Difficulty: Beginner
Estimated Time: 60 minutes

In this scenario you will how to apply Mutual TLS (mTLS) security to your Kubernetes cluster using Aspen Mesh.

Prerequisites:

  • Understanding of deploying Aspen Mesh onto Kubernetes

You will learn:

  • How to enable mTLS by default

  • How to disable mTLS for a Service

  • How to disable mTLS for a Consumer

Congratulations, you have successfully managed mTLS using Aspen Mesh on Kubernetes cluster.

You learned:

  • How to enable mTLS by default

  • How to disable mTLS for a Service

  • How to disable mTLS for a Consumer

Try Aspen Mesh on your Kubernetes cluster with bash <(curl -Ls https://aspenmesh.io/install)

Enabling Mutual TLS with Aspen Mesh

Step 1 of 5

Deploy Aspen Mesh

The first step is to login to the Aspen Mesh dashboard at https://my.aspenmesh.io/. We have already created a temporary account for you. The credentials will be visible in your terminal window.

Task: Deploy Aspen Mesh

To connect Aspen Mesh to the Kubernetes cluster provided, you need to run an installation script. We have downloaded it for you already. You can start it with /opt/install.sh

The script will prompt you for your allocated email address and your chosen password. It will also ask you where to deploy the assets. For now, accept the defaults. The Aspen Mesh installation script will then deploy the required components.

After the script has finished, Istio and the Aspen Mesh Agent will be deployed to the cluster.

View the pods with:

kubectl get pods -n istio-system