README

Istio

CircleCI Go Report Card GoDoc codecov.io GolangCI

An open platform to connect, manage, and secure microservices.

In addition, here are some other documents you may wish to read:

You'll find many other useful documents on our Wiki.

Introduction

Istio is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio's control plane provides an abstraction layer over the underlying cluster management platform, such as Kubernetes, Mesos, etc.

Visit istio.io for in-depth information about using Istio.

Istio is composed of these components:

  • Envoy - Sidecar proxies per microservice to handle ingress/egress traffic between services in the cluster and from a service to external services. The proxies form a secure microservice mesh providing a rich set of functions like discovery, rich layer-7 routing, circuit breakers, policy enforcement and telemetry recording/reporting functions.

    Note: The service mesh is not an overlay network. It simplifies and enhances how microservices in an application talk to each other over the network provided by the underlying platform.

  • Mixer - Central component that is leveraged by the proxies and microservices to enforce policies such as authorization, rate limits, quotas, authentication, request tracing and telemetry collection.

  • Pilot - A component responsible for configuring the proxies at runtime.

  • Citadel - A centralized component responsible for certificate issuance and rotation.

  • Node Agent - A per-node component responsible for certificate issuance and rotation.

  • Galley- Central component for validating, ingesting, aggregating, transforming and distributing config within Istio.

Istio currently supports Kubernetes and Consul-based environments. We plan support for additional platforms such as Cloud Foundry, and Mesos in the near future.

Repositories

The Istio project is divided across a few GitHub repositories.

  • istio/istio. This is the main repository that you are currently looking at. It hosts Istio's core components and also the sample programs and the various documents that govern the Istio open source project. It includes:

    • security. This directory contains security related code, including Citadel (acting as Certificate Authority), node agent, etc.
    • pilot. This directory contains platform-specific code to populate the abstract service model, dynamically reconfigure the proxies when the application topology changes, as well as translate routing rules into proxy specific configuration.
    • istioctl. This directory contains code for the istioctl command line utility.
    • mixer. This directory contains code to enforce various policies for traffic passing through the proxies, and collect telemetry data from proxies and services. There are plugins for interfacing with various cloud platforms, policy management services, and monitoring services.
  • istio/api. This repository defines component-level APIs and common configuration formats for the Istio platform.

  • istio/proxy. The Istio proxy contains extensions to the Envoy proxy (in the form of Envoy filters), that allow the proxy to delegate policy enforcement decisions to Mixer.

Issue management

We use GitHub combined with ZenHub to track all of our bugs and feature requests. Each issue we track has a variety of metadata:

  • Epic. An epic represents a feature area for Istio as a whole. Epics are fairly broad in scope and are basically product-level things. Each issue is ultimately part of an epic.

  • Milestone. Each issue is assigned a milestone. This is 0.1, 0.2, ..., or 'Nebulous Future'. The milestone indicates when we think the issue should get addressed.

  • Priority/Pipeline. Each issue has a priority which is represented by the Pipeline field within GitHub. Priority can be one of P0, P1, P2, or >P2. The priority indicates how important it is to address the issue within the milestone. P0 says that the milestone cannot be considered achieved if the issue isn't resolved.

We don't annotate issues with Releases; Milestones are used instead. We don't use GitHub projects at all, that support is disabled for our organization.

