# Concepts

### What is Linkerd
* Linkerd is a service mesh for Kubernetes and other frameworks. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and security—all without requiring any changes to your code.
* Linkerd has three basic components: a UI, a data plane, and a control plane. You run Linkerd by
    * Installing the CLI on your local system;
    * Installing the control plane into your cluster;
    * Adding your services to Linkerd’s data plane.
* Linkerd works by installing a set of ultralight, transparent proxies next to each service instance. These proxies automatically handle all traffic to and from the service. Because they’re transparent, these proxies act as highly instrumented out-of-process network stacks, sending telemetry to, and receiving control signals from, the control plane. This design allows Linkerd to measure and manipulate traffic to and from your service without introducing excessive latency.

### Architecture
* <b>Control Plane</b>: The Linkerd control plane is a set of services that run in a dedicated Kubernetes namespace (linkerd by default). These services accomplish various things—aggregating telemetry data, providing a user-facing API, providing control data to the data plane proxies, etc. Together, they drive the behavior of the data plane. 
    * <b>Controller</b> - The controller deployment consists of multiple containers (public-api, proxy-api, destination, tap) that provide the bulk of the control plane’s functionality.
    * <b>Web</b> - The web deployment provides the Linkerd dashboard.
    * <b>Prometheus</b> - All of the metrics exposed by Linkerd are scraped via Prometheus and stored here. This is an instance of Prometheus that has been configured to work specifically with the data that Linkerd generates.
        * Prometheus is a cloud native monitoring solution that is used to collect and store all the Linkerd metrics. It is installed as part of the control plane and provides the data used by the CLI, dashboard and Grafana.
        * The proxy exposes a /metrics endpoint for Prometheus to scrape on port 4191. This is scraped every 10 seconds. These metrics are then available to all the other Linkerd components, such as the CLI and dashboard.
    * <b>Grafana</b> - Linkerd comes with many dashboards out of the box. The Grafana component is used to render and display these dashboards. You can reach these dashboards via links in the Linkerd dashboard itself.
        * As a component of the control plane, Grafana provides actionable dashboards for your services out of the box. It is possible to see high level metrics and dig down into the details, even for pods.
    * <img src="../../images/javaee/control-plane.png" width="500px">
* <b>Data Plane</b>: The Linkerd data plane is comprised of lightweight proxies, which are deployed as sidecar containers alongside each instance of your service code. In order to “add” a service to the Linkerd service mesh, the pods for that service must be redeployed to include a data plane proxy in each pod.
    * These proxies transparently intercept communication to and from each pod, and add features such as instrumentation and encryption (TLS), as well as allowing and denying requests according to the relevant policy.
* <b>Proxy</b>: An ultralight transparent proxy written in `Rust`, the proxy is installed into each pod of a service and becomes part of the data plane. It receives all incoming traffic for a pod and intercepts all outgoing traffic via an `initContainer` that configures `iptables` to forward the traffic correctly. 
    * Transparent, zero-config proxying for HTTP, HTTP/2, and arbitrary TCP protocols.
    * Automatic Prometheus metrics export for HTTP and TCP traffic.
    * Transparent, zero-config WebSocket proxying.
    * Automatic, latency-aware, layer-7 load balancing.
    * Automatic layer-4 load balancing for non-HTTP traffic.
    * Automatic TLS (experimental).
    * An on-demand diagnostic tap API.
* <b>CLI</b>: The Linkerd CLI is run locally on your machine and is used to interact with the control and data planes. It can be used to view statistics, debug production issues in real time and install/upgrade the control and data planes.
* <b>Dashboard</b>: The Linkerd dashboard provides a high level view of what is happening with your services in real time. It can be used to view the “golden” metrics (success rate, requests/second and latency), visualize service dependencies and understand the health of specific service routes. 


****

# 操作实战
* Getting Started: https://linkerd.io/2/getting-started/
* Upgrade: https://linkerd.io/2/upgrade/
* Adding Your Service: https://linkerd.io/2/adding-your-service/
    * example: https://linkerd.io/2/cli/inject/
* Debugging: https://linkerd.io/2/debugging/
* Ingress: https://linkerd.io/2/ingress/
* Supported Protocols: https://linkerd.io/2/supported-protocols/
* <b>CLI</b>: https://linkerd.io/2/cli/
* <b>Observability</b>: https://linkerd.io/2/observability/