Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Deploy ISTIO Service mesh with mutual authentication enabled. This stage has 2 steps as below.a. Deploy ISTIO Operator - Refer README from here.
    b. Deploy the ISTIO configuration  - Refer README from here

  2. Deploy services - multicloud-k8s - Refer here

  3. Deploy ISTIO Gateway and VirtualService to expose the application outside the cluster - Refer

  4. Deploy an Authentication mechanism - Keycloak is being used in ONAP4K8s. But other Authentication and Authorization can be used. (ORY/Hydra, Auth0) - Refer here

  5. Apply ISTIO Policy on istio-ingressgateway to restrict the access of unauthorized user into the cluster

  6. Apply ISTIO RBAC Rules to have fine-grained access to application resources to specific user/Applications.
    a. Enable RBAC for namespaces if it is not enabled already.