Expand ▾ Collapse ▴

Directories

Path Synopsis
addons/servicegraph Package servicegraph defines the core model for the servicegraph service.
addons/servicegraph/cmd/demosvc
addons/servicegraph/cmd/server
addons/servicegraph/dot Package dot provides serialization utilities for a servicegraph using the dot format.
addons/servicegraph/promgen Package promgen generates service graphs from a prometheus backend.
bin/boilerplate/test
galley/cmd/galley
galley/cmd/galley/cmd
galley/pkg/authplugin
galley/pkg/authplugins
galley/pkg/authplugins/google Package google is a Galley auth plugin that uses Google application default credentials.
galley/pkg/authplugins/none Package none is a Galley auth plugin that returns an empty auth DialOption.
galley/pkg/crd/validation
galley/pkg/meshconfig
galley/pkg/metadata
galley/pkg/metadata/kube
galley/pkg/runtime
galley/pkg/runtime/conversions
galley/pkg/runtime/groups
galley/pkg/runtime/log
galley/pkg/runtime/monitoring
galley/pkg/runtime/processing
galley/pkg/runtime/publish
galley/pkg/runtime/resource Package resource contains core abstract types for representing configuration resources.
galley/pkg/server
galley/pkg/source/fs
galley/pkg/source/kube
galley/pkg/source/kube/builtin
galley/pkg/source/kube/client
galley/pkg/source/kube/dynamic
galley/pkg/source/kube/dynamic/converter
galley/pkg/source/kube/log
galley/pkg/source/kube/schema
galley/pkg/source/kube/schema/check
galley/pkg/source/kube/stats
galley/pkg/source/kube/tombstone
galley/pkg/testing/common
galley/pkg/testing/events
galley/pkg/testing/mock
galley/pkg/testing/resources
galley/tools/gen-meta
galley/tools/mcpc
istioctl/cmd/istioctl Command istioctl is a Istio configuration command line utility.
istioctl/cmd/istioctl/gendeployment
istioctl/pkg/convert
istioctl/pkg/install
istioctl/pkg/kubernetes
istioctl/pkg/rbac
istioctl/pkg/util/clusters
istioctl/pkg/util/configdump
istioctl/pkg/util/proto
istioctl/pkg/validate
istioctl/pkg/writer/compare
istioctl/pkg/writer/envoy/clusters
istioctl/pkg/writer/envoy/configdump
istioctl/pkg/writer/pilot
mixer/adapter Package adapter contains the inventory for all Mixer adapters that are compiled into a specific Mixer binary.
mixer/adapter/bypass
mixer/adapter/bypass/config Package config is a generated protocol buffer package.
mixer/adapter/circonus
mixer/adapter/circonus/config Package config is a generated protocol buffer package.
mixer/adapter/cloudwatch
mixer/adapter/cloudwatch/config Package config is a generated protocol buffer package.
mixer/adapter/denier Package denier provides an adapter that will return a status code (typically FAILED_PRECONDITION) for all calls.
mixer/adapter/denier/config Package config is a generated protocol buffer package.
mixer/adapter/dogstatsd
mixer/adapter/dogstatsd/config Package config is a generated protocol buffer package.
mixer/adapter/fluentd Package fluentd adapter for Mixer.
mixer/adapter/fluentd/config Package config is a generated protocol buffer package.
mixer/adapter/kubernetesenv Package kubernetesenv provides functionality to adapt mixer behavior to the kubernetes environment.
mixer/adapter/kubernetesenv/config Package config is a generated protocol buffer package.
mixer/adapter/kubernetesenv/template Package adapter_template_kubernetes is a generated protocol buffer package.
mixer/adapter/list Package list provides an adapter that implements the listEntry template to enable blacklist / whitelist checking of values.
mixer/adapter/list/config Package config is a generated protocol buffer package.
mixer/adapter/memquota Package memquota provides a simple in-memory quota implementation.
mixer/adapter/memquota/config Package config is a generated protocol buffer package.
mixer/adapter/noop
mixer/adapter/opa
mixer/adapter/opa/config Package config is a generated protocol buffer package.
mixer/adapter/prometheus Package prometheus publishes metric values collected by Mixer for ingestion by prometheus.
