...
Deploy ISTIO Service mesh with mutual authentication enabled. This stage has 2 steps as below.a. Deploy ISTIO Operator - Refer README from here.
b. Deploy the ISTIO configuration - Refer README from hereDeploy services - multicloud-k8s - Refer here
Deploy ISTIO Gateway and VirtualService to expose the application outside the cluster - Refer
Deploy an Authentication mechanism - Keycloak is being used in ONAP4K8s. But other Authentication and Authorization can be used. (ORY/Hydra, Auth0) - Refer here
Apply ISTIO Policy on istio-ingressgateway to restrict the access of unauthorized user into the cluster
Apply ISTIO RBAC Rules to have fine-grained access to application resources to specific user/Applications.
a. Enable RBAC for namespaces if it is not enabled already.