- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 36 for ISTIO_MUTUAL (0.28 sec)
-
tests/integration/security/ca_custom_root/secure_naming_test.go
trafficPolicy: tls: mode: ISTIO_MUTUAL subjectAltNames: - "spiffe://cluster.local/ns/NS/sa/default" ` correctIdentityDR = `apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "service-b-dr" spec: host: "b.NS.svc.cluster.local" trafficPolicy: tls: mode: ISTIO_MUTUAL subjectAltNames: - "spiffe://cluster.local/ns/NS/sa/b"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 7.5K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_traffic_policy_test.go
Version: networking.TrafficPolicy_ProxyProtocol_V2, }, expectTransportSocket: false, expectTransportSocketMatch: false, }, { name: "user specified with istio_mutual tls", mtlsCtx: userSupplied, discoveryType: cluster.Cluster_EDS, tls: istioMutualTLSSettings, proxyProtocolSettings: &networking.TrafficPolicy_ProxyProtocol{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 9K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
} } // buildUpstreamTLSSettings fills key cert fields for all TLSSettings when the mode is `ISTIO_MUTUAL`. // If the (input) TLS setting is nil (i.e not set), *and* the service mTLS mode is STRICT, it also // creates and populates the config as if they are set as ISTIO_MUTUAL. func (cb *ClusterBuilder) buildUpstreamTLSSettings( tls *networking.ClientTLSSettings, serviceAccounts []string, sni string,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
tests/integration/security/reachability_test.go
config.File("testdata/reachability/global-dr.yaml.tmpl"), }.WithParams(param.Params{ mtlsModeParam: model.MTLSStrict.String(), tlsModeParam: "ISTIO_MUTUAL", param.Namespace.String(): systemNS, }), fromMatch: notMigration, toMatch: notMigration, expectMTLS: notNaked, expectCrossCluster: notFromNaked,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_alias_secure_naming_test.go
spec: mtls: mode: STRICT --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "server-naked" spec: host: "*.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` ) // TestTrustDomainAliasSecureNaming scope: // The client side mTLS connection should validate the trust domain alias during secure naming validation. // // Setup:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.7K bytes - Viewed (0) -
pilot/pkg/config/file/store_test.go
configTemplate := `apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: productpage labels: version: %s spec: host: productpage trafficPolicy: tls: mode: ISTIO_MUTUAL subsets: - name: %s labels: version: %s` config := fmt.Sprintf(configTemplate, version, version, version) err := src.ApplyContent("test", config) g.Expect(err).To(BeNil())
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jan 05 18:44:58 UTC 2024 - 1.5K bytes - Viewed (0) -
pilot/pkg/xds/cds_test.go
}, { name: "Kubernetes service and EDS ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint}, configs: []config.Config{drIstioMTLS, seEDS}, // The Service has precedence, so its cluster will be used sans: []string{"spiffe://cluster.local/ns/default/sa/pod"}, }, { name: "Kubernetes service and NONE ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 01 02:06:39 UTC 2024 - 9.2K bytes - Viewed (0) -
pilot/pkg/config/kube/gateway/testdata/tls.yaml
port: 34000 protocol: HTTPS allowedRoutes: namespaces: from: All tls: mode: Terminate options: gateway.istio.io/tls-terminate-mode: ISTIO_MUTUAL --- apiVersion: gateway.networking.k8s.io/v1alpha2 kind: TLSRoute metadata: name: tls namespace: default spec: parentRefs: - name: gateway namespace: istio-system rules:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Mar 01 20:54:36 UTC 2024 - 2K bytes - Viewed (0) -
tests/integration/security/ecc_signature_algorithm/mtls_strict_test.go
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: server namespace: {{.AppNamespace}} spec: host: "server.{{.AppNamespace}}.svc.cluster.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` PeerAuthenticationConfig = ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: {{.AppNamespace}} spec: mtls: mode: STRICT ` )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 2.5K bytes - Viewed (0) -
pilot/pkg/config/kube/gateway/testdata/tls.yaml.golden
namespace: istio-system spec: servers: - hosts: - '*/egress.example' port: name: default number: 34000 protocol: HTTPS tls: mode: ISTIO_MUTUAL --- apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: annotations: internal.istio.io/parents: HTTPRoute/http.default internal.istio.io/route-semantics: gateway
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Mar 01 20:54:36 UTC 2024 - 4K bytes - Viewed (0)