Automatic Sidecar Injection

The Glasnostic Kubernetes Data Plane uses automated sidecar injection to deploy the required components for it's service mesh infrastructure. The sidecar is based on the widely popular Envoy and comes with Glasnostic's runtime control features built in. By default, the sidecar is not injected into any Pods across the cluster. You need to explicitly enable each namespace that you want to inject the sidecar into.

Enable sidecar injection

To enable the automatic sidecar injection you need to lable the Kubernetes namespaces with the glasnostic=enable label.

kubectl label namespace default glasnostic=enable

The above command will label the default namespace and turn on automatic sidecar injection. The sidecar will be injected into all newly created pods in the default namespace. For existing pods you need to restart them which will trigger the MutatingWebHook to inject the sidecar upon restart.

Disable sidecar injection

To disable the automatic sidecar injection you need to either remove the glasnostic label from the namespace again or set it to the value of disable. The same applies to namespaces where you'd like to explicitly disable the automatic sidecar injection.

kubectl label namespace glasnostic-system glasnostic=disable

The above command explicitly disables the automatic sidecar injection for the glasnostic-system namespace.