mixer/adapter/prometheus/config Package config is a generated protocol buffer package.
mixer/adapter/rbac Package rbac is deprecated by native RBAC implemented in Envoy proxy.
mixer/adapter/rbac/config Package config is a generated protocol buffer package.
mixer/adapter/redisquota Package redisquota provides a quota implementation with redis as backend.
mixer/adapter/redisquota/config Package config is a generated protocol buffer package.
mixer/adapter/signalfx
mixer/adapter/signalfx/config Package config is a generated protocol buffer package.
mixer/adapter/solarwinds Package solarwinds publishes metric and log values collected by Mixer to appoptics and papertrail respectively.
mixer/adapter/solarwinds/config Package config is a generated protocol buffer package.
mixer/adapter/solarwinds/internal/appoptics
mixer/adapter/solarwinds/internal/papertrail
mixer/adapter/stackdriver Package stackdriver provides an adapter that implements the logEntry and metrics templates to serialize generated values to Stackdriver.
mixer/adapter/stackdriver/config Package config is a generated protocol buffer package.
mixer/adapter/stackdriver/contextgraph Package contextgraph adapter for Stackdriver Context API.
mixer/adapter/stackdriver/helper
mixer/adapter/stackdriver/log
mixer/adapter/stackdriver/metric
mixer/adapter/stackdriver/trace Package trace contains a tracespan adapter for Stackdriver trace.
mixer/adapter/statsd Package statsd provides an adapter that implements the metrics template to serialize generated metric values to a statsd backend.
mixer/adapter/statsd/config Package config is a generated protocol buffer package.
mixer/adapter/stdio Package stdio provides an adapter that implements the logEntry and metrics templates to serialize generated logs and metrics to stdout, stderr, or files.
mixer/adapter/stdio/config Package config is a generated protocol buffer package.
mixer/adapter/zipkin Package zipkin contains a tracespan adapter for Zipkin (https://zipkin.io/).
mixer/adapter/zipkin/config Package config is a generated protocol buffer package.
mixer/cmd/mixc
mixer/cmd/mixc/cmd
mixer/cmd/mixs
mixer/cmd/mixs/cmd
mixer/cmd/shared Package shared contains types and functions that are used across the full set of mixer commands.
mixer/pkg/adapter Package adapter defines the types consumed by adapter implementations to interface with Mixer.
mixer/pkg/adapter/opencensus Package opencensus contains support code for writing adapters that use OpenCensus.
mixer/pkg/adapter/test
mixer/pkg/api
mixer/pkg/attribute Package attribute is focused on enabling efficient handling and tracking of attribute usage within Mixer.
mixer/pkg/checkcache Package checkcache provides a scalable cache to hold results of Mixer.Check operations.
mixer/pkg/config
mixer/pkg/config/crd Package crd provides the store interface to config resources stored as kubernetes custom resource definitions (CRDs).
mixer/pkg/config/mcp
mixer/pkg/config/store
mixer/pkg/config/storetest Package storetest provides the utility functions of config store for testing.
mixer/pkg/il Package il implements the intermediate-language for the config-language interpreter of Mixer.
mixer/pkg/il/interpreter Package interpreter implements an interpreter based runtime for the Mixer IL.
mixer/pkg/il/testing
mixer/pkg/il/text
mixer/pkg/lang
mixer/pkg/lang/ast
mixer/pkg/lang/checker
mixer/pkg/lang/compiled
mixer/pkg/lang/compiler Package compiler implements a compiler that converts Mixer's expression language into a Mixer IL-based program that can be executed via an interpreter.
mixer/pkg/loadshedding
mixer/pkg/mockapi Package mockapi supplies a fake Mixer server for use in testing.
mixer/pkg/perf Package perf is a helper library for writing Mixer perf tests.
mixer/pkg/pool Package pool provides access to a mixer-global pool of buffers, a pool of goroutines, and a string interning table.
mixer/pkg/protobuf/descriptor
mixer/pkg/protobuf/yaml
mixer/pkg/protobuf/yaml/dynamic
mixer/pkg/protobuf/yaml/wire Package wire parses and formats the protobuf wire encoding.
mixer/pkg/runtime
mixer/pkg/runtime/config Package config is designed to listen to the config changes through the store and create a fully-resolved configuration state that can be used by the rest of the runtime code.
mixer/pkg/runtime/config/constant
mixer/pkg/runtime/config/validator
mixer/pkg/runtime/dispatcher Package dispatcher is used to dispatch incoming requests to one or more handlers.
mixer/pkg/runtime/handler
mixer/pkg/runtime/lang Package lang chooses a language runtime for expressions.
mixer/pkg/runtime/monitoring
mixer/pkg/runtime/routing Package routing implements a routing table for resolving incoming requests to handlers.
mixer/pkg/runtime/safecall
mixer/pkg/runtime/testing/data
mixer/pkg/server
mixer/pkg/status Package status provides utility functions for google_rpc status objects.
mixer/pkg/template
mixer/template Package template provides runtime descriptors of the templates known to Mixer at compile-time.
mixer/template/apikey Package apikey is a generated protocol buffer package.
mixer/template/authorization Package authorization is a generated protocol buffer package.
mixer/template/checknothing Package checknothing is a generated protocol buffer package.
mixer/template/edge Package edge is a generated protocol buffer package.
mixer/template/listentry Package listentry is a generated protocol buffer package.
mixer/template/logentry Package logentry is a generated protocol buffer package.
mixer/template/metric Package metric is a generated protocol buffer package.
mixer/template/quota Package quota is a generated protocol buffer package.
mixer/template/reportnothing Package reportnothing is a generated protocol buffer package.
mixer/template/sample Package sample provides a set of templates for internal testing of Mixer.
mixer/template/sample/apa Package istio_mixer_adapter_sample_myapa is a generated protocol buffer package.
mixer/template/sample/check Package istio_mixer_adapter_sample_check is a generated protocol buffer package.
mixer/template/sample/quota Package istio_mixer_adapter_sample_quota is a generated protocol buffer package.
mixer/template/sample/report Package istio_mixer_adapter_sample_report is a generated protocol buffer package.
mixer/template/tracespan Package tracespan is a generated protocol buffer package.
mixer/test/client/check_cache Package client contains an integration test for istio proxy.
mixer/test/client/check_cache_hit Package client contains an integration test for istio proxy.
mixer/test/client/check_report Package client contains an integration test for istio proxy.
mixer/test/client/check_report_disable Package client contains an integration test for istio proxy.
mixer/test/client/check_report_large_post_request Package client contains an integration test for istio proxy.
mixer/test/client/disable_check_cache Package client contains an integration test for istio proxy.
mixer/test/client/disable_tcp_check_calls Package client contains an integration test for istio proxy.
mixer/test/client/dynamic_attribute Package client contains an integration test for istio proxy.
mixer/test/client/dynamic_listener Package client contains an integration test for istio proxy.
mixer/test/client/env
mixer/test/client/failed_request Package client contains an integration test for istio proxy.
mixer/test/client/fault_inject Package client contains an integration test for istio proxy.
mixer/test/client/global_dictionary Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_origin_jwt_bound_origin Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_origin_jwt_bound_peer Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_origin_reject_no_jwt Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_peer_jwt_bound_origin Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_peer_jwt_bound_peer Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_peer_reject_no_jwt Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_peer_reject_no_mtls Package client contains an integration test for istio proxy.
mixer/test/client/istio_authn_peer_reject_no_tls Package client contains an integration test for istio proxy.
mixer/test/client/mixer_internal_fail Package client contains an integration test for istio proxy.
mixer/test/client/network_policy Package client contains an integration test for istio proxy.
mixer/test/client/pilotplugin Package client contains an integration test for istio proxy and pilot plugin for mixer HTTP filter.
mixer/test/client/pilotplugin_mtls Package client contains an integration test for istio proxy and pilot plugin for mixer HTTP filter over mTLS.
mixer/test/client/pilotplugin_tcp Package client contains an integration test for istio proxy and pilot plugin for mixer TCP filter.
mixer/test/client/quota Package client contains an integration test for istio proxy.
mixer/test/client/quota_cache Package client contains an integration test for istio proxy.
mixer/test/client/rbac_permissive_global Package client contains an integration test for istio proxy.
mixer/test/client/rbac_permissive_policy Package client contains an integration test for istio proxy.
mixer/test/client/report_batch Package client contains an integration test for istio proxy.
mixer/test/client/route_directive Package client contains an integration test for istio proxy.
mixer/test/client/tcp_filter Package client contains an integration test for istio proxy.
mixer/test/client/tcp_filter_periodical_report Package client contains an integration test for istio proxy.
mixer/test/client/test_data
mixer/test/listbackend
mixer/test/listbackend/cmd
mixer/test/perf/perfclient Package test supplies a fake Mixer server for use in testing.
mixer/test/policybackend
mixer/test/prometheus
mixer/test/prometheus/cmd
mixer/test/spyAdapter Package spyadapter is intended for Mixer testing *ONLY*.
mixer/test/spyAdapter/template Package template contains generated code for the spy adapter testing.
mixer/test/spyAdapter/template/apa Package sampleapa is a generated protocol buffer package.
mixer/test/spyAdapter/template/check Package samplecheck is a generated protocol buffer package.
mixer/test/spyAdapter/template/checkoutput Package checkproducer is a generated protocol buffer package.
mixer/test/spyAdapter/template/quota Package samplequota is a generated protocol buffer package.
mixer/test/spyAdapter/template/report Package samplereport is a generated protocol buffer package.
mixer/test/spybackend
mixer/tools/adapterlinter
mixer/tools/codegen/cmd/mixgenbootstrap
mixer/tools/codegen/cmd/mixgeninventory
mixer/tools/codegen/pkg/bootstrapgen
mixer/tools/codegen/pkg/bootstrapgen/template
mixer/tools/codegen/pkg/inventory Package inventory is used to generate the mixer adapter inventory source file.
mixer/tools/codegen/pkg/modelgen
mixer/tools/mixgen
mixer/tools/mixgen/cmd
pilot/cmd
pilot/cmd/pilot-agent
pilot/cmd/pilot-agent/status
pilot/cmd/pilot-agent/status/ready
pilot/cmd/pilot-agent/status/util
pilot/cmd/pilot-discovery
pilot/cmd/sidecar-injector
pilot/pkg/bootstrap
pilot/pkg/config/aggregate Package aggregate implements a read-only aggregator for config stores.
pilot/pkg/config/aggregate/fakes Code generated by counterfeiter.
pilot/pkg/config/clusterregistry
pilot/pkg/config/coredatamodel
pilot/pkg/config/kube/crd Package crd provides an implementation of the config store and cache using Kubernetes Custom Resources and the informer framework from Kubernetes
pilot/pkg/config/kube/ingress Package ingress provides a read-only view of Kubernetes ingress resources as an ingress rule configuration type store
pilot/pkg/config/memory Package memory provides an in-memory volatile config store implementation
pilot/pkg/config/monitor
pilot/pkg/kube/inject Package inject implements kube-inject or webhoook autoinject feature to inject sidecar.
pilot/pkg/model
pilot/pkg/model/test Package test is a generated protocol buffer package.
pilot/pkg/networking/core
pilot/pkg/networking/core/v1alpha3
pilot/pkg/networking/core/v1alpha3/fakes Code generated by counterfeiter.
pilot/pkg/networking/core/v1alpha3/loadbalancer packages used for load balancer setting
pilot/pkg/networking/core/v1alpha3/route
pilot/pkg/networking/core/v1alpha3/route/retry
pilot/pkg/networking/plugin
pilot/pkg/networking/plugin/authn
pilot/pkg/networking/plugin/authz Package authz converts Istio RBAC (role-based-access-control) policies (ServiceRole and ServiceRoleBinding) to corresponding filter config that is used by the envoy RBAC filter to enforce access control to the service co-located with envoy.
pilot/pkg/networking/plugin/health
pilot/pkg/networking/plugin/mixer
pilot/pkg/networking/plugin/registry Package registry represents a registry of plugins that can be used by a config generator.
pilot/pkg/networking/util
pilot/pkg/proxy
pilot/pkg/proxy/envoy
pilot/pkg/proxy/envoy/v2
pilot/pkg/request
pilot/pkg/serviceregistry
pilot/pkg/serviceregistry/aggregate
pilot/pkg/serviceregistry/consul
pilot/pkg/serviceregistry/external
pilot/pkg/serviceregistry/kube Package kube implements the shared and reusable library for Kubernetes
pilot/pkg/serviceregistry/memory
pilot/test/mock
pilot/test/util
pilot/tools Tool to generate pilot/pkg/config/kube/types.go Example run command: go run pilot/tools/generate_config_crd_types.go --template pilot/tools/types.go.tmpl --output pilot/pkg/config/kube/crd/types.go
pilot/tools/debug
pkg/adsc
pkg/bootstrap
pkg/cache Package cache provides general-purpose in-memory caches.
pkg/cmd
pkg/collateral
pkg/ctrlz Package ctrlz implements Istio's introspection facility.
pkg/ctrlz/fw
pkg/ctrlz/topics Package topics defines several canonical ControlZ topics.
pkg/features/pilot
pkg/filewatcher
pkg/keepalive
pkg/kube
pkg/kube/secretcontroller
pkg/listwatch
pkg/log Package log provides the canonical logging functionality used by Go-based Istio components.
pkg/mcp/client
pkg/mcp/configz
pkg/mcp/creds
pkg/mcp/env
pkg/mcp/internal
pkg/mcp/internal/test
pkg/mcp/monitoring
pkg/mcp/server
pkg/mcp/sink
pkg/mcp/snapshot
pkg/mcp/source
pkg/mcp/testing
pkg/mcp/testing/groups
pkg/mcp/testing/monitoring
pkg/mcp/testing/testcerts
pkg/probe Package probe provides liveness / readiness probe.
pkg/proto
pkg/servicemesh/apis/servicemesh/v1
pkg/servicemesh/client/clientset/versioned This package has the automatically generated clientset.
pkg/servicemesh/client/clientset/versioned/fake This package has the automatically generated fake clientset.
pkg/servicemesh/client/clientset/versioned/scheme This package contains the scheme of the automatically generated clientset.
pkg/servicemesh/client/clientset/versioned/typed/servicemesh/v1 This package has the automatically generated typed clients.
pkg/servicemesh/client/clientset/versioned/typed/servicemesh/v1/fake Package fake has the automatically generated clients.
pkg/servicemesh/client/informers/externalversions
pkg/servicemesh/client/informers/externalversions/internalinterfaces
pkg/servicemesh/client/informers/externalversions/servicemesh
pkg/servicemesh/client/informers/externalversions/servicemesh/v1
pkg/servicemesh/client/listers/servicemesh/v1
pkg/servicemesh/controller
pkg/spiffe
pkg/test
pkg/test/annotation
pkg/test/application
pkg/test/application/echo
pkg/test/application/echo/client
pkg/test/application/echo/proto
pkg/test/application/echo/server
pkg/test/deployment
pkg/test/docker/registry
pkg/test/docker/registry/cmd
pkg/test/env
pkg/test/envoy
pkg/test/envoy/discovery
pkg/test/fakes/policy Package policy is a generated protocol buffer package.
pkg/test/framework
pkg/test/framework/api/component
pkg/test/framework/api/components
pkg/test/framework/api/context
pkg/test/framework/api/descriptors
pkg/test/framework/api/ids
pkg/test/framework/api/lifecycle
pkg/test/framework/runtime
pkg/test/framework/runtime/api
pkg/test/framework/runtime/components/apps
pkg/test/framework/runtime/components/apps/agent
pkg/test/framework/runtime/components/bookinfo
pkg/test/framework/runtime/components/citadel
pkg/test/framework/runtime/components/echo
pkg/test/framework/runtime/components/environment/kube
pkg/test/framework/runtime/components/environment/native
pkg/test/framework/runtime/components/environment/native/service
pkg/test/framework/runtime/components/galley
pkg/test/framework/runtime/components/ingress
pkg/test/framework/runtime/components/mixer
pkg/test/framework/runtime/components/pilot
pkg/test/framework/runtime/components/policybackend
pkg/test/framework/runtime/components/prometheus
pkg/test/framework/runtime/dependency
pkg/test/framework/runtime/key
pkg/test/framework/runtime/registries
pkg/test/framework/runtime/registry
pkg/test/kube
pkg/test/scopes
pkg/test/shell
pkg/test/util/reserveport
pkg/test/util/retry
pkg/test/util/structpath
pkg/tracing Package tracing provides the canonical tracing functionality used by Go-based Istio components.
pkg/util
pkg/version Package version provides build version information.
samples/health-check
samples/tcp-echo/src
security/cmd/istio_ca
security/cmd/node_agent
security/cmd/node_agent_k8s
security/pkg/adapter/vault Package vault provides adapter to connect to vault server.
security/pkg/caclient
security/pkg/caclient/protocol Package protocol defines the interface of CA client protocol.
security/pkg/caclient/protocol/mock
security/pkg/cmd
security/pkg/credential
security/pkg/k8s/configmap
security/pkg/k8s/controller
security/pkg/k8s/tokenreview
security/pkg/nodeagent/cache Package cache is the in-memory secret store.
security/pkg/nodeagent/caclient
security/pkg/nodeagent/caclient/interface
security/pkg/nodeagent/caclient/providers/citadel
security/pkg/nodeagent/caclient/providers/google
security/pkg/nodeagent/caclient/providers/vault
security/pkg/nodeagent/model Package model contains data models for nodeagent.
security/pkg/nodeagent/plugin
security/pkg/nodeagent/plugin/providers/google Package iamclient is for IAM integration.
security/pkg/nodeagent/plugin/providers/google/stsclient Package stsclient is for oauth token exchange integration.
security/pkg/nodeagent/plugin/providers/google/stsclient/test
security/pkg/nodeagent/sds Package sds implements secret discovery service in NodeAgent.
security/pkg/nodeagent/secretfetcher
security/pkg/nodeagent/vm
security/pkg/pki/ca
security/pkg/pki/ca/mock
security/pkg/pki/util
security/pkg/pki/util/mock
security/pkg/platform
security/pkg/platform/mock
security/pkg/probe
security/pkg/registry
security/pkg/registry/kube
security/pkg/server/ca
security/pkg/server/ca/authenticate
security/pkg/server/monitoring
security/pkg/util
security/pkg/util/mock
security/proto Package istio_v1_auth is a generated protocol buffer package.
security/proto/providers/google Package google_security_istioca_v1alpha1 is a generated protocol buffer package.
security/tests/integration
security/tools/generate_cert
security/tools/generate_csr
tests/codecov
tests/e2e/framework
tests/e2e/tests/pilot/cloudfoundry/mock
tests/integration2/citadel
tests/integration2/galley/validation
tests/integration_old/component/fortio_server
tests/integration_old/component/mixer
tests/integration_old/component/proxy
tests/integration_old/example/environment/appOnlyEnv
tests/integration_old/example/environment/appOnlyEnv/cmd
tests/integration_old/example/environment/mixerEnvoyEnv
tests/integration_old/example/environment/mixerEnvoyEnv/cmd
tests/integration_old/framework
tests/util
tests/util/checker
tests/util/checker/flaky_test_finder
tests/util/checker/flaky_test_finder/rules
tests/util/checker/testlinter
tests/util/checker/testlinter/rules
tools/githubContrib
tools/hyperistio
tools/license Binary get_dep_licenses outputs aggrerate license information for all transitive Istio dependencies.