From d73d4daa4a3bf17daf2d6aa2de8f1ff3fc99e444 Mon Sep 17 00:00:00 2001
From: TJ Miller <millert@us.ibm.com>
Date: Fri, 10 Nov 2023 13:02:12 -0800
Subject: [PATCH] Disable nativeSidecar for identity and increase
 startupProbeInitialDelaySeconds for inject and destination

---
 charts/linkerd-control-plane/templates/destination.yaml    | 2 +-
 charts/linkerd-control-plane/templates/identity.yaml       | 6 +-----
 charts/linkerd-control-plane/templates/proxy-injector.yaml | 2 +-
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/charts/linkerd-control-plane/templates/destination.yaml b/charts/linkerd-control-plane/templates/destination.yaml
index 8b3a28b22cb1a..a4081b69101ea 100644
--- a/charts/linkerd-control-plane/templates/destination.yaml
+++ b/charts/linkerd-control-plane/templates/destination.yaml
@@ -344,7 +344,7 @@ spec:
       - {{- include "partials.proxy-init" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
       {{ end -}}
       {{- if $tree.Values.proxy.nativeSidecar }}
-        {{- $_ := set $tree.Values.proxy "startupProbeInitialDelaySeconds" 20 }}
+        {{- $_ := set $tree.Values.proxy "startupProbeInitialDelaySeconds" 35 }}
         {{- $_ := set $tree.Values.proxy "startupProbePeriodSeconds" 5 }}
         {{- $_ := set $tree.Values.proxy "startupProbeFailureThreshold" 20 }}
       - {{- include "partials.proxy" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
diff --git a/charts/linkerd-control-plane/templates/identity.yaml b/charts/linkerd-control-plane/templates/identity.yaml
index 3370bed7dd819..d2003a8d471b0 100644
--- a/charts/linkerd-control-plane/templates/identity.yaml
+++ b/charts/linkerd-control-plane/templates/identity.yaml
@@ -206,6 +206,7 @@ spec:
       {{- $_ := set $tree.Values.proxy "await" false }}
       {{- $_ := set $tree.Values.proxy "loadTrustBundleFromConfigMap" true }}
       {{- $_ := set $tree.Values.proxy "podInboundPorts" "8080,9990" }}
+      {{- $_ := set $tree.Values.proxy "nativeSidecar" false }}
       {{- /*
         The identity controller cannot discover policies, so we configure it with defaults that
         enforce TLS on the identity service.
@@ -215,9 +216,7 @@ spec:
       {{- $_ := set $tree.Values.proxy "capabilities" (dict "drop" (list "ALL")) }}
       {{- $_ := set $tree.Values.proxy "outboundDiscoveryCacheUnusedTimeout" "5s" }}
       {{- $_ := set $tree.Values.proxy "inboundDiscoveryCacheUnusedTimeout" "90s" }}
-      {{- if not $tree.Values.proxy.nativeSidecar }}
       - {{- include "partials.proxy" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
-      {{- end }}
       initContainers:
       {{ if .Values.cniEnabled -}}
       - {{- include "partials.network-validator" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
@@ -230,9 +229,6 @@ spec:
       {{- $_ := set $tree.Values.proxyInit "ignoreOutboundPorts" .Values.proxyInit.kubeAPIServerPorts -}}
       - {{- include "partials.proxy-init" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
       {{ end -}}
-      {{- if $tree.Values.proxy.nativeSidecar }}
-      - {{- include "partials.proxy" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
-      {{ end -}}
       {{- if .Values.priorityClassName -}}
       priorityClassName: {{ .Values.priorityClassName }}
       {{ end -}}
diff --git a/charts/linkerd-control-plane/templates/proxy-injector.yaml b/charts/linkerd-control-plane/templates/proxy-injector.yaml
index c1d93b2ce465a..4fd044d65ccea 100644
--- a/charts/linkerd-control-plane/templates/proxy-injector.yaml
+++ b/charts/linkerd-control-plane/templates/proxy-injector.yaml
@@ -130,7 +130,7 @@ spec:
       - {{- include "partials.proxy-init" $tree | indent 8 | trimPrefix (repeat 7 " ") }}
       {{ end -}}
       {{- if $tree.Values.proxy.nativeSidecar }}
-        {{- $_ := set $tree.Values.proxy "startupProbeInitialDelaySeconds" 20 }}
+        {{- $_ := set $tree.Values.proxy "startupProbeInitialDelaySeconds" 35 }}
         {{- $_ := set $tree.Values.proxy "startupProbePeriodSeconds" 5 }}
         {{- $_ := set $tree.Values.proxy "startupProbeFailureThreshold" 20 }}
       - {{- include "partials.proxy" $tree | indent 8 | trimPrefix (repeat 7 " ") }}