domino_admin_toolkit.checks.test_istio module
- domino_admin_toolkit.checks.test_istio.istio_installed_check(k8s_client)
- domino_admin_toolkit.checks.test_istio.test_istio_installed_check(istio_installed_check, k8s_client)
- Description:
Checks to see if istiod is running in istio-system namespace
- Result:
Displays the number of istiod pods running
- See also:
test_tls_secret_expiration.py — TLS cert expiry (Istio mTLS relies on cluster certificates)
info/test_certificate_inventory.py — full cert inventory with chain validation
test_cert_manager.py — cert-manager controller and CRD health
- domino_admin_toolkit.checks.test_istio.test_istio_peerauthentication(istio_installed_check, k8s_client)
- Description:
Checks if STRICT mode is enabled in the istio cluster for peerauthentication
- Result:
If the test PASSED, then strict mode is enabled, else it displays current mTLS mode
- Public Facing KB:
https://istio.io/latest/docs/reference/config/security/peer_authentication/
- See also:
test_tls_secret_expiration.py — TLS cert expiry (mTLS strict mode requires valid certs)
info/test_certificate_inventory.py — full cert inventory with chain validation
test_cert_manager.py — cert-manager controller and CRD health