As a bad destination rule is set to disable client side mTLS and receiving side is mTLS enabled. At this point, Running the curl command between sidecar injected Istio services all requests will fail with a 503 error code as the client side is still using plain-text.
* Deprecate Deployment Manager install, point to Istio on GKE (#3149)
* Deprecate Deployment Manager install, point to Istio on GKE
* Remove deployment manager completely
* Rename quick-start-gke-dm to drop dm
* Fix indentation, stale links
* adding new blog post on traffic mgmt
* updates to address PR feedback
* fixed spelling issues and adjusted weight
* added DestinationRule to linter spelling config
* removed DestinationRule, using backticks per instructions
* using backticks instead of custom spelling config
This commit updates the grab_reference_docs.sh script to fetch docs for
the Wavefront by VMware adapter in order to publish it under the
adapters list.
Signed-off-by: Venil Noronha <veniln@vmware.com>
* Fix an error when applying the end-user authentiction policy with mTLS
In
https://istio.io/docs/tasks/security/authn-policy/#end-user-authentication-with-mutual-tls,
the following error occurs when applying the end-user authentiction policy with mTLS. This PR
fixes this error.
Error from server: error when applying patch:
{"metadata":{"annotations":{"kubectl.kubernetes.io/last-applied-configuration":"{\"apiVersion\":\"authentication.istio.io/v1alpha1\",\"kind\":\"Policy\",\"metadata\":{\"annotations\":{},\"name\":
\"jwt-example\",\"namespace\":\"foo\"},\"spec\":{\"origins\":[{\"jwt\":{\"issuer\":\"testing@secure.istio.io\",\"jwksUri\":\"https://raw.githubusercontent.com/istio/istio/release-1.0/security/too
ls/jwt/samples/jwks.json\"}}],\"peers\":[{\"mTLS\":{}}],\"principalBinding\":\"USE_ORIGIN\",\"targets\":[{\"name\":\"httpbin\"}]}}\n"}},"spec":{"peers":[{"mTLS":{}}]}}
to:
&{0xc4200a9a40 0xc420361260 foo jwt-example STDIN 0xc42211a040 20632 false}
for: "STDIN": admission webhook "pilot.validation.istio.io" denied the request: error decoding configuration: YAML decoding error: origins:
- jwt:
issuer: testing@secure.istio.io
jwksUri: https://raw.githubusercontent.com/istio/istio/release-1.0/security/tools/jwt/samples/jwks.json
peers:
- mTLS: {}
principalBinding: USE_ORIGIN
targets:
- name: httpbin
unknown field "mTLS" in v1alpha1.PeerAuthenticationMethod
* Fix a grammar error
* Update Guideline
Add guideline/warning, that we need to have unique name in `port name` if we use multiple host and HTTPS protocol.
* Update Guideline after remarks
Update with remarks
* Update according to latest remarks
* Fix a few lint errors and dissable the release notes links until ready. (#2522)
(cherry picked from commit 837f16af99)
* Fix compatibility issue with dynamic text and Firefox. (#2523)
(cherry picked from commit ab869ca88f)
Martin Taillefer
Martin Taillefer
mtail
idouba
Tao Li
Martin Ostrowski
He Cao
Douglas Reid
banix
Vadim Eisenberg
John Mazzitelli
Jesse Butler
mandarjog
Sandeep Parikh
Venil Noronha
Lin Sun
Rachael Graham
lei-tang
Frank Budinsky
Julien Senon
Zadkiel