istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/testdata/networking/sidecar-without-service/configs.yaml

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/testdata/networking/sidecar-without-service/configs.yaml (about)

     1  apiVersion: networking.istio.io/v1alpha3
     2  kind: Sidecar
     3  metadata:
     4    name: default-sidecar-scope
     5    namespace: istio-config
     6  spec:
     7    egress:
     8    - hosts:
     9      - "./*"
    10  ---
    11  # Authentication policy to enable mutual TLS for all services (that have sidecar) in the mesh.
    12  apiVersion: security.istio.io/v1beta1
    13  kind: PeerAuthentication
    14  metadata:
    15    name: default
    16    namespace: istio-config
    17  spec:
    18    mtls:
    19      mode: STRICT
    20  ---
    21  # Corresponding destination rule to configure client side to use mutual TLS when talking to
    22  # any service (host) in the mesh.
    23  apiVersion: networking.istio.io/v1alpha3
    24  kind: DestinationRule
    25  metadata:
    26    name: default
    27    namespace: istio-config
    28  spec:
    29    host: "*.local"
    30    trafficPolicy:
    31      tls:
    32        mode: ISTIO_MUTUAL
    33  ---
    34  # Services and configs in ns1 namespace
    35  apiVersion: networking.istio.io/v1alpha3
    36  kind: ServiceEntry
    37  metadata:
    38    name: http1
    39    namespace: ns1
    40  spec:
    41    hosts:
    42    - http1.ns1.svc.cluster.local
    43    addresses:
    44    - 2.1.1.1
    45    ports:
    46    - number: 8081
    47      name: http
    48      protocol: HTTP2
    49    location: MESH_INTERNAL
    50    resolution: STATIC
    51    endpoints:
    52    - address: 100.1.1.1
    53      labels:
    54        version: v1
    55      ports:
    56        http: 8080
    57  ---
    58  # Services and configs in ns1 namespace
    59  apiVersion: networking.istio.io/v1alpha3
    60  kind: ServiceEntry
    61  metadata:
    62    name: http2
    63    namespace: ns2
    64  spec:
    65    hosts:
    66    - http2.ns2.svc.cluster.local
    67    addresses:
    68    - 2.1.1.2
    69    ports:
    70    - number: 8082
    71      name: http
    72      protocol: HTTP2
    73    location: MESH_INTERNAL
    74    resolution: STATIC
    75    endpoints:
    76    - address: 100.2.1.1
    77      ports:
    78        http: 8080
    79  ---
    80  # The sidecar for the consumer only application
    81  apiVersion: networking.istio.io/v1alpha3
    82  kind: Sidecar
    83  metadata:
    84    name: consumerapp
    85    namespace: consumerns
    86  spec:
    87    egress:
    88      - hosts:
    89          - "ns1/*"
    90    ingress:
    91      - port:
    92          number: 9080
    93          protocol: HTTP
    94          name: http-admin
    95        defaultEndpoint: 127.0.0.1:8080
    96        captureMode: IPTABLES
    97    workloadSelector:
    98      labels:
    99        app: consumeronly