1. Unified Data Repository Provisioning Gateway Guide
  2. ASM Specific Configuration

A ASM Specific Configuration

To configure ASM, you have to:

  • Add the following annotation under Global section of Provisioning Gateway deployment.
     # ********  Sub-Section Start: Custom Extension Global Parameters ********
  #**************************************************************************
global:
  customExtension:
    allResources:
      labels: {}
      annotations:
        sidecar.istio.io/inject: "\"false\""
 
    lbServices:
      labels: {}
      annotations: {}
 
    lbDeployments:
      labels: {}
      annotations:
        sidecar.istio.io/inject: "\"true\""
        oracle.com/cnc: "\"true\""
    nonlbServices:
      labels: {}
      annotations: {}
 
    nonlbDeployments:
      labels: {}
      annotations:
        sidecar.istio.io/inject: "\"true\""
        oracle.com/cnc: "\"true\""
 
  # ********  Sub-Section End: Custiom Extensions Global Parameters ********
  #**************************************************************************
  • Enable Service Mesh Flag under prov-ingressgateway section.
    prov-ingressgateway:
  # Mandatory: This flag needs to set it "true" is Service Mesh would be present 
  where UDR will be deployed
  serviceMeshCheck: true
  • Change Ingress Gateway Service Type to ClusterIP under prov-ingressgateway section.
    prov-ingressgateway:
  global:
    # Service Type
    type: ClusterIP
  • Exclude ingress gateway container port for http from Aspen Mesh to avoid traffic through side car. Because provisioning system is outside ASM. This port should be same as the prov-ingressgateway.ports.containerPort configuration. The default value is 8081. If the port is not changed, you can add the following annotation under the prov-ingressgateway section.
    prov-ingressgateway:
  deployment:
    customExtension:
      labels: {}
      annotations:
        traffic.sidecar.istio.io/excludeInboundPorts: "\"8081\""