Andrei Petrescu, Head of DevOps at CloudHero, has spent hundreds of hours implementing, debugging, and tuning Istio. This video is a workshop he presented at Cloud Native Bucharest on the 29th of September 2022. Watch the video below (available only in Romanian) and learn how to:
In many corporate system infrastructures, it’s very important for the information to be encrypted end-to-end, to be protected from potential vulnerabilities. We’ve learned from our experience that creating a fully secure setup is essential. The main part of the diagram that we will focus on today will be the traffic going from the Nginx proxy to Istio’s HTTPS port. Keep in mind that, even if it’s not compulsory to have a full HTTPS connection between Nginx and Istio, there are applications that won’t work if you don’t use SSL offloading in front (Keycloak, for example).