Feb 21, 2024: Announcing Linkerd 2.15 with support for VM workloads, native sidecars, and SPIFFE! Read more »

install-cni

Output Kubernetes configs to install Linkerd CNI.

This command installs a DaemonSet into the Linkerd control plane. The DaemonSet copies the necessary linkerd-cni plugin binaries and configs onto the host. It assumes that the ’linkerd install’ command will be executed with the ‘–linkerd-cni-enabled’ flag. This command needs to be executed before the ’linkerd install –linkerd-cni-enabled’ command.

The installation can be configured by using the –set, –values, –set-string and –set-file flags. A full list of configurable values can be found at https://artifacthub.io/packages/helm/linkerd2/linkerd2-cni#values

Flags

Flag Usage
--admin-port Proxy port to serve metrics on
--cni-image Image for the cni-plugin
--cni-image-version Image Version for the cni-plugin
--cni-log-level Log level for the cni-plugin
--control-port Proxy port to use for control
--dest-cni-bin-dir Directory on the host where the CNI binary will be placed
--dest-cni-net-dir Directory on the host where the CNI configuration will be placed
--inbound-port Proxy port to use for inbound traffic
--linkerd-version
-v 		Tag to be used for Linkerd images
--outbound-port Proxy port to use for outbound traffic
--priority-class-name Pod priorityClassName for CNI daemonset’s pods
--proxy-uid Run the proxy under this user ID
--redirect-ports Ports to redirect to proxy, if no port is specified then ALL ports are redirected
--registry Docker registry to pull images from ($LINKERD_DOCKER_REGISTRY)
--set set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--set-file set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2)
--set-string set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--skip-inbound-ports Ports and/or port ranges (inclusive) that should skip the proxy and send directly to the application
--skip-outbound-ports Outbound ports and/or port ranges (inclusive) that should skip the proxy
--use-wait-flag Configures the CNI plugin to use the “-w” flag for the iptables command. (default false)
--values
-f 		specify values in a YAML file or a URL (can specify multiple)