我在Istio Ingress Gateway对象上部署了一个CipherSuite:
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: hello-istio-gateway
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- hosts:
- "*"
port:
name: https-wildcard
number: 444
protocol: HTTPS
tls:
mode: SIMPLE
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
privateKey: /etc/istio/ingressgateway-certs/tls.key
cipherSuites: "[ECDHE-RSA-AES256-GCM-SHA384|ECDHE-RSA-AES128-GCM-SHA256]"
但从kubectl我得到错误
admission webhook "pilot.validation.istio.io" denied the request: error decoding configuration: YAML decoding error:
json: cannot unmarshal string into Go value of type []json.RawMessage
你知道我的清单有什么问题吗?
提前谢谢。
谨致问候,rforberger
从cipherSuites中删除"字符。
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: hello-istio-gateway
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- hosts:
- "*"
port:
name: https-wildcard
number: 444
protocol: HTTPS
tls:
mode: SIMPLE
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
privateKey: /etc/istio/ingressgateway-certs/tls.key
cipherSuites: [ECDHE-RSA-AES256-GCM-SHA384|ECDHE-RSA-AES128-GCM-SHA256]
$ kubectl apply -f gateway.yaml
gateway.networking.istio.io/hello-istio-gateway created