Automatically (via scripts) install, deploy and apply a STRICT mTLS OpenShift Service Mesh to a microservices-based Cloud Native application (https://istio.io/latest/docs/examples/bookinfo). Observe the near real-time encrypted traffic flowing bidirectionally within the Mesh via Grafana dashboard and the Mesh topology/configuration via Kiali dashboard.
Microservices topology and traffic of the bookinfo application
OpenShift 4.x
OpenShift 4.x with Operators ElasticSearch, Jaeger, Kiali, Service Mesh installed
Apply a STRICT mTLS Service Mesh to a microservices-based Cloud Native application
Microservices topology and traffic after applying the strict mTLS Service Mesh
-
Ensure OCP 4.x cluster is up and running and Prerequisites are met
-
Launch the automation_script.sh with the following parameters:
./automation_script.sh $1 $2 $3 $4 $5
$1 = < OCP CLUSTER MASTER API >
$2 = < OCP ADMIN USER >
$3 = < OCP ADMIN PWD >
$4 = < NAME OF THE NAMESPACE THAT WILL CONTAIN THE APPS ON WHICH TO APPLY THE MESH >
$5 = < NAME OF THE NAMESPACE WHERE THE SERVICE MESH CONTROL PLANE WILL BE INSTALLED >
-
Verify through Kiali dashboard the correct deployment of the Service Mesh
-
Verify through Grafana dashboard that traffic between microservices is encrypted by mTLS mode (padlock icon)
----------------- WORK IN PROGRESS --------------------------------------------------------------------------------
Automation and abstraction via parametrization/scripts (certificates, appliance to own microservices/apps, etc etc).
GOAL: automate the creation and the appliance of a mTLS Service Mesh to your own desired microservices/apps
----------------- WORK IN PROGRESS --------------------------------------------------------------------------------