Encrypt com between pods in the same service


I’d like to know if we can also encrypt communications between pods that are in the same service. For example, if I have a cassandra service made of several nodes, can I encrypt communications between those nodes (on a specific port) without having to do the setup at cassandra’s configuration level.

Thank you

There are issues with Istio and headless services. See https://github.com/istio/istio/issues/12551 for a detailed explanation.

It seems they’re working on a solution. Can you tell me if the encryption is supposed to only happen between different services or if that feature should work even for pods in the same service communicating to each other ?

That one is only if pods try to connect to themselves. Do you think there is also an issue to connect to other pods ? It doesn’t seem to be the case if I read it well.