diff --git a/Calico/README.md b/Calico/README.md
new file mode 100644
index 0000000..cf13547
--- /dev/null
+++ b/Calico/README.md
@@ -0,0 +1,12 @@
+
+## Eventually
+
+https://medium.com/expedia-group-tech/network-policies-with-calico-for-kubernetes-networking-875c0ebbcfb3
+
+https://docs.tigera.io/calico/latest/network-policy/get-started/calico-policy/calico-network-policy
+
+https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart
+
+https://docs.tigera.io/archive/v3.7/getting-started/kubernetes/
+
+https://hustcat.github.io/getting-started-with-calico/
\ No newline at end of file
diff --git a/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md b/Istio/01-simple/01-hello_world_1_service_1_deployment/README.md
similarity index 95%
rename from Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md
rename to Istio/01-simple/01-hello_world_1_service_1_deployment/README.md
index e13e411..794d4d1 100755
--- a/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/README.md
+++ b/Istio/01-simple/01-hello_world_1_service_1_deployment/README.md
@@ -14,7 +14,7 @@ https://istio.io/latest/docs/reference/config/networking/destination-rule/#Traff
 https://istio.io/latest/docs/reference/config/networking/destination-rule/#LoadBalancerSettings
 
 > Contains service account configurations, yet they are commented as not "necessary".
- 
+
 
 ## Files
 
@@ -94,9 +94,7 @@ gateway.networking.istio.io/helloworld-gateway created
 virtualservice.networking.istio.io/helloworld-vs created
 ```
 
-## Wait for the pods to be ready
-
-(I think it deploys 2 pods as there is the Envoy Proxy pod besides the Nginx deployment)
+## Wait for the deployment to be ready
 
 ```shell
 $ kubectl get deployment helloworld-nginx -w 
diff --git a/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/deployment.yaml b/Istio/01-simple/01-hello_world_1_service_1_deployment/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/deployment.yaml
rename to Istio/01-simple/01-hello_world_1_service_1_deployment/deployment.yaml
diff --git a/Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/gateway.yaml b/Istio/01-simple/01-hello_world_1_service_1_deployment/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/simple/01-hello_world_1_service_1_deployment/gateway.yaml
rename to Istio/01-simple/01-hello_world_1_service_1_deployment/gateway.yaml
diff --git a/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md b/Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/README.md
similarity index 100%
rename from Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/README.md
rename to Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/README.md
diff --git a/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml b/Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml
rename to Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/deployment.yaml
diff --git a/Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml b/Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml
rename to Istio/01-simple/02-hello_world_1_service_2_deployments_unmanaged/gateway.yaml
diff --git a/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md b/Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/README.md
similarity index 100%
rename from Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/README.md
rename to Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/README.md
diff --git a/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml b/Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml
rename to Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/deployment.yaml
diff --git a/Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml b/Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml
rename to Istio/01-simple/03-hello_world_1_service_2_deployments_managed_version/gateway.yaml
diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml b/Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml
similarity index 100%
rename from Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml
rename to Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/01-namespace.yaml
diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md b/Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md
similarity index 100%
rename from Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md
rename to Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/README.md
diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml b/Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml
rename to Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/deployment.yaml
diff --git a/Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml b/Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml
rename to Istio/01-simple/04-hello_world_1_service_2_deployments_managed_version_defaultnt_namespace/gateway.yaml
diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md b/Istio/01-simple/05-hello_world_1_Service_Entry/README.md
similarity index 99%
rename from Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md
rename to Istio/01-simple/05-hello_world_1_Service_Entry/README.md
index 0d3e011..adf6551 100755
--- a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/README.md
+++ b/Istio/01-simple/05-hello_world_1_Service_Entry/README.md
@@ -8,3 +8,4 @@ https://github.com/istio/istio/issues/29463
 
 
 Funny example I guess.
+Q
\ No newline at end of file
diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml b/Istio/01-simple/05-hello_world_1_Service_Entry/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/simple/05-hello_world_1_Service_Entry/deployment.yaml
rename to Istio/01-simple/05-hello_world_1_Service_Entry/deployment.yaml
diff --git a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml b/Istio/01-simple/05-hello_world_1_Service_Entry/gateway.yaml
similarity index 96%
rename from Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml
rename to Istio/01-simple/05-hello_world_1_Service_Entry/gateway.yaml
index 48332c1..7e96565 100755
--- a/Istio/istio-classic/simple/05-hello_world_1_Service_Entry/gateway.yaml
+++ b/Istio/01-simple/05-hello_world_1_Service_Entry/gateway.yaml
@@ -38,7 +38,7 @@ spec:
     - timeout: 3s
       match:
         - uri:
-            - exact: "/external"
+            exact: "/external"
       route:
         - destination:
             host: help.websiteos.com
diff --git a/Istio/istio-classic/simple/README.md b/Istio/01-simple/README.md
similarity index 64%
rename from Istio/istio-classic/simple/README.md
rename to Istio/01-simple/README.md
index baac120..bed5787 100755
--- a/Istio/istio-classic/simple/README.md
+++ b/Istio/01-simple/README.md
@@ -21,8 +21,18 @@ ALL NEEDS DOCUMENTATION
 - 05-hello_world_1_Service_Entry
 
