such as
cert-manager
) to thelinkerd-identity
service
- Added support for using trust anchors from an external certificate issuer
(such as
- ๐ป Web UI
- Added
Host:
header validation to thelinkerd-web
service, to protect against DNS rebinding attacks
- Added
- Internal
- Added new
--trace-collector
and--trace-collector-svc-account
flags tolinkerd inject
that configures the OpenCensus trace collector used by proxies in the injected workload (thanks @Pothulapati!) - Added a new
--control-plane-tracing
flag tolinkerd install
that enables distributed tracing in the control plane (thanks @Pothulapati!) - Added distributed tracing support to the control plane (thanks @Pothulapati!)
- Added new
๐ Also, thanks to @joakimr-axis for several fixes and improvements to internal ๐ build scripts!
- CLI