UNCLASSIFIED - NO CUI

Snippets Groups Projects

Merged Micah Nagel requested to merge passthrough-cred-fix into master 1 year ago

General MR

Summary

Istio TLS Mode supports 5 different options for your gateway. Only MUTUAL and SIMPLE actually support certs/credentials though. This can be confirmed by applying a gateway like this:

apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: passthrough
  namespace: istio-system
spec:
  selector:
    app: passthrough-ingressgateway
  servers:
  - hosts:
    - test.bigbang.dev
    port:
      name: https
      number: 8443
      protocol: HTTPS
    tls:
      credentialName: passthrough-cert
      mode: SIMPLE

And then swapping the mode to the other 4 options. PASSTHROUGH type modes will throw a warning that the credential will be ignored. ISTIO_MUTUAL will actually error out.

Activity

Micah Nagel added Bug Fixes community-contribution istio statusreview labels 1 year ago

added Bug Fixes community-contribution istio statusreview labels
Micah Nagel assigned to @micah.nagel 1 year ago

assigned to @micah.nagel
Micah Nagel removed statusreview label 1 year ago

removed statusreview label
Micah Nagel marked this merge request as draft 1 year ago

marked this merge request as draft
Micah Nagel added 1 commit 1 year ago
added 1 commit

182a02e1 - fix

Compare with previous version
Micah Nagel marked this merge request as ready 1 year ago

marked this merge request as ready
Micah Nagel added statusreview label 1 year ago

added statusreview label
Ryan Garcia approved this merge request 1 year ago

approved this merge request
Ryan Garcia merged 1 year ago

merged
Ryan Garcia mentioned in commit 0ecaee0d 1 year ago

mentioned in commit 0ecaee0d

Please register or sign in to reply

UNCLASSIFIED - NO CUI