Articles by Thomas Jungbauer
Enable Automatic Route Creation
Thomas Jungbauer
Red Hat Service Mesh 1.1 allows you to enable a "Automatic Route Creation" which will take care about the routes for a specific Gateway. Instead of defining * for hosts, a list of domains can be defined. The Istio OpenShift Routing (ior) synchronizes the routes and creates them inside the Istio namespace. If a Gateway is deleted, the routes will also be removed again.
This new features makes the manual creation of the route obsolete, as it was explained here: Openshift 4 and Service Mesh 4 - Ingress with custom domain
Red Hat Quay Registry - Overview and Installation
Red Hat Quay is an enterprise-quality container registry, which is responsible to build, scan, store and deploy containers. The main features of Quay include:
High Availability
Security Scanning (with Clair)
Registry mirroring
Docker v2
Continuous integration
and much more.
Authorization (RBAC)
Per default all requests inside a Service Mesh are allowed, which can be a problem security-wise. To solve this, authorization, which verifies if the user is allowed to perform a certain action, is required. Istio’s authorization provides access control on mesh-level, namespace-level and workload-level.
Deploy Example Bookinfo Application
To test a second application, a bookinfo application shall be deployed as an example.
The following section finds it’s origin at:
Ansible - Azure Resource Manager Example
Using Ansible Resource Manager with an ARM template and a simple Ansible playbook to deploy a Virtual Machine with Disk, virtual network, public IP and so on.
OpenShift Pipelines - Tekton Introduction
OpenShift Pipelines is a cloud-native, continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework that enables automating deployments across multiple platforms (Kubernetes, serverless, VMs, etc) by abstracting away the underlying details. [1]
Service Mesh 1.1 released
April 10th 2020 Red Hat released Service Mesh version 1.1 which supports the following versions:
Istio - 1.4.6
Kiali - 1.12.7
Jaeger - 1.17.1
Authentication JWT
Welcome to tutorial 10 of OpenShift 4 and Service Mesh, where we will discuss authentication with JWT. JSON Web Token (JWT) is an open standard that allows to transmit information between two parties securely as a JSON object. It is an authentication token, which is verified and signed and therefore trusted. The signing can be achieved by using a secret or a public/private key pair.
Service Mesh can be used to configure a policy which enables JWT for your services.
Copyright © 2020 - 2025 Toni Schmidbauer & Thomas Jungbauer