From 48018dae5e6bead43383dd1579ca89ba4e74ddaa Mon Sep 17 00:00:00 2001 From: Ryan Jacobs Date: Wed, 10 Jul 2024 16:24:47 -0600 Subject: [PATCH 1/2] Clarifies documentation on connectAddr (helm chart) The networkValidator.connectAddr helm chart parameter is ambiguously documented which leads to confusion. This PR amends the documentation to improve comprehension. Fixes #12797 Signed-off-by: Ryan Jacobs --- charts/linkerd-control-plane/values.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/charts/linkerd-control-plane/values.yaml b/charts/linkerd-control-plane/values.yaml index 43e09e40e56b2..e706bc8c9c686 100644 --- a/charts/linkerd-control-plane/values.yaml +++ b/charts/linkerd-control-plane/values.yaml @@ -323,7 +323,9 @@ networkValidator: # -- Log format (`plain` or `json`) for network-validator # @default -- plain logFormat: plain - # -- Address to which the network-validator will attempt to connect. we expect this to be rewritten + # -- Address to which the network-validator will attempt to connect. This should be an IP + # that the cluster is expected to be able to reach but a port it should not, e.g., a public IP + # for public clusters and a private IP for air-gapped clusters with a port like 20001. connectAddr: "1.1.1.1:20001" # -- Address to which network-validator listens to requests from itself listenAddr: "0.0.0.0:4140" From 80d023eb747094b3fcf84fbe8d77e6d88edec23b Mon Sep 17 00:00:00 2001 From: Ryan Jacobs Date: Fri, 12 Jul 2024 08:50:57 -0600 Subject: [PATCH 2/2] Adds required README.md changes for helm chart With the previous commit, documentation changes were needed to README.md. This commit and subsequent PR has those changes. Fixes #12797 Signed-off-by: Ryan Jacobs --- charts/linkerd-control-plane/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/linkerd-control-plane/README.md b/charts/linkerd-control-plane/README.md index 07eb87d52ce3f..166aeb53d93c6 100644 --- a/charts/linkerd-control-plane/README.md +++ b/charts/linkerd-control-plane/README.md @@ -187,7 +187,7 @@ Kubernetes: `>=1.22.0-0` | kubeAPI.clientBurst | int | `200` | Burst value over clientQPS | | kubeAPI.clientQPS | int | `100` | Maximum QPS sent to the kube-apiserver before throttling. See [token bucket rate limiter implementation](https://github.com/kubernetes/client-go/blob/v12.0.0/util/flowcontrol/throttle.go) | | linkerdVersion | string | `"linkerdVersionValue"` | control plane version. See Proxy section for proxy version | -| networkValidator.connectAddr | string | `"1.1.1.1:20001"` | Address to which the network-validator will attempt to connect. we expect this to be rewritten | +| networkValidator.connectAddr | string | `"1.1.1.1:20001"` | Address to which the network-validator will attempt to connect. This should be an IP that the cluster is expected to be able to reach but a port it should not, e.g., a public IP for public clusters and a private IP for air-gapped clusters with a port like 20001. | | networkValidator.enableSecurityContext | bool | `true` | Include a securityContext in the network-validator pod spec | | networkValidator.listenAddr | string | `"0.0.0.0:4140"` | Address to which network-validator listens to requests from itself | | networkValidator.logFormat | string | plain | Log format (`plain` or `json`) for network-validator |