- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 32 for ISTIO_MUTUAL (0.13 sec)
-
pilot/pkg/features/pilot.go
MultiRootMesh = env.Register("ISTIO_MULTIROOT_MESH", false, "If enabled, mesh will support certificates signed by more than one trustAnchor for ISTIO_MUTUAL mTLS").Get() EnableEnvoyFilterMetrics = env.Register("PILOT_ENVOY_FILTER_STATS", false, "If true, Pilot will collect metrics for envoy filter operations.").Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 13.3K bytes - Viewed (0) -
pilot/pkg/networking/core/gateway.go
// ISTIO_MUTUAL | ENABLED | DISABLED | support SDS at gateway to terminate workload mTLS, with internal workloads // // | for egress or with another trusted cluster for ingress) // // ISTIO_MUTUAL | DISABLED | DISABLED | use file-mounted secret paths to terminate workload mTLS from gateway //
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 46.4K bytes - Viewed (0) -
manifests/charts/gateways/istio-egress/values.yaml
trustDomain: "cluster.local" defaultConfig: proxyMetadata: {} tracing: # tlsSettings: # mode: DISABLE # DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL # clientCertificate: # example: /etc/istio/tracer/cert-chain.pem # privateKey: # example: /etc/istio/tracer/key.pem # caCertificates: # example: /etc/istio/tracer/root-cert.pem
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Feb 27 16:55:16 UTC 2024 - 12.4K bytes - Viewed (0) -
pilot/pkg/networking/core/gateway_test.go
result *auth.DownstreamTlsContext transportProtocol istionetworking.TransportProtocol mesh *meshconfig.MeshConfig }{ { name: "mesh SDS enabled, tls mode ISTIO_MUTUAL", server: &networking.Server{ Hosts: []string{"httpbin.example.com"}, Port: &networking.Port{ Protocol: string(protocol.HTTPS), }, Tls: &networking.ServerTLSSettings{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 144K bytes - Viewed (0) -
pkg/config/validation/validation_test.go
}, "", "PASSTHROUGH mode does not use certificates", }, { "istio_mutual no certs", &networking.ServerTLSSettings{ Mode: networking.ServerTLSSettings_ISTIO_MUTUAL, ServerCertificate: "", PrivateKey: "", CaCertificates: "", }, "", "", }, { "istio_mutual with server cert", &networking.ServerTLSSettings{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 03:11:45 UTC 2024 - 196K bytes - Viewed (0) -
tests/integration/pilot/common/routing.go
{"auto-tcp-server", "DISABLE", "PERMISSIVE", check.Error()}, {"auto-tcp-server", "DISABLE", "STRICT", check.Error()}, {"auto-tcp-server", "ISTIO_MUTUAL", "DISABLE", check.Error()}, {"auto-tcp-server", "ISTIO_MUTUAL", "PERMISSIVE", check.Error()}, {"auto-tcp-server", "ISTIO_MUTUAL", "STRICT", check.Error()}, // These is broken because we will still enable inbound sniffing for the port. Since there is no tls,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 21:52:51 UTC 2024 - 135.9K bytes - Viewed (0) -
pkg/config/validation/validation.go
// ISTIO_MUTUAL TLS mode uses either SDS or default certificate mount paths // therefore, we should fail validation if other TLS fields are set if tls.ServerCertificate != "" { v = AppendValidation(v, fmt.Errorf("ISTIO_MUTUAL TLS cannot have associated server certificate")) } if tls.PrivateKey != "" { v = AppendValidation(v, fmt.Errorf("ISTIO_MUTUAL TLS cannot have associated private key")) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 04:03:33 UTC 2024 - 107.2K bytes - Viewed (0) -
tests/integration/ambient/baseline_test.go
if from.Config().HasProxyCapabilities() && !from.Config().HasAnyWaypointProxy() { if from.Config().HasSidecar() && !opts.To.Config().HasProxyCapabilities() { // Sidecar respects it ISTIO_MUTUAL, will only send mTLS return false } return true } if !from.Config().HasProxyCapabilities() && opts.To.Config().HasAnyWaypointProxy() { // TODO: support hairpin
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 00:07:28 UTC 2024 - 78.4K bytes - Viewed (0) -
pilot/pkg/networking/util/util_test.go
}, }, }, } cases := []struct { name string tlsMode networking.ClientTLSSettings_TLSmode meta *core.Metadata want *core.Metadata }{ { name: "ISTIO_MUTUAL TLS", tlsMode: networking.ClientTLSSettings_ISTIO_MUTUAL, meta: nil, want: nil, }, { name: "DISABLED TLS", tlsMode: networking.ClientTLSSettings_DISABLE, meta: nil,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 40K bytes - Viewed (0) -
pkg/istio-agent/agent_test.go
--- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: plaintext namespace: default spec: host: app.com trafficPolicy: tls: mode: ISTIO_MUTUAL `}) if bootstrapGenerator != nil { ds.Discovery.Generators[v3.BootstrapType] = bootstrapGenerator } ds.Discovery.Authenticators = []security.Authenticator{auth} grpcServer := grpc.NewServer(opt)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 33.4K bytes - Viewed (0)