Skip to content

docs: add istio docs #15733

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Dec 11, 2024
Merged

docs: add istio docs #15733

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a16b2ff
docs: add istio docs
ericpaulsen Dec 3, 2024
d1f8f0b
add feedback
ericpaulsen Dec 10, 2024
070137c
add feedback 2
ericpaulsen Dec 10, 2024
172988a
make fmt
ericpaulsen Dec 10, 2024
d0a3d87
make{gen,fmt}
EdwardAngert Dec 10, 2024
b9fa0f5
Merge remote-tracking branch 'origin/main' into istio-docs
EdwardAngert Dec 11, 2024
8534aa3
move istio doc
EdwardAngert Dec 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
docs: add istio docs
  • Loading branch information
@ericpaulsen
ericpaulsen committed Dec 3, 2024
commit a16b2ff12bafca4afbfdce533ab633aac8451ae3
5 changes: 5 additions & 0 deletions docs/manifest.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -696,6 +696,11 @@
"description": "Integrate Coder with JFrog Artifactory",
"path": "./admin/integrations/jfrog-artifactory.md"
},
{
"title": "Istio Integration",
"description": "Integrate Coder with an Istio Service Mesh",
"path": "./admin/integrations/istio.md"
},
{
"title": "Island Secure Browser Integration",
"description": "Integrate Coder with Island's Secure Browser",
Expand Down
28 changes: 28 additions & 0 deletions docs/tutorials/istio.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# Configure Istio Service Mesh

Integrating Istio's service mesh with Coder's Ingress enables powerful traffic management, security, and observability capabilities. By placing Coder's workspace traffic behind Istio's intelligent proxy layer, you can implement access controls, encrypt service-to-service communication, and gain visibility into your workspace network patterns. This guide walks through the process of configuring Istio alongside Coder's existing ingress controller, ensuring that developer workspaces remain accessible while benefiting from Istio's comprehensive service mesh features.

Before proceeding, ensure you have a running Kubernetes cluster with both Coder and Istio installed, and that you have administrative access to configure both systems. Once you have access to your Coder cluster, apply the following manifest:

```yaml
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: tailscale-behind-istio-ingress
namespace: istio-system
spec:
configPatches:
- applyTo: NETWORK_FILTER
match:
listener:
filterChain:
filter:
name: envoy.filters.network.http_connection_manager
patch:
operation: MERGE
value:
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
upgrade_configs:
- upgrade_type: derp
```
Loading