Open
Description
Some customers using Istio have reported the need to disable mTLS for the namespaces containing Splunk Enterprise pods.
Peer Authentication:
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
name: splunk
namespace: splunk
spec:
mtls:
mode: DISABLE
We should do some more investigation and testing on this. I imagine it's related to these annotations being added to get traffic flow working in our istio clusters. I'm not convinced we're doing the "right thing" here. If so, we need to document the above Istio patch. If not, we should change it.