docker tag echo-frontend xzhu0027/echo-frontend-grpc
docker push xzhu0027/echo-frontend-grpc
docker tag echo-server xzhu0027/echo-server-grpc
docker push xzhu0027/echo-server-grpc
How to build and run ACL wasm filter
The ACL Wasm Filter is a content-based Access Control List (ACL) implemented using WebAssembly (Wasm) written in Rust.
./build_wasm.sh
This will build the ACL wasm written in rust to /tmp/content_based_acl.wasm.
kubectl apply -f echo-server-grpc-istio-full.yaml
This yaml file is generated by istioctl kube-inject -f echo-server-grpc-istio.yaml. It contains the Istio sidecar configuration with a volume that mounts the ACL Wasm Filter into the sidecar container's filesystem.
kubectl apply -f wasm_acl.yaml
Add the ACL wasm filter to echo server. By default, the filter blocks requests that match a certain string.
Note:
The ACL Wasm Filter can be customized to match different strings or patterns by modifying the lib.rs file.
You can check the wasm logs use kubectl logs <echo-server-pod-name> -c istio-proxy -f. (Need to use log.warn!)