Difficulty: Advanced
Estimated Time: 15 minutes

Through this scenario, you can have closer look at mutual TLS and learn its settings.

Download the ebook "Introducing Istio Service Mesh for Microservices" for FREE at https://developers.redhat.com/books/introducing-istio-service-mesh-microservices/.

You can also run this tutorial on your machine, visit http://bit.ly/istio-tutorial.

mTLS

Step 1 of 2

Before start

You need to remove the customer route you created at the beginning of the tutorial.

To do it just run: oc delete route customer

Then, you need to enable Istio Ingress to receive all traffic and redirect it to customer service. For this reason, let’s create a Gateway and VirtualService that allows local calls reach the clustered service inside the mesh.

istioctl create -f ~/projects/istio-tutorial/istiofiles/gateway-customer.yml

Then configure some environment variables that will help you on testing:

export INGRESS_PORT=$(oc -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}'); \ export GATEWAY_URL=http://customer-tutorial.[[HOST_SUBDOMAIN]]-$INGRESS_PORT-[[KATACODA_HOST]].environments.katacoda.com;

Now you can run curl but against GATEWAY_URL and you’ll see the same messages as before (customer => preference => recommendation v1 from 'b87789c58-mfrhr': 1):

curl ${GATEWAY_URL}

Note: The command bellow migh return customer => 503 preference => 503 no healthy upstream. In that case, repeat the command curl ${GATEWAY_URL} until you see customer => preference => recommendation v1 from 'b87789c58-mfrhr': 1

Creating Katacoda Scenarios

Thanks for creating Katacoda scenarios. This tab is designed to help you as an author have quick access the information you need when creating scenarios.

This tab will not be visible to users.

Here are some useful links to get you started.

Running Katacoda Workshops

If you are planning to use Katacoda for workshops, please contact [email protected] to arrange capacity.

Debugging Scenarios

Below is the response from any background scripts run or files uploaded. This stream can aid debugging scenarios.

If you still need assistance, please contact [email protected]