Hi,
In my k8s cluster there is a Pod (weave-scope-agent) that uses hostNetwork to collect statistics from a node. The same Pod sends collected data to weave-scope-frontend
, which is a part of Istio service mesh. The service mesh requires all traffic to be secured by mTLS (we do not want to make any excuses).
Since weave-scope-agent uses hostNetwork it does not have a sidecar and it can not take advantage of Istio mTLS.
I am wondering if I can enforce sidecar injection to weave-scope-agent, so the traffic towards Istio service mesh is secured by mTLS without disrupting host network ?
Would be very thankful for any hints.
Regards