-
Epic
-
Resolution: Done
-
Medium
-
None
-
None
-
None
-
ingressauth-mesh
-
To Do
This Service Mesh PoC intent is to use Istio for encrypting inter pod traffic and to use JWT in conjunction with Istio for authN and authZ.
Details see: https://wiki.onap.org/pages/viewpage.action?pageId=103417456&src=contextnavpagetreemode
This contains:
- Create ONAP Ingress
- Add resources for Istio IngressGateway for components "Ingress" configuration:
- Gateway
- VirtualService
- Add SSL certificate to allow HTTPS connections:
- Use CertService to create selfsigned certificate(s)
- Use the certificate in the Gateway configuration
- Add resources for Istio IngressGateway for components "Ingress" configuration:
- Service Authentication/Authorisation
- Add Keycloak and configuration
- Add Oauth2 Proxy
- Configure Policies for ONAP component access