首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(7)Istio(7)

语言

全部英语(3)中文(简体)(2)英语(2)

格式

全部PDF文档 PDF(7)
 
本次搜索耗时 0.013 秒,为您找到相关结果约 7 个.

  • pdf文档 Istio Security Assessment

    Certificates 019 Low Default Injected Init Container Requires Sensitive Capabilities 021 Low Execution of System Commands without Validation 008 Informational Weak Trust Boundary Between Workload Container unauthenticated users with a wide range of information about the Cluster, Istio’s configuration, and execution information about running programs. It could be used to target other services or potentially in /requirements/ 32 | Google Istio Security Assessment Google / NCC Group Confidential Finding Execution of System Commands without Validation Risk Informational Impact: Low, Exploitability: Low Identifier
    0 码力 | 51 页 | 849.66 KB | 1 年前
    3

  • pdf文档 Istio audit report - ADA Logics - 2023-01-30 - v1.0

    end of the audit, the these are the stats of the fuzzers: Fuzzer Total executions Total hours of execution FuzzWriteTo 78,576,767 150.3 FuzzRunTemplate 925,533,849 103.5 FuzzReadCACert 39,734,279 91.8 write vulnerability. If the Operator runs with high privileges, this could lead to remote code execution. Even without sudo privileges, the vulnerability could have multiple attack vectors. The root cause Effective Lifetime ID: ADA-IST-3 Fix: https://github.com/istio/istio/pull/41786 Description If execution goes into this branch, outFile is not closed: https://github.com/istio/istio/blob/d0705cf0ed559
    0 码力 | 55 页 | 703.94 KB | 1 年前
    3

  • pdf文档 Observability and Istio Telemetry

    process Bypass adaptor SkyWalking backend Tracing Metric Receiver in gRPC/HTTP Analysis Core Query CoreIstio telemetry Attribute Vocabulary https://istio.io/docs/reference/config/policy-and- tel AlarmRecord belong to this type.Query in GraphQL • Five types query • Metadata • Metric • Aggregation • Trace • Alarm https://github.com/apache/incubator- skywalking-query-protocolEcosystem powered
    0 码力 | 21 页 | 5.29 MB | 6 月前
    3

  • pdf文档 Is Your Virtual Machine Really Ready-to-go with Istio?

    ● Resolving DNS for services in remote clusters #IstioCon Role of DNS in Istio, Today 1. DNS query httpbin.ns1.svc.cluster.local 2. DNS response – 10.4.4.4 http req to 10.4.4.4 GET /status/200 ns1.svc.cluster.local SVC IP: 10.4.4.4 #IstioCon DNS Issues on VMs accessing K8s SVCs 1. DNS query for httpbin.ns1.svc.cluster.local 2. DNS response – no such host httpbin.ns1.svc.cluster.local 4.4.4 #IstioCon DNS Issues on ext-TCP SVCs without VIPs #IstioCon Smart DNS Proxying 1. DNS query httpbin.ns1.svc.cluster.local 2. Cached DNS response – 10.4.4.4 DNS queries to the system configured
    0 码力 | 50 页 | 2.19 MB | 1 年前
    3

  • pdf文档 Service mesh security best practices: from implementation to verification

    accesses to services. Deploy web application firewall to defend against DDoS, injection, remote execution attacks. Edge security Egress 2. Define egress security policies to defend against data exfiltration
    0 码力 | 29 页 | 1.77 MB | 1 年前
    3

  • pdf文档 Leveraging Istio for Creating API Tests - Low Effort API Testing for Microservices

    “src”: “Canada” : } getDetails(…): Req parameter /api?…&UPC=[…]&src=warehouse12&… Test execution sequence : : Problem • Test uses outcome of a previous API request • Context propagation rarely
    0 码力 | 21 页 | 1.09 MB | 1 年前
    3

  • pdf文档 百度APP基于Istio实现基础架构升级 - lightning talk - MichaelXu

    不能容忍,能否低成本解决? Ø 比如常用运维降级、止损能力各个产品线重复建设,方案差异大,OP期望运维能力在不同产品线之间能够通用化, 集中化管理,甚至做到自动决策 Ø 精细故障能力(异常query、注入延迟等)期望能够标准化、低成本跨产品线复制 Ø 百度APP架构缺少上下游模块视图和流量视图,黄金指标不足,导致容量管理压测效率低、混沌工程实施成 本高、故障定位成本高。 #IstioCon
    0 码力 | 9 页 | 2.20 MB | 1 年前
    3
共 7 条
  • 1
前往
相关搜索词
IstioSecurityAssessmentauditreportADALogics20230130v1ObservabilityandTelemetryService meshLeveragingforCreatingAPITestsLowEffortTestingMicroservices百度APP基于实现基础架构基础架构升级lightningtalkMichaelXu