K
Q

Why there are two different ways to enable mTLS in istio?

2/2/2020

I am going through enabling mTLS to my mesh, and came across this below command.

istioctl manifest apply --set profile=demo,values.global.mtls.enabled=true

I also found this below yaml file enable mTLS

apiVersion: "authentication.istio.io/v1alpha1"
kind: "MeshPolicy"
metadata:
  name: "default"
spec:
  peers:
  - mtls: {}

What is the difference betwen command and yaml file? Are they both doing same thing?

-- Kalyan Kumar
istio
kubernetes

Similar Questions

Kubernetes cronjob to recycle a specific pod
Look up secrets from gcloud secrets manager directly as secretGenerator with kustomize
Unit systemd-resolved.service is masked
Auto ingress with contour

1 Answer

2/2/2020

Yes they do the same. Doing it via istioctl is imperative way versus doing it via yaml is declarative way.

-- Arghya Sadhu
Source: StackOverflow