Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Service Mesh

You're reading from   Mastering Service Mesh Enhance, secure, and observe cloud-native applications with Istio, Linkerd, and Consul

Arrow left icon
Product type Paperback
Published in Mar 2020
Publisher Packt
ISBN-13 9781789615791
Length 626 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Authors (2):
Arrow left icon
Vikram Khatri Vikram Khatri
Author Profile Icon Vikram Khatri
Vikram Khatri
Anjali Khatri Anjali Khatri
Author Profile Icon Anjali Khatri
Anjali Khatri
Arrow right icon
View More author details
Toc

Table of Contents (31) Chapters Close

Preface 1. Section 1: Cloud-Native Application Management
2. Monolithic Versus Microservices FREE CHAPTER 3. Cloud-Native Applications 4. Section 2: Architecture
5. Service Mesh Architecture 6. Service Mesh Providers 7. Service Mesh Interface and SPIFFE 8. Section 3: Building a Kubernetes Environment
9. Building Your Own Kubernetes Environment 10. Section 4: Learning about Istio through Examples
11. Understanding the Istio Service Mesh 12. Installing a Demo Application 13. Installing Istio 14. Exploring Istio Traffic Management Capabilities 15. Exploring Istio Security Features 16. Enabling Istio Policy Controls 17. Exploring Istio Telemetry Features 18. Section 5: Learning about Linkerd through Examples
19. Understanding the Linkerd Service Mesh 20. Installing Linkerd 21. Exploring the Reliability Features of Linkerd 22. Exploring the Security Features of Linkerd 23. Exploring the Observability Features of Linkerd 24. Section 6: Learning about Consul through Examples
25. Understanding the Consul Service Mesh 26. Installing Consul 27. Exploring the Service Discovery Features of Consul 28. Exploring Traffic Management in Consul 29. Assessment 30. Other Books You May Enjoy

Authentication

From the previous chapter, we configured the Istio ingress gateway to expose the bookinfo HTTP service's endpoints to external traffic. In this section, we will configure simple or mutual TLS to provide HTTPS access to the external traffic to access bookinfo services. It is our assumption that you have an understanding of simple and mutual TLS authentication. Additional information can be found here: https://bit.ly/2voH44c.

Simple or mutual TLS termination at the ingress gateway for incoming requests assumes that downstream services are safe and not liable to external attacks or insider threats. After the ingress gateway has been secured, downstream service communication is done using a plaintext HTTP protocol.

If access is requested to external services, TLS origination should start an egress gateway for secure communication with an external service. It is...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime