From f0806a4502b66ee2ca8811225cfa60ce15056057 Mon Sep 17 00:00:00 2001
From: Edward Viaene <ward.viaene@gmail.com>
Date: Fri, 21 Sep 2018 14:19:32 +0000
Subject: [PATCH] istio egress

---
 istio/README.md             |  6 +++++
 istio/external-service.yaml | 52 +++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 istio/external-service.yaml

diff --git a/istio/README.md b/istio/README.md
index 010e13f..8f6caf2 100644
--- a/istio/README.md
+++ b/istio/README.md
@@ -80,3 +80,9 @@ Create pods, services, destinationrules, virtualservices
 kubectl create -f <(istioctl kube-inject -f helloworld-tls.yaml)
 kubectl create -f helloworld-legacy.yaml
 ```
+
+### End-user authentication
+```
+kubectl create -f <(istioctl kube-inject -f helloworld-jwt.yaml)
+kubectl create -f helloworld-jwt-enable.yaml
+```
diff --git a/istio/external-service.yaml b/istio/external-service.yaml
new file mode 100644
index 0000000..3629299
--- /dev/null
+++ b/istio/external-service.yaml
@@ -0,0 +1,52 @@
+#
+# http
+# 
+apiVersion: networking.istio.io/v1alpha3
+kind: ServiceEntry
+metadata:
+  name: ifconfig-co-http
+spec:
+  hosts:
+  - ifconfig.co
+  ports:
+  - number: 80
+    name: http
+    protocol: HTTP
+  resolution: DNS
+  location: MESH_EXTERNAL
+---
+#
+# https
+# 
+apiVersion: networking.istio.io/v1alpha3
+kind: ServiceEntry
+metadata:
+  name: ifconfig-co-https
+spec:
+  hosts:
+  - ifconfig.co
+  ports:
+  - number: 443
+    name: https
+    protocol: HTTPS
+  resolution: DNS
+  location: MESH_EXTERNAL
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: ifconfig-co
+spec:
+  hosts:
+  - ifconfig.co
+  tls:
+  - match:
+    - port: 443
+      sni_hosts:
+      - ifconfig.co
+    route:
+    - destination:
+        host: ifconfig.co
+        port:
+          number: 443
+      weight: 100