WIP: multi-tenant and multi-project
This is work in progress
1) Please install the Red Hat based Service Mesh Operators
2) Do NOT use the information found at istio.io but use only https://maistra.io/
4) From istio.io at least traffic management is usable
9) still working on it
Have a look at the Routes created in:
oc get routes -n control-tenant-bb
oc get routes -n control-tenant-aa
In overlay/tenant-aa/smcp-istio-tenant-aa.yaml is 'ior_enabled: true'
In overlay/tenant-aa/ns1/ns1-istio-gateway.yaml are the cluster external fqdn defined
In overlay/tenant-bb/smcp-istio-tenant-bb.yaml is 'ior_enabled: false'
In overlay/tenant-bb/ns3/ns3-istio-gateway.yaml is a wildcard used for the host. Then OpenShift will create a FQDN for you.
App in NS3 available : http://istio-ingressgateway-control-tenant-bb.apps.guid.it-speeltuin.eu/
App in NS1 available : http://ruby.apps.guid.it-speeltuin.eu/
TODO
-
TLS / mTLS configuration
-
multiply gateways that are configured with the same TLS certificate, see: https://istio.io/latest/docs/ops/common-problems/network-issues/#404-errors-occur-when-multiple-gateways-configured-with-same-tls-certificate
-
stability with TLS / mTLS