Skip to content

Upgrade Istio API: Migrate Policy to PeerAuthentication #8464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pebrc merged 2 commits into from
Feb 18, 2025
Merged

Upgrade Istio API: Migrate Policy to PeerAuthentication #8464

pebrc merged 2 commits into from
Feb 18, 2025

Conversation

@sakkiii
Copy link
Contributor

@sakkiii sakkiii commented Feb 9, 2025
edited
Loading

Description:

The authentication.istio.io/v1alpha1 Policy resource was deprecated in Istio 1.5 and removed in Istio 1.6. It has been replaced by PeerAuthentication and RequestAuthentication in security.istio.io/v1beta1.

Changes:

  • Ensured compatibility with Istio 1.6+ by using security.istio.io/v1beta1.
  • Replaced Policy with PeerAuthentication.
  • Updated mTLS settings (STRICT, PERMISSIVE, DISABLE) to align with Istio best practices.
  • Ensured correct selectors for targeted workloads.

Why this change?

  • authentication.istio.io/v1alpha1 is deprecated in recent Istio versions.
  • security.istio.io/v1beta1 is the recommended API for workload authentication policies.
  • Ensures compatibility with future Istio releases.

Testing & Verification:

  • Applied the changes in a staging environment to confirm correct behavior.
  • Verified that mTLS settings remain consistent.
  • Checked logs for any unexpected authentication failures.
@botelastic botelastic bot added the triage label Feb 9, 2025
@sakkiii sakkiii mentioned this pull request Feb 15, 2025
Open
pebrc
pebrc approved these changes Feb 17, 2025
View reviewed changes
Copy link
Collaborator

@pebrc pebrc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution. LGTM
@pebrc
Copy link
Collaborator

pebrc commented Feb 17, 2025

buildkite test this
@pebrc pebrc added the >docs Documentation label Feb 18, 2025
@botelastic botelastic bot removed the triage label Feb 18, 2025
@pebrc pebrc merged commit 376f204 into elastic:main Feb 18, 2025
5 checks passed
@pebrc pebrc mentioned this pull request Feb 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

>docs Documentation

2 participants

@sakkiii @pebrc