You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 39 Next »

Description: - Connect two microservices belonging to stateless applications

The services hosted behind Istio service mesh has the sidecar proxy installed with each pod of the service. 

In the below diagram, 

SERVER - httpbin (If TLS Mode is "SIMPLE", it will accept both traffic for tls and plain text. TLS Mode must be ISTIO_MUTUAL for talking to other istio clients.  MUTUAL when talking to other external services) istio service which uses different rootca

CLIENTS - sleep (TLS Mode can be "SIMPLE" (for services with no sidecars) or ISTIO_MUTUAL(services with sidecars)).  MUTUAL when talking to other external services) or istio service which uses different rootca

MESH WIDE POLICY can be PERMISSIVE(Will allow both tls and plan text with no authorization checks on the plain text traffic) OR STRICT (Allow only TLS Traffic)

Diagram


  • No labels