- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 25 for ISTIO_MUTUAL (0.16 sec)
-
tests/integration/security/ca_custom_root/secure_naming_test.go
trafficPolicy: tls: mode: ISTIO_MUTUAL subjectAltNames: - "spiffe://cluster.local/ns/NS/sa/default" ` correctIdentityDR = `apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "service-b-dr" spec: host: "b.NS.svc.cluster.local" trafficPolicy: tls: mode: ISTIO_MUTUAL subjectAltNames: - "spiffe://cluster.local/ns/NS/sa/b"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 7.5K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_traffic_policy_test.go
Version: networking.TrafficPolicy_ProxyProtocol_V2, }, expectTransportSocket: false, expectTransportSocketMatch: false, }, { name: "user specified with istio_mutual tls", mtlsCtx: userSupplied, discoveryType: cluster.Cluster_EDS, tls: istioMutualTLSSettings, proxyProtocolSettings: &networking.TrafficPolicy_ProxyProtocol{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 9K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
} } // buildUpstreamTLSSettings fills key cert fields for all TLSSettings when the mode is `ISTIO_MUTUAL`. // If the (input) TLS setting is nil (i.e not set), *and* the service mTLS mode is STRICT, it also // creates and populates the config as if they are set as ISTIO_MUTUAL. func (cb *ClusterBuilder) buildUpstreamTLSSettings( tls *networking.ClientTLSSettings, serviceAccounts []string, sni string,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
tests/integration/security/reachability_test.go
config.File("testdata/reachability/global-dr.yaml.tmpl"), }.WithParams(param.Params{ mtlsModeParam: model.MTLSStrict.String(), tlsModeParam: "ISTIO_MUTUAL", param.Namespace.String(): systemNS, }), fromMatch: notMigration, toMatch: notMigration, expectMTLS: notNaked, expectCrossCluster: notFromNaked,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_alias_secure_naming_test.go
spec: mtls: mode: STRICT --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "server-naked" spec: host: "*.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` ) // TestTrustDomainAliasSecureNaming scope: // The client side mTLS connection should validate the trust domain alias during secure naming validation. // // Setup:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.7K bytes - Viewed (0) -
pilot/pkg/xds/cds_test.go
}, { name: "Kubernetes service and EDS ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint}, configs: []config.Config{drIstioMTLS, seEDS}, // The Service has precedence, so its cluster will be used sans: []string{"spiffe://cluster.local/ns/default/sa/pod"}, }, { name: "Kubernetes service and NONE ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 01 02:06:39 UTC 2024 - 9.2K bytes - Viewed (0) -
tests/integration/security/ecc_signature_algorithm/mtls_strict_test.go
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: server namespace: {{.AppNamespace}} spec: host: "server.{{.AppNamespace}}.svc.cluster.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` PeerAuthenticationConfig = ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: {{.AppNamespace}} spec: mtls: mode: STRICT ` )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 2.5K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls_test.go
}, }, }, }, Sni: "some-sni.com", }, err: nil, }, }, // ecdh curves from MeshConfig should be ignored for ISTIO_MUTUAL mode { name: "tls mode ISTIO_MUTUAL with EcdhCurves specified in Mesh Config", opts: &buildClusterOpts{ mutable: newTestCluster(), mesh: &meshconfig.MeshConfig{ TlsDefaults: &meshconfig.MeshConfig_TLSConfig{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 60.9K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_validation_test.go
mode: DISABLE --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: server spec: host: server.%s.svc.cluster.local trafficPolicy: tls: mode: ISTIO_MUTUAL portLevelSettings: - port: number: 8090 tls: mode: DISABLE - port: number: 8092 tls: mode: DISABLE ` )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 5.9K bytes - Viewed (0) -
tests/integration/security/filebased_tls_origination/egress_gateway_origination_test.go
servers: - port: number: 443 name: https-filebased protocol: HTTPS hosts: - external-service.{{.ServerNamespace}}.svc.cluster.local tls: mode: ISTIO_MUTUAL --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: egressgateway-for-server-filebased spec: host: {{.EgressService}}.{{.EgressNamespace}}.svc.cluster.local subsets:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0)