I have deployed Istio 1.5.1 in another namespace “my-istio” and not “istio-system”.
When I try to enable mutual TLS for entire mesh using PeerAuthentication, it expects to be present in “istio-system” namespace with name “default”.
Is there a way to configure namespace as I want to deploy it in “my-istio” namespace?
what are your steps to try to do this job?
I am following this doc https://istio.io/docs/tasks/security/authentication/mtls-migration/#lock-down-mutual-tls-for-the-entire-mesh
But my istio namespace is “my-istio” and not “istio-system”.
When I deployed “default” PeerAuthentication in “my-istio” namespace (to enforce mTLS on mesh level) it did not work. However, the same worked when explicitly created “istio-system” and deployed the same default PeerAuthentication in this namespace.
Expected: Since all my istio components are deployed in “my-istio” namespace, enforcing mTLS on mesh level should happen when default PeerAuthentication policy is created in this namespace instead of “istio-system”.
Hi @anmolagrawal23
Just to know that how did you change the name of the namespace(isto-system). ?