...
Drawio | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
- ONAP pods provide non-TLS (HTTP) interfaces
- Encrypted communication via Envoy Proxies (nTLS) provided by ServiceMesh (Istio)
- ONAP pod interface is exposed through Ingress (Istio-Gateway)
- Service access via hostname (configured by Gateway/VirtualService in Ingress GW)
- External TLS interface on Ingress Gateway
- Authentication/Authorisation via oauth2-proxy and Keycloak
- Example (SDC-UI):