istio.io/istio@v0.0.0-20240520182934-d79c90f27776/releasenotes/notes/istiod-sds.yaml

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/releasenotes/notes/istiod-sds.yaml (about)

     1  apiVersion: release-notes/v2
     2  kind: feature
     3  area: security
     4  releaseNotes:
     5  - |
     6    **Improved** Gateway certificates to be read and distributed from Istiod, rather than in the gateway pods.
     7    This reduces the permissions required in the gateways, improves performance, and will make certificate reading
     8    more flexible in the future. This change is fully backwards compatible with the old method, and requires no changes
     9    to your cluster. If required, it can be disabled by setting the `ISTIOD_ENABLE_SDS_SERVER=false`
    10    environment variable in Istiod.