Open nicop311 opened 4 years ago
Following my original Issue post, I found this Medium blog post by Gaurav Agarwal: Kubernetes Services over HTTPS With Istio’s Secure Gateways, and it features the Bookinfo example.
The aim of this Medium post is to explain how to (I quote) Expose your microservices over TLS to the external world.
I think that the Istio (and Maistra) documentation could use a little upgrade on the Bookinfo + TLS example.
Indeed, in the Istio doc, you can find an example with TLS on httpbin; as well as various examples for EGRESS and INGRESS gateways using httbin
or sleep
.
But it could be good to have an example with Bookinfo where you start to access the Bookinfo web page with HTTP. Then you play with reviews' (v1, v2, v3...) different versions and destination rules. And then you do the same but over HTTPS instead.
Hello, I am trying to do the Bookinfo example from Maistra documentation.
Under the section Add default destination rules, for the second case where I did enable mutual TLS: I think the actual
oc
command lacks.It is written in the current doc:
Instead of (I assume it should be written):
I refer to the following repository: https://github.com/maistra/istio/tree/maistra-2.0/samples/bookinfo/networking
In this OpenShift 4.5 Doc, they suggest the following from
maistra-1.1
:Mutal TLS Maistra Bookinfo example not working ?
However, after I set the destination rules with the mTLS, I can still reach the
Bookinfo
service/web page trough HTTP.At this point, I was expecting to reach
Bookinfo
page trough HTTPS.What am I missing?
Sofware version & environment
4.5.0-0.okd-2020-09-04-180756
Other issue in the doc
I also think that there might be a mistake or a bug in how the
spec.ressources
default values are dealt with. See this other issue aboutspec.resources.limits
for Jaeger.