page 40. 2 | Google Istio Security Assessment Google / NCC Group Confidential Dashboard Target Metadata Engagement Data Name Istio Type Architecture Review and Code-Assisted Security Assessment Type apply the following configuration apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: evil-bookinfo spec: hosts: 2https://istio.io/latest/docs/examples/microservices-isti plane client, per finding NCC-GOIST2005-022 on page 36 — would be able to obtain sensitive routing metadata for Gateways and possibly other resources declared in other namespaces. However, due to time constraints

exceed their trust boundaries including authentication bypass, reading sensitive information, writing files to the underlying file system, exploiting logical errors. The security components have limited functionality the file contents to a main.go file and run it with go run main.go. Careful: This will overwrite files on the system. 1 2 3 4 5 6 7 package main import ( "archive/tar" "bytes" "compress/gzip" "fmt" outFile.Close() Exploitation An attacker could exploit this by forcing Istio to open a large number of files and thus exhaust system resources resulting in Denial of Service. 25 Istio Security Audit, 2023

frequency ● Proxies are heavily CPU throttling and consuming CPU without traffic ● Envoy configuration files are > 100K Lines 33 A full mesh is utopian, know what you need only Stabilizing Istio In fact specific proxy, based on namespace or labels. apiVersion: networking.istio.io/v1beta1 kind: Sidecar metadata: name: default namespace: mercari-echo-jp-dev spec: egress: - hosts: - ./* - istio-system/* specific proxy, based on namespace or labels. apiVersion: networking.istio.io/v1beta1 kind: Sidecar metadata: name: default namespace: mercari-echo-jp-dev spec: egress: - hosts: - ./* - istio-system/*

default to PERMISSIVE if no set apiVersion: "security.istio.io/v1beta1“ kind: "PeerAuthentication“ metadata: name: "demo-peer-policy“ namespace: "default“ spec: selector: matchLabels: app: to TLS with service outside mesh apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: reviews spec: host: reviews trafficPolicy: tls: mode: ISTIO_MUTUAL 1) Generate TLS traffic purely using SNI without VS apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: bookinfo-gateway spec: selector: istio: ingressgateway # use istio default controller

app app app apiVersion: "nais.io/v1alpha1" kind: "Application" metadata: name: app labels: team: pension spec: image: navikt/app:1 port: 8080 replicas: { inbound: - name: consumer-a app apiVersion: "nais.io/v1alpha1" kind: "Application" metadata: name: app labels: team: pension spec: image: navikt/app:1 port: 8080 replicas: { servicerole servicerolebinding serviceentry apiVersion: "nais.io/v1alpha1" kind: "Application" metadata: name: app labels: team: pension spec: image: navikt/app:1 port: 8080 replicas: {

Backend Prometheus AWS New Relic Huawei-APM apiVersion: "config.istio.io/v1alpha2" kind: metric metadata: name: requestduration namespace: istio-system spec: value: response.duration | "0ms" dimensions: KubeAPIServer Ingress- Controller List/watch reLoad Istio灰度发布：基于权重 apiVersion: … kind: VirtualService metadata: name: vs-svcb spec: hosts: - svcb http: route: - destination: name: v1 weight: 20 - destination: Pod2 Version1(canary) group=dev svcB svcA Rules API Pilot apiVersion: … kind: VirtualService metadata: name: ratings-route spec: hosts: - svcb http: - match: - headers: cookie: exact: “group=dev”

Backend Prometheus AWS New Relic Huawei-APM apiVersion: "config.istio.io/v1alpha2" kind: metric metadata: name: requestduration namespace: istio-system spec: value: response.duration | "0ms" dimensions: KubeAPIServer Ingress-Controller List/watch reLoad22 Istio灰度发布：基于权重 apiVersion: … kind: VirtualService metadata: name: vs-svcb spec: hosts: - svcb http: route: - destination: name: v1 weight: 20 - destination: Pod2 Version1(canary) group=dev svcB svcA Rules API Pilot apiVersion: … kind: VirtualService metadata: name: ratings-route spec: hosts: - svcb http: - match: - headers: cookie: exact: “group=dev”

逻辑，例如认证授权等。 #IstioCon MetaProtocol: 请求处理路径 处理流程： 1. Decoder 解析 Downstream 请求，填充 Metadata 2. L7 filter 从 Metadata 获取所需的数据，进行请求方向的业务处理 3. L7 filter 将需要修改的数据放入 Mutation 结构中 4. Router 根据 RDS 配置的路由规则选择 配置的路由规则选择 Upstream Cluster 5. Encoder 根据 Mutation 结构封包 6. 将请求发送给 Upstream L7 filter 共享数据结构： ● Metadata： decode 时填充的 key:value 键值对，用于 l7 filter 的处理逻辑中 ● Mutation：L7 filter 填充的 key:value 键值对，用于 encode MetaProtocol: 响应处理路径 处理流程： 1. Decoder 解析 Upstream 的响应，填充 Metadata 2. Router 根据 connection/stream 对应关系找到响应的 Downstream 连接 3. L7 filter 从 Metadata 获取所需的数据，进行响应方向的业务处理 4. L7 filter 将需要修改的数据放入 Mutation 结构中

跨语言的扩展机制，处理L4层新连接、数据收发。 envoy.filters.network.dubbo_pro xy L4网络过滤器 解析dubbo RPC协议并提取请求中方法、接口、 metadata等信息，并根据元数据进行路由选择。 envoy.filters.network.local_rateli mit L4网络过滤器 基于L4层网络限流，通过令牌桶防止定期时间间隔内 过多下游连接。 • 主要框架代码位于envoy项目，包含进程启动，线程 及网络、主要过滤器框架，观测数据处理等。 • 启动入口点位于envoy项目 source/exe目录下 • proxy项目中主要提供metadata_exchange，stats 等必要WASM扩展 • envoy项目中过滤器插件主要位于 source/extensions/filters，listener目录包含监听 过滤器，netw tls_ins pector http_in spector http_connecti on_manager … router upstream conn pool codec codec metadata_ex change iptables http/1.x h2c cluster L7过滤 L4过滤 监听过滤 下游 连接 上游 连接 outbound • APP发出的请求被

Filter Cluster Upstrea m Filter Chain 4 实际示例中用到的Envoy Filters 端口9080 监听 envoy.filte rs.network .metadata _exchange envoy.http _connectio n_manage r Cluster Productp age服务 Filter Chain envoy.filters Resource 18 生成的Istio Envoy Filter资源(1) apiVersion: networking.istio.io/v1alpha3 kind: EnvoyFilter metadata: …. spec: configPatches: - applyTo: HTTP_FILTER match: …. patch: …. workloadSelector: labels: version: v1 19 生成的Istio Envoy Filter资源(2) apiVersion: networking.istio.io/v1alpha3 kind: EnvoyFilter metadata: …. spec: configPatches: - applyTo: HTTP_FILTER match: …. patch: …. workloadSelector: labels: app: