If you suspect Citadel isn’t working properly, verify the status of the
$ kubectl get pod -l istio=citadel -n istio-system NAME READY STATUS RESTARTS AGE istio-citadel-ff5696f6f-ht4gq 1/1 Running 0 25d
istio-citadel pod doesn’t exist, try to re-deploy the pod.
istio-citadel pod is present but its status is not
Running, run the commands below to get more
debugging information and check if there are any errors:
$ kubectl logs -l istio=citadel -n istio-system $ kubectl describe pod -l istio=citadel -n istio-system
Describe Istio's authorization feature and how to use it in various use cases.
Shows how to set up role-based access control for services in the mesh.
Shows you how to use Istio authentication policy to setup mutual TLS and basic end-user authentication.
Describes how to use component-level logging to get insights into a running component's behavior.
Shows you how to verify and test Istio's automatic mutual TLS authentication.
Shows how operators can configure Citadel with existing root certificate, signing certificate and key.