Skills
skills/bagelhole/devops-security-agent-skills/service-mesh

service-mesh

SKILL.md

Service Mesh

Implement service-to-service communication management.

Istio Installation

istioctl install --set profile=demo

# Enable sidecar injection
kubectl label namespace default istio-injection=enabled

Traffic Management

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: myapp
spec:
  hosts:
  - myapp
  http:
  - match:
    - headers:
        canary:
          exact: "true"
    route:
    - destination:
        host: myapp
        subset: canary
  - route:
    - destination:
        host: myapp
        subset: stable
      weight: 90
    - destination:
        host: myapp
        subset: canary
      weight: 10

mTLS

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: default
spec:
  mtls:
    mode: STRICT

Best Practices

  • Enable strict mTLS
  • Implement circuit breakers
  • Use traffic shifting for deployments
  • Monitor with Kiali and Jaeger
Weekly Installs
11
Repository
bagelhole/devop…t-skills
GitHub Stars
13
First Seen
Feb 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode11
codex11
claude-code10
github-copilot10
kimi-cli10
gemini-cli10