Skip to content

Investigate mTLS for Istio #96

Open
@mikedickey

Description

@mikedickey

Some customers using Istio have reported the need to disable mTLS for the namespaces containing Splunk Enterprise pods.

Peer Authentication:
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: splunk
  namespace: splunk
spec:
  mtls:
    mode: DISABLE

We should do some more investigation and testing on this. I imagine it's related to these annotations being added to get traffic flow working in our istio clusters. I'm not convinced we're doing the "right thing" here. If so, we need to document the above Istio patch. If not, we should change it.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions