首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(9)Istio(9)

语言

全部英语(8)英语(1)

格式

全部PDF文档 PDF(9)
 
本次搜索耗时 0.074 秒,为您找到相关结果约 9 个.

  • pdf文档 Istio Security Assessment

    effect on preventing a Pod not managed by Istio from accessing Istio’s debug interface. Reproduction Steps • Modify the default policy mesh config map for “controlPlaneAuthPolicy: MUTUAL_TLS” • Create a istio of applications from other namespaces that they do not otherwise have any access to. Reproduction Steps 1. Configure a cluster per Appendix E on page 49, with a restricted user confined to a "rest rict-test" in itself is not malicious but could cause a denial-of-service if used repeatedly. Reproduction Steps With the reference cluster setup and replacing PODNAME with a Pod that has curl installed, the following
    0 码力 | 51 页 | 849.66 KB | 1 年前
    3

  • pdf文档 Is Your Virtual Machine Really Ready-to-go with Istio?

    accessible from the VMs ○ (optional) Kubernetes DNS server accessible from the VMs ● Onboard steps ○ Setup Internal Load Balancers (ILBs) for Kube DNS, Pilot, Mixer and CA ○ Generate configs for ● DNS_AUTO_ALLOCATE ○ Decoupled from DNS_CAPTURE ● Documents available ○ Virtual Machine Installation to get started. ○ Virtual Machine Architecture to learn about the high level architecture of
    0 码力 | 50 页 | 2.19 MB | 1 年前
    3

  • pdf文档 Moving large scale consumer e-commerce Infrastructure to Mesh

    as applicable - consul ● Namespace isolation helps reduce Istio proxy resources #IstioCon Next Steps ● Move stateful components in to mesh discovery and routing ● Expose gateway services via Istio
    0 码力 | 14 页 | 1.76 MB | 1 年前
    3

  • pdf文档 Your laptop as part of the service mesh

    cost-effective #IstioCon 1. Minimize time to bug detection Dev -> PR -> master -> QA -> prod 3 steps away to find a problem #IstioCon 2. Allow simultaneous tests Only one commit at a time from your
    0 码力 | 30 页 | 555.24 KB | 1 年前
    3

  • pdf文档 SberBank story: moving Istio from PoC to production

    environment aren’t a waste of time 1. Istio Discovery Restarts (#25495) 2. Proxy Probes (#26792) Further Steps • Multi-cluster Discovery for OCP & Kubernetes • Multi-cluster Service Topology • Cloud-Native
    0 码力 | 14 页 | 1.68 MB | 1 年前
    3

  • pdf文档 Istio Service Mesh at Enterprise Scale

    Multi-region deployments ● Non-flat networks ● Multi-tenant configuration ● Management of Istio installation ● Self-service mesh enablement for service owners Demo Admiral API Gateway Payments
    0 码力 | 12 页 | 1.23 MB | 1 年前
    3

  • pdf文档 Istio Project Update

    #IstioCon 2018-2019: Year of Service Mesh #IstioCon 2020: Year of Istio Innovation Simplified installation Simplified control plane New extension Model Unified multicluster model Simplified VM onboarding
    0 码力 | 22 页 | 1.10 MB | 1 年前
    3

  • pdf文档 Using ECC Workload Certificates (pilot-agent environmental variables)

    ECDSA for use by pilot-agent ○ For gateways this environmental variable also must be set on installation/upgrade #IstioCon istioctl iop.yaml Install with istioctl install -f iop.yaml apiVersion:
    0 码力 | 9 页 | 376.10 KB | 1 年前
    3

  • pdf文档 Istio audit report - ADA Logics - 2023-01-30 - v1.0

    requires no network access: “The build service… MUST prevent network access while running the build steps.” With regards to reproducibility of builds, Ada Logics did not find evidence of any declaration
    0 码力 | 55 页 | 703.94 KB | 1 年前
    3
共 9 条
  • 1
前往
相关搜索词
IstioSecurityAssessmentMovinglargescaleconsumercommerceInfrastructuretoMeshYourlaptopaspartoftheservicemeshSberBankstorymovingfromPoCproductionServiceatEnterpriseScaleProjectUpdateUsingECCWorkloadCertificatespilotagentenvironmentalvariablesauditreportADALogics20230130v1