Skip to content

v1.0.0-alpha
Compare
Choose a tag to compare
@subashd subashd released this 12 Sep 10:36
· 96 commits to master since this release
v1.0.0-alpha
4ab76b1

Version 1.0.0-alpha

What's New

This is the first release of Citrix istio-adaptor. istio-adaptor is Citrix's solution to configure Citrix ADC as an Ingress Gateway and/or sidecar proxy in Istio Service mesh. It acts as a client to gRPC based services in Istio control plane, listens to updates from the Pilot and configures Citrix ADC proxy using NITRO API calls.

Below are features which are supported in this release:

  1. Service Discovery
  2. Load Balancing
  3. Secure Ingress for HTTP based services
  4. Secure Ingress for TCP based services
  5. Weighted Clusters
  6. HTTP Rewrite and redirect
  7. HTTP Fault Injection
  8. End User Authentication using JWT
  9. Transport Authentication using mTLS
  10. Prometheus support for Ingress Gateway

The detailed list of fields supported on Citrix ADC as per the Istio CRDs (Destination Rule, Virtual Service, Policy, Gateway, Service Entry) can be found here.

Known Issues

  1. Multiple audiences for JWT is not supported.
    [NSAUTH-6178]

  2. JWTs sent in a custom request header or query parameter are not supported in Citrix ADC.
    [NSAUTH-6176]

  3. JWT authentication happens for all paths. includedPaths and excludedPaths are not supported in Citrix ADC.
    [NSAUTH-6247]

Assets 6
Loading