首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(9)Istio(9)

语言

全部英语(6)英语(2)中文(简体)(1)

格式

全部PDF文档 PDF(9)
 
本次搜索耗时 0.019 秒,为您找到相关结果约 9 个.

  • pdf文档 Istio Security Assessment

    e.com and example2.com would be handled by the latter-created Gateway, while requests for example.net would be handled by the earlier-created Gateway. Due to this behavior, it is possible for accounts a production environment. See also finding NCC-GOIST2005-013 on page 18. 5https://golang.org/pkg/net/http/pprof/ 13 | Google Istio Security Assessment Google / NCC Group Confidential Finding Default ca-certificates \ curl \ iptables \ iproute2 \ iputils-ping \ knot-dnsutils \ netcat \ tcpdump \ net-tools \ lsof \ linux-tools-generic \ sudo \ ... Tools like tcpdump, sudo, and curl are designed for
    0 码力 | 51 页 | 849.66 KB | 1 年前
    3

  • pdf文档 Istio audit report - ADA Logics - 2023-01-30 - v1.0

    38 39 40 41 42 43 44 45 46 47 48 49 50 import ( "bytes" "context" "crypto/tls" "fmt" "io" "log" "net/http" "os" "os/signal" "time" byteSize "github.com/inhies/go-bytesize" "istio.io/istio/pkg/backoff" tio/istio/blob/d0705cf 0ed5591cc26c0800 1f3faab0a880aec48/ security/pkg/k8s/chir on/utils.go#L168 conn, err := net.DialTimeout("tcp", addr, 1*time.Second) if err != nil { log.Debugf("DialTimeout() returns err: %v" ID: ADA-IST-10 Fix: https://github.com/istio/istio/pull/41872 Description Golangs golang.org/x/net/http2/h2c handler reads the first request in an h2c connection entirely into memory which could allow
    0 码力 | 55 页 | 703.94 KB | 1 年前
    3

  • pdf文档 Accelerate Istio-CNI with ebpf

    the Kubernetes pod life-cycle’s network setup phase, ● Removing the requirement for the NET_ADMIN and NET_RAW capabilities for users deploying pods into the Istio mesh. ● The Istio CNI plugin replaces
    0 码力 | 15 页 | 658.90 KB | 1 年前
    3

  • pdf文档 SberBank story: moving Istio from PoC to production

    1.6 Service Mesh Operator Lessons Learned 1. Init containers maybe not the best option • NET_RAW and NET_ADMIN • Traffic failures due to init restarts (#16768) 2. Be careful with secrets rotation 1
    0 码力 | 14 页 | 1.68 MB | 1 年前
    3

  • pdf文档 Istio Meetup China 服务网格安全 理解 Istio CNI

    isidecar network routing rule to workload iptable Benefits of Istio CNI No need for CAP_NET_ADMIN and CAP_NET_RAW permission No need for istio-init container means faster startup speed (need validation
    0 码力 | 19 页 | 3.17 MB | 1 年前
    3

  • pdf文档 Sketch a Mesh for You

    Solo.io @christianposta christian@solo.io https://blog.christianposta.com https://slideshare.net/ceposta 3 | Copyright © 2020 4 | Copyright © 2020 5 | Copyright © 2020 6 | Copyright ©
    0 码力 | 13 页 | 2.71 MB | 1 年前
    3

  • pdf文档 Building resilient systems inside the mesh: abstraction and automation of Virtual Service generation

    Istio/Envoy for retries and timeouts without knowing it. #IstioCon Thank you! vlad@thoughtmachine.net
    0 码力 | 9 页 | 1.04 MB | 1 年前
    3

  • pdf文档 Preserve Original Source Address within Istio

    fwmark 1337 lookup 133 ip -f inet route add local default dev lo table 133 ③ echo 1 > /proc/sys/net/ipv4/conf/eth0/route_localnet #IstioCon Preserve TCP Original Src Addr - ingress svcB envoy envoy
    0 码力 | 29 页 | 713.08 KB | 1 年前
    3

  • pdf文档 Performance tuning and best practices in a Knative based, large-scale serverless platform with Istio

    Knative and Istio Istio is the default networking layer solution of Knative. It is leveraged for Net-istio is A Knative ingress controller for Istio. Knative is an open source project which provides
    0 码力 | 23 页 | 2.51 MB | 1 年前
    3
共 9 条
  • 1
前往
相关搜索词
IstioSecurityAssessmentauditreportADALogics20230130v1e7pAccelerateIstioCNIwithebpfXuYizhouGuoRuijingSberBankstorymovingfromPoCtoproductionMeetupChina服务网格安全理解CNISketchMeshforYouBuildingresilientsystemsinsidethemeshabstractionandautomationofVirtualServicegenerationPreserveOriginalSourceAddresswithin