This document describes how easy it is to integrate Istio with EnRoute
This document describes how easy it is to integrate Istio with EnRoute. Istio is a service mesh based on Envoy Proxy that encrypts traffic between micro-services inside a Kubernetes Cluster
Enabling EnRoute integration with Istio can be done in one step by setting a flag and running a container along with EnRoute (to serve secrets) to participate in Istio trust framework.
An End-to-end encryption of traffic using EnRoute and istio includes -
We install EnRoute and Istio, enable cluster-wide mTLS, configure EnRoute for Istio environment and make the secrets available to EnRoute. We will go through each of these steps by -
We trace through each of the above steps while monitoring the cluster to verify end-to-end encrypted traffic.
We also verify some of the steps above using the open source Kiali project for observing a Kubernetes Istio deployment
Note that it is common to have a platform approach to automating the above steps, however we enumerate them here to explain in detail about EnRoute integration with Istio
The complete article can be found in the integration section of docs