Rinor Maloku rinormaloku
rinormaloku
/ sa-logic-retries-timeouts-vs.yaml
Created
January 7, 2019 21:43
[Timeouts and Retries with VirtualServices] configuration for Introduction to Istio series https://rinormaloku.com/istio-an-introduction/ #istio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: networking.istio.io/v1alpha3 | |
| kind: VirtualService | |
| metadata: | |
| name: sa-logic | |
| spec: | |
| hosts: | |
| - sa-logic | |
| http: | |
| - route: | |
| - destination: |
rinormaloku
/ auth-policy.yaml
Created
January 13, 2019 14:58
[Authentication Policy] istio policy for the series https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: authentication.istio.io/v1alpha1 | |
| kind: Policy | |
| metadata: | |
| name: auth-policy | |
| spec: | |
| targets: | |
| - name: sa-web-app | |
| - name: sa-feedback | |
| origins: | |
| - jwt: |
rinormaloku
/ App.js
Last active
December 26, 2020 20:29
[Authenticating requests with Bearer Token] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| analyzeSentence() { | |
| fetch('/sentiment', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| 'Authorization': `Bearer ${auth.getAccessToken()}` // Access Token | |
| }, | |
| body: JSON.stringify({ sentence: this.textField.getValue() }) | |
| }) | |
| .then(response => response.json()) |
rinormaloku
/ Auth.js
Last active
January 13, 2019 18:36
[Configuring your tenants details in the frontend] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const Config = { | |
| clientID: '{YOUR_CLIENT_ID}', | |
| domain:'{YOUR_DOMAIN}', | |
| audience: '{YOUR_AUDIENCE}', | |
| ingressIP: '{EXTERNAL_IP}' // Used to redirect after authentication | |
| } |
rinormaloku
/ namespacedGroup.js
Last active
January 13, 2019 16:11
[Rule for adding group to access token] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| context.accessToken['https://sa.io/group'] = user.groups[0]; | |
| return callback(null, user, context); | |
| } |
rinormaloku
/ enable-rbac.yaml
Created
January 13, 2019 15:22
[Enabling authorization with Inclusion of services] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "rbac.istio.io/v1alpha1" | |
| kind: RbacConfig | |
| metadata: | |
| name: default | |
| spec: | |
| mode: 'ON_WITH_INCLUSION' # 1 | |
| inclusion: | |
| services: # 2 | |
| - "sa-frontend.default.svc.cluster.local" | |
| - "sa-web-app.default.svc.cluster.local" |
rinormaloku
/ servicerole.yaml
Created
January 13, 2019 15:24
[Regular user service role] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "rbac.istio.io/v1alpha1" | |
| kind: ServiceRole | |
| metadata: | |
| name: regular-user | |
| namespace: default | |
| spec: | |
| rules: | |
| - services: | |
| - "sa-frontend.default.svc.cluster.local" | |
| - "sa-web-app.default.svc.cluster.local" |
rinormaloku
/ regular-user-service-role-binding.yaml
Created
January 13, 2019 15:24
[Regular user service role binding] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "rbac.istio.io/v1alpha1" | |
| kind: ServiceRoleBinding | |
| metadata: | |
| name: regular-user-binding | |
| namespace: default | |
| spec: | |
| subjects: | |
| - user: "*" | |
| roleRef: | |
| kind: ServiceRole |
rinormaloku
/ mod-service-role.yaml
Last active
January 13, 2019 18:52
[Moderator service role] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "rbac.istio.io/v1alpha1" | |
| kind: ServiceRole | |
| metadata: | |
| name: mod-user | |
| namespace: default | |
| spec: | |
| rules: | |
| - services: ["*"] | |
| paths: ["*"] | |
| methods: ["*"] |
rinormaloku
/ mod-service-role-binding.yaml
Created
January 13, 2019 15:56
[Moderator Service Role Binding] for the article series Intro to Istio https://rinormaloku.com/istio-an-introduction/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: "rbac.istio.io/v1alpha1" | |
| kind: ServiceRoleBinding | |
| metadata: | |
| name: mod-user-binding | |
| namespace: default | |
| spec: | |
| subjects: | |
| - properties: | |
| request.auth.claims[https://sa.io/group]: "Moderators" | |
| roleRef: |