azure.samples/aks_osm_smi_traffic_access_control at main · cmendible/azure.samples

Name	Name	Last commit message	Last commit date
parent directory ..
README.md	README.md
busybox.yaml	busybox.yaml
nginx.yaml	nginx.yaml
nginx_traffic_target.yaml	nginx_traffic_target.yaml

Name

Last commit message

Last commit date

Disable Permissive Traffic Policy Mode

kubectl patch meshconfig osm-mesh-config -n kube-system -p '{"spec":{"traffic":{"enablePermissiveTrafficPolicyMode":false}}}' --type=merge

kubectl get meshconfig osm-mesh-config -n kube-system -o yaml | grep -i enablePermissiveTrafficPolicyMode

kubectl apply -f nginx.yaml
kubectl apply -f busybox.yaml

Run:

kubectl exec -it busybox -c busybox -- sh

once inside the container, run the following command to test connectivity:

wget -O- http://nginx

The result should be similar to the following:

Connecting to nginx (10.0.149.72:80)
wget: error getting response: Resource temporarily unavailable

kubectl apply -f nginx_traffic_target.yaml

Run:

kubectl exec -it busybox -c busybox -- sh

and once inside the container, run the following command to test connectivity:

wget -O- http://nginx