- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 85 for ca (0.11 sec)
-
manifests/charts/gateways/istio-egress/files/profile-ambient.yaml
meshConfig: defaultConfig: proxyMetadata: ISTIO_META_ENABLE_HBONE: "true" global: variant: distroless pilot: env: PILOT_ENABLE_AMBIENT: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" cni: ambient: enabled: true # Ztunnel doesn't use a namespace, so everything here is mostly for ztunnel
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 19:09:43 GMT 2024 - 683 bytes - Viewed (0) -
manifests/charts/istio-operator/files/profile-ambient.yaml
meshConfig: defaultConfig: proxyMetadata: ISTIO_META_ENABLE_HBONE: "true" global: variant: distroless pilot: env: PILOT_ENABLE_AMBIENT: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" cni: ambient: enabled: true # Ztunnel doesn't use a namespace, so everything here is mostly for ztunnel
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 19:09:43 GMT 2024 - 683 bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/waypoint.yaml
- name: istio-token projected: sources: - serviceAccountToken: audience: istio-ca expirationSeconds: 43200 path: istio-token - configMap: name: istio-ca-root-cert name: istiod-ca-cert {{- if .Values.global.imagePullSecrets }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri May 03 19:29:42 GMT 2024 - 10.1K bytes - Viewed (0) -
manifests/charts/istiod-remote/files/profile-openshift-ambient.yaml
env: PILOT_ENABLE_AMBIENT: "true" # Allow sidecars/ingress to send/receive HBONE. This is required for interop. PILOT_ENABLE_SENDING_HBONE: "true" PILOT_ENABLE_SIDECAR_LISTENING_HBONE: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" platform: openshift variant: distroless seLinuxOptions:
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Sat May 04 01:17:57 GMT 2024 - 955 bytes - Viewed (0) -
docker/Dockerfile.base
# hadolint ignore=DL3005,DL3008 RUN apt-get update && \ apt-get install --no-install-recommends -y \ ca-certificates \ curl \ iptables \ iproute2 \ iputils-ping \ knot-dnsutils \ netcat-openbsd \ tcpdump \ conntrack \ bsdmainutils \ net-tools \ lsof \ sudo \ && update-ca-certificates \ && apt-get upgrade -y \ && apt-get clean \
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed May 08 18:50:51 GMT 2024 - 1000 bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/gateway-injection-template.yaml
path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - name: istio-certs secret:
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Feb 27 16:55:16 GMT 2024 - 8.6K bytes - Viewed (0) -
manifests/charts/gateways/istio-ingress/templates/deployment.yaml
- emptyDir: {} name: credential-socket - emptyDir: {} name: workload-certs {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} - name: podinfo downwardAPI: items: - path: "labels" fieldRef: fieldPath: metadata.labels
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 18:16:49 GMT 2024 - 12.1K bytes - Viewed (1) -
manifests/charts/istio-control/istio-discovery/files/kube-gateway.yaml
expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if .Values.global.imagePullSecrets }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - name: {{ . }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 19 15:10:43 GMT 2024 - 12.1K bytes - Viewed (0) -
architecture/ambient/ztunnel.md
When fetching certificates, ztunnel will authenticate to the CA with its own identity, but request the identity of another workload. Critically, the CA must enforce that the ztunnel has permission to request that identity. Requests for identities not running on the node are rejected. This is critical to ensure that a compromised node does not compromise the entire mesh.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 25 22:35:16 GMT 2024 - 16.6K bytes - Viewed (0) -
istioctl/pkg/writer/envoy/configdump/testdata/secret/output
default Cert Chain ACTIVE false 6fbee254c22900615cb1f74e3d2f1713 2023-05-16T01:32:52Z 2023-05-15T01:30:52Z
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Jun 06 15:14:48 GMT 2023 - 416 bytes - Viewed (0)