Reputation: 1
Need help on Istio Service Mesh
I have a very unique problem. We are looking to restrict some outgoing communications from the EC2 instance, which is part of the service mesh. The rule is We want to restrict calls to specific subdomains of any domain. We don't have the domain list; we only know about the subdomain. Is there any way we can achieve this? Based on the documentation I have read, the destination rule hosts field only allows wild cards for subdomains and not for domains.
One solution is to dynamically update the hosts every time a domain is added to the set, to make it always updated, which is not a possible alternative for me
Any pointers would be appreciated.
I cannot proceed as the hosts element for domains do not support the wild cards.
Upvotes: -1
Views: 6
Answers (0)
Related Questions
- Istio local rate limit network filter stops working after some time
- istio virtual service host cannot be resolved from inside pod
- Traffic routing is failing in istio service mesh for longer URLs. Is there a limit on URL length in Istio envoy router?
- Why is My TCP Istio EnvoyFilter Not Working?
- hosting multiple web apps using the istio ingress gateway
- ISTIO service mesh for internal kube services
- How to configure TLS origination in ISTIO?