I am new to LinkerD and testing it out in our app to see if it can help us do end to end TLS without modifying our services.
This is how our setup looks like at present:
|-> Service A -> [PODS for Service A] INTERNET --> ALB ( Ingress) |-> Service B -> [PODS for Service B] |-> Service C -> [PODS for Service C]
Our pod are exposing a plain HTTP web server over port 80 and we do SSL termination at ALB level, so in effect, we have plain HTTP from ALB to the PODs.
Now our goal is to do end to end TLS from ALB to the POD, one option is to not do TLS termination at ALB and instead let each POD do the TLS termination.
I wanted to explore to see if there is an alternate solution using LinkerD which will help us achieve this without converting our services to handles TLS themselves.