Currently I install both tools via the Istio helm install and create a gateway and virtualservice to expose both services to the internet via HTTPS. Doing that, traffic between the browser and the internet-inressgateway is secure.
But the traffic between the internet-ingressgateway and the services Kiali and Jaeger isn’t.
I could secure this traffic by installing Kiali and Jaeger to a different namespace where sidecar-injection and mTLS is enabled.
But I wonder if there is something easier in istio that I have missed.
Is there an easier or more istio-native way to secure the traffic?
Note that in latest release of Kiali you can select if you want to expose Kiali service from http/https natively.
So you would be able to combine this with how to expose this service externally.