Create istio network policy

Allowed resources:

Kubernetes docs
Istio docs
Istio peer_authentication
istio cli is installed on control-plane node

30 Configure istio network policies with

Acceptance criteria You have to develop Istio mTLS policy in market namespace:
1. You have to configure istio mTLS in market namespace.
2. Enforce Mutual Authentication between pods in market namespace.
3. To check that policy is working, you can run:
kubectl exec -it tester -- curl app.market.svc.cluster.local:8080 --head
# Curl from default namespace curl: (56) Recv failure: Connection reset by peer
kubectl exec -n market -it db -- curl app.market.svc.cluster.local:8080 --head
# From db pod HTTP/1.1 200 OK
kubectl exec -n market -it app -- curl app.market.svc.cluster.local:8080 --head
# From app pod HTTP/1.1 200 OK

30	Configure istio network policies with
Acceptance criteria	You have to develop Istio mTLS policy in `market` namespace: 1. You have to configure istio mTLS in `market` namespace. 2. Enforce Mutual Authentication between pods in `market` namespace. 3. To check that policy is working, you can run: `kubectl exec -it tester -- curl app.market.svc.cluster.local:8080 --head` # Curl from default namespace curl: (56) Recv failure: Connection reset by peer `kubectl exec -n market -it db -- curl app.market.svc.cluster.local:8080 --head` # From db pod HTTP/1.1 200 OK `kubectl exec -n market -it app -- curl app.market.svc.cluster.local:8080 --head` # From app pod HTTP/1.1 200 OK

solution

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create istio network policy

FilesExpand file tree

README.MD

Latest commit

History

README.MD

File metadata and controls

Create istio network policy