ofilter/Istio_Examples
1
0
Fork 0
Code Issues 26 Pull Requests Packages Projects 1 Releases Wiki Activity
113 Commits 2 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Disclaimer:

I have absolutely used as a reference and or template other party configurations/files.

I have tried to reference as much as possible as long it's relevant/useful for the reader.

Refer to the specific README.md in each example for more information, as the documentation is still in progress.

As per the moment, most of the examples are located in 02-Traffic_management.

Currently, the resources are under a relocation and the folders might contain things that don't really match the topic.

Stuff

Directories

├── 00-Troubleshooting
├── 01-Getting_Started
│   ├── 01-hello_world_1_service_1_deployment
│   ├── 02-hello_world_1_service_2_deployments_unmanaged
│   ├── 03-hello_world_1_service_2_deployments_managed_version
│   └── 04-hello_world_1_service_2_deployments_managed_version_foo_namespace
├── 02-Traffic_management
│   ├── 01-2_deployments_method
│   ├── 02-DirectResponse-HTTP-Body
│   ├── 03-HTTPRewrite
│   ├── 04-HTTPRedirect
│   ├── 05a-FaultInjection-delay
│   ├── 05b-FaultInjection-abort
│   ├── 05-hello_world_1_Service_Entry
│   ├── 06-hello_world_1_HTTPS-Service_Entry
│   │   └── src
│   ├── 06-mTLS
│   ├── 07-HTTPS-Gateway-Simple-TLS
│   ├── 08a-HTTPS-min-TLS-version
│   ├── 08b-HTTPS-max-TLS-version
│   ├── 09-HTTPS-backend
│   ├── 10-TCP-FORWARDING
│   ├── 11-TLS-PASSTHROUGH
│   ├── 12-HTTP-to-HTTPS-traffic-redirect
│   └── src
├── 03-Sidecar
│   └── 01-ingress-proxy-forwarding
├── 04-Envoy
│   └── 01-envoy_add_headers
├── 05-MeshConfig
│   └── 01-Outboud-Traffic-Policy
├── 06-AuthorizationPolicy
│   ├── 01-target-namespaces
│   ├── 02-target-service-accounts
│   └── 03-target-deployments
├── 09-Ingress
│   └── 01-Create-Istio-LoadBalancer
├── 10-PeerAuthentication
│   ├── 01-disable-mTLS
│   └── 02-portLevelMtls
├── 99-resources
│   └── HTTPS-NGINX-DOCKERFILE
└── XX-CirtcuitBreaking

Glossary

https://istio.io/latest/docs/reference/glossary/

Workload

https://istio.io/latest/docs/reference/glossary/#workload

https://kiali.io/docs/architecture/terminology/concepts/#workload

https://istio.io/latest/docs/ops/deployment/vm-architecture/

Sidecar

https://kubebyexample.com/learning-paths/istio/intro

Notes for myself

Internal and external authentication should be set together.

https://istio.io/latest/docs/ops/diagnostic-tools/proxy-cmd/

https://istio.io/latest/docs/ops/deployment/deployment-models/

Services port names

Istio allows to specify which protocol will run through a port.

It requires the name of the port to be set to a specific format name: <protocol>(-<suffix>).

Starting from Kubernetes 1.18, it also can be specified through the appProtocol field in the port, resulting in appProtocol: <protocol>.

This means that port names should respect this format to avoid issues, and for such be cautious when setting up the name of the ports.

This applies to multiple Istio elements, but as well to kind: Services from default Kubernetes.

For more information about this behavior, refer to:

https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/#explicit-protocol-selection

Workload selector is cool

Links of interest

Description
No description provided
https://github.com/OriolFilter/Istio_Examples
Readme 2.3 MiB
Languages
Dockerfile 100%