- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 75 for mTLS (0.09 sec)
-
manifests/charts/gateways/istio-egress/templates/deployment.yaml
mountPath: /var/run/secrets/tokens readOnly: true {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - name: istio-certs mountPath: /etc/certs readOnly: true {{- end }} - mountPath: /var/lib/istio/data name: istio-data
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 18:16:49 UTC 2024 - 12.1K bytes - Viewed (0) -
pkg/config/analysis/analyzers/analyzers_test.go
expected: []message{ {msg.NoServerCertificateVerificationDestinationLevel, "DestinationRule db-mtls"}, {msg.NoServerCertificateVerificationPortLevel, "DestinationRule db-mtls"}, }, }, { name: "destinationrule with no cacert, simple at destinationlevel and mutual at port level", inputFiles: []string{ "testdata/destinationrule-compound-mutual-simple.yaml", },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 07:22:31 UTC 2024 - 42.6K bytes - Viewed (0) -
pilot/pkg/networking/core/gateway.go
// (per the spec of AUTO_PASSTHROUGH), as well as all possible Istio mTLS ALPNs. This, // along with filtering out plaintext destinations in EDS, ensures that our requests will // always hit an Istio mTLS filter chain on the inbound side. As a result, it should not // be possible for anyone to access a cluster without mTLS. Note that we cannot actually // check for mTLS here, as we are doing passthrough TLS.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 46.4K bytes - Viewed (0) -
cluster/gce/gci/configure-kubeapiserver.sh
else echo "ERROR: Some of ETCD_APISERVER_CA_KEY, ETCD_APISERVER_CA_CERT, ETCD_APISERVER_SERVER_KEY, ETCD_APISERVER_SERVER_CERT, ETCD_APISERVER_CLIENT_KEY and ETCD_APISERVER_CLIENT_CERT are missing, mTLS between etcd server and kube-apiserver cannot be enabled. Please provide all mTLS credential." exit 1 fi
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 11:08:30 UTC 2024 - 25.8K bytes - Viewed (0) -
pilot/pkg/xds/bench_test.go
GroupVersionKind: gvk.PeerAuthentication, Name: "global", Namespace: "istio-system", CreationTimestamp: time.Now(), }, Spec: &security.PeerAuthentication{ Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_PERMISSIVE}, }, }, config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 22 18:13:40 UTC 2024 - 19.7K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_builder_test.go
kind: PeerAuthentication metadata: name: default namespace: istio-system spec: mtls: mode: STRICT ` const disableMode = ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: istio-system spec: mtls: mode: DISABLE ` func TestInboundListenerFilters(t *testing.T) { services := []*model.Service{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 24.7K bytes - Viewed (0) -
manifests/charts/gateways/istio-egress/values.yaml
# TODO: convert to real options, env should not be exposed env: {} # Set this to "external" if and only if you want the egress gateway to # act as a transparent SNI gateway that routes mTLS/TLS traffic to # external services defined using service entries, where the service # entry has resolution set to DNS, has one or more endpoints with
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Feb 27 16:55:16 UTC 2024 - 12.4K bytes - Viewed (0) -
operator/pkg/apis/istio/v1alpha1/validation/validation.go
{"Values.pilot.ingress", "meshConfig.ingressService, meshConfig.ingressControllerMode, and meshConfig.ingressClass", nil}, {"Values.global.mtls.enabled", "the PeerAuthentication resource", nil}, {"Values.global.mtls.auto", "meshConfig.enableAutoMtls", nil}, {"Values.global.tracer.lightstep.address", "meshConfig.defaultConfig.tracing.lightstep.address", ""},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 20:02:28 UTC 2024 - 14.9K bytes - Viewed (0) -
pilot/pkg/features/pilot.go
MultiRootMesh = env.Register("ISTIO_MULTIROOT_MESH", false, "If enabled, mesh will support certificates signed by more than one trustAnchor for ISTIO_MUTUAL mTLS").Get() EnableEnvoyFilterMetrics = env.Register("PILOT_ENVOY_FILTER_STATS", false, "If true, Pilot will collect metrics for envoy filter operations.").Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 13.3K bytes - Viewed (0) -
internal/kms/config.go
EnvKESClientKey = "MINIO_KMS_KES_KEY_FILE" // Path to TLS private key for authenticating to KES with mTLS - usually prefer API keys EnvKESClientCert = "MINIO_KMS_KES_CERT_FILE" // Path to TLS certificate for authenticating to KES with mTLS - usually prefer API keys EnvKESServerCA = "MINIO_KMS_KES_CAPATH" // Path to file/directory containing CA certificates to verify the KES server certificate
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Wed Jun 12 14:31:26 UTC 2024 - 13.9K bytes - Viewed (0)