We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When deploying istio with global MTLS enabled, a destinationrule is created in the istio-system namespace that enables MTLS for *.local.
apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"networking.istio.io/v1alpha3","kind":"DestinationRule","metadata":{"annotations":{},"labels":{"app":"security","chart":"security","heritage":"Tiller","release":"istio"},"name":"default","namespace":"istio-system"},"spec":{"host":"*.local","trafficPolicy":{"tls":{"mode":"ISTIO_MUTUAL"}}}} creationTimestamp: "2019-04-02T03:00:12Z" generation: 1 labels: app: security chart: security heritage: Tiller release: istio name: default namespace: istio-system resourceVersion: "59457681" selfLink: /apis/networking.istio.io/v1alpha3/namespaces/istio-system/destinationrules/default uid: 6ecd30a4-54f3-11e9-8fb4-0e7290ce94ea spec: host: '*.local' trafficPolicy: tls: mode: ISTIO_MUTUAL
This means we need to specify ISTIO_MUTUAL in the canary spec:
trafficPolicy: loadBalancer: simple: LEAST_CONN tls: mode: ISTIO_MUTUAL
Maybe we want this documented somewhere?
The text was updated successfully, but these errors were encountered:
c9e09fa
No branches or pull requests
When deploying istio with global MTLS enabled, a destinationrule is created in the istio-system namespace that enables MTLS for *.local.
This means we need to specify ISTIO_MUTUAL in the canary spec:
Maybe we want this documented somewhere?
The text was updated successfully, but these errors were encountered: