- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 71 for Account (0.15 sec)
-
docker/iptables.yaml
- iptables - ip6tables - libnetfilter_conntrack - libnfnetlink - libmnl - libgcc archs: - x86_64 - aarch64 paths: - path: /run type: directory permissions: 0o755 accounts: users: - username: nonroot uid: 65532 - username: nobody uid: 65534 run-as: 65532
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu May 02 17:24:41 GMT 2024 - 541 bytes - Viewed (0) -
manifests/charts/gateways/istio-egress/files/profile-ambient.yaml
meshConfig: defaultConfig: proxyMetadata: ISTIO_META_ENABLE_HBONE: "true" global: variant: distroless pilot: env: PILOT_ENABLE_AMBIENT: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" cni: ambient: enabled: true # Ztunnel doesn't use a namespace, so everything here is mostly for ztunnel
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 19:09:43 GMT 2024 - 683 bytes - Viewed (0) -
manifests/charts/istio-operator/files/profile-ambient.yaml
meshConfig: defaultConfig: proxyMetadata: ISTIO_META_ENABLE_HBONE: "true" global: variant: distroless pilot: env: PILOT_ENABLE_AMBIENT: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" cni: ambient: enabled: true # Ztunnel doesn't use a namespace, so everything here is mostly for ztunnel
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 19:09:43 GMT 2024 - 683 bytes - Viewed (0) -
manifests/charts/istiod-remote/files/profile-openshift-ambient.yaml
PILOT_ENABLE_AMBIENT: "true" # Allow sidecars/ingress to send/receive HBONE. This is required for interop. PILOT_ENABLE_SENDING_HBONE: "true" PILOT_ENABLE_SIDECAR_LISTENING_HBONE: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" platform: openshift variant: distroless seLinuxOptions:
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Sat May 04 01:17:57 GMT 2024 - 955 bytes - Viewed (0) -
cni/pkg/install/testdata/kubeconfig-skip-tls
contexts: - context: cluster: local user: istio-cni name: istio-cni-context current-context: istio-cni-context kind: Config preferences: {} users: - name: istio-cni user:
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed May 17 02:22:22 GMT 2023 - 342 bytes - Viewed (0) -
common-protos/k8s.io/api/events/v1/generated.proto
// how this struct is updated on heartbeats and can guide customized reporter implementations. message EventSeries { // count is the number of occurrences in this series up to the last heartbeat time. optional int32 count = 1; // lastObservedTime is the time when last Event from the series was seen before last heartbeat.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Mar 11 18:43:24 GMT 2024 - 5.5K bytes - Viewed (0) -
manifests/charts/gateways/istio-egress/NOTES.txt
-- TLS secrets and domain name management is isolated, for better security -- simplified configuration -- multiple versions of the ingress can be used, to minize upgrade risks - the new chart uses the default namespace service account, and doesn't require additional RBAC permissions. - simplified label structure. Label change is not supported on upgrade. - for 'internal load balancer' you should deploy a separate gateway, in a different namespace.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed Apr 15 21:29:06 GMT 2020 - 1.5K bytes - Viewed (0) -
manifests/charts/gateways/istio-ingress/NOTES.txt
-- TLS secrets and domain name management is isolated, for better security -- simplified configuration -- multiple versions of the ingress can be used, to minimize upgrade risks - the new chart uses the default namespace service account, and doesn't require additional RBAC permissions. - simplified label and chart structure. - ability to run a pilot dedicated for the gateway, isolated from the main pilot. This is more robust, safer on upgrades
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed Apr 15 21:29:06 GMT 2020 - 2K bytes - Viewed (0) -
architecture/security/istio-agent.md
For a standard Kubernetes deployment, both CA and discovery will use JWT authentication, with a token automatically [generated and rotated by Kubernetes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection). For discovery, the JWT token will be read directly from a file and sent as is. For CA, this logic is a bit more complex,
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Aug 22 16:45:50 GMT 2023 - 7.2K bytes - Viewed (1) -
manifests/charts/default/files/profile-ambient.yaml
meshConfig: defaultConfig: proxyMetadata: ISTIO_META_ENABLE_HBONE: "true" global: variant: distroless pilot: env: PILOT_ENABLE_AMBIENT: "true" CA_TRUSTED_NODE_ACCOUNTS: "istio-system/ztunnel,kube-system/ztunnel" cni: ambient: enabled: true # Ztunnel doesn't use a namespace, so everything here is mostly for ztunnel
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 19:09:43 GMT 2024 - 683 bytes - Viewed (0)