 
+
+
+
+
+
+
 # TODO
 
 do HTTPS ingress
 
-tcp ingress to minecraft/factorio/zomboid
\ No newline at end of file
+tcp ingress to minecraft/factorio/zomboid
+
+Service Entry with outbound policy set to `REGISTRY_ONLY`
+istioctl install --set profile=default -y --set meshConfig.accessLogFile=/dev/stdout  --set meshConfig.outboundTrafficPolicy.mode=REGISTRY_ONLY
+(no funca)
\ No newline at end of file
diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/README.md b/Istio/02-traffic_management/01-2_deployments_method/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/01-2_deployments_method/README.md
rename to Istio/02-traffic_management/01-2_deployments_method/README.md
diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml b/Istio/02-traffic_management/01-2_deployments_method/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/01-2_deployments_method/deployment.yaml
rename to Istio/02-traffic_management/01-2_deployments_method/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml b/Istio/02-traffic_management/01-2_deployments_method/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/01-2_deployments_method/gateway.yaml
rename to Istio/02-traffic_management/01-2_deployments_method/gateway.yaml
diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md b/Istio/02-traffic_management/02-DirectResponse-HTTP-Body/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/README.md
rename to Istio/02-traffic_management/02-DirectResponse-HTTP-Body/README.md
diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml b/Istio/02-traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml
rename to Istio/02-traffic_management/02-DirectResponse-HTTP-Body/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml b/Istio/02-traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml
rename to Istio/02-traffic_management/02-DirectResponse-HTTP-Body/gateway.yaml
diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md b/Istio/02-traffic_management/03-HTTPRewrite/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/03-HTTPRewrite/README.md
rename to Istio/02-traffic_management/03-HTTPRewrite/README.md
diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml b/Istio/02-traffic_management/03-HTTPRewrite/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/03-HTTPRewrite/deployment.yaml
rename to Istio/02-traffic_management/03-HTTPRewrite/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml b/Istio/02-traffic_management/03-HTTPRewrite/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/03-HTTPRewrite/gateway.yaml
rename to Istio/02-traffic_management/03-HTTPRewrite/gateway.yaml
diff --git a/Istio/istio-classic/traffic_management/04-HTTPRedirect/README.md b/Istio/02-traffic_management/04-HTTPRedirect/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/04-HTTPRedirect/README.md
rename to Istio/02-traffic_management/04-HTTPRedirect/README.md
diff --git a/Istio/istio-classic/traffic_management/04-HTTPRedirect/deployment.yaml b/Istio/02-traffic_management/04-HTTPRedirect/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/04-HTTPRedirect/deployment.yaml
rename to Istio/02-traffic_management/04-HTTPRedirect/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/04-HTTPRedirect/gateway.yaml b/Istio/02-traffic_management/04-HTTPRedirect/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/04-HTTPRedirect/gateway.yaml
rename to Istio/02-traffic_management/04-HTTPRedirect/gateway.yaml
diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md b/Istio/02-traffic_management/05a-FaultInjection-delay/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/05a-FaultInjection-delay/README.md
rename to Istio/02-traffic_management/05a-FaultInjection-delay/README.md
diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml b/Istio/02-traffic_management/05a-FaultInjection-delay/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/05a-FaultInjection-delay/deployment.yaml
rename to Istio/02-traffic_management/05a-FaultInjection-delay/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml b/Istio/02-traffic_management/05a-FaultInjection-delay/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/05a-FaultInjection-delay/gateway.yaml
rename to Istio/02-traffic_management/05a-FaultInjection-delay/gateway.yaml
diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md b/Istio/02-traffic_management/05b-FaultInjection-abort/README.md
similarity index 100%
rename from Istio/istio-classic/traffic_management/05b-FaultInjection-abort/README.md
rename to Istio/02-traffic_management/05b-FaultInjection-abort/README.md
diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml b/Istio/02-traffic_management/05b-FaultInjection-abort/deployment.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/05b-FaultInjection-abort/deployment.yaml
rename to Istio/02-traffic_management/05b-FaultInjection-abort/deployment.yaml
diff --git a/Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml b/Istio/02-traffic_management/05b-FaultInjection-abort/gateway.yaml
similarity index 100%
rename from Istio/istio-classic/traffic_management/05b-FaultInjection-abort/gateway.yaml
rename to Istio/02-traffic_management/05b-FaultInjection-abort/gateway.yaml
diff --git a/Istio/02-traffic_management/06-mTLS/01-namespace.yaml b/Istio/02-traffic_management/06-mTLS/01-namespace.yaml
new file mode 100755
index 0000000..71be03c
--- /dev/null
+++ b/Istio/02-traffic_management/06-mTLS/01-namespace.yaml
@@ -0,0 +1,7 @@
+#apiVersion: v1
+#kind: Namespace
+#metadata:
+#  name: foo
+#  labels:
+#    istio-injection: "enabled"
+#---
\ No newline at end of file
diff --git a/Istio/02-traffic_management/06-mTLS/README.md b/Istio/02-traffic_management/06-mTLS/README.md
new file mode 100755
index 0000000..9f40550
--- /dev/null
+++ b/Istio/02-traffic_management/06-mTLS/README.md
@@ -0,0 +1,188 @@
+https://istio.io/latest/docs/concepts/security/#authentication-policies
+
+https://istio.io/latest/docs/tasks/security/authentication/mtls-migration/
+
+https://istio.io/latest/docs/concepts/security/#mutual-tls-authentication
+
+
+# Continues from
+
+- 01-hello_world_1_service_1_deployment
+
+
+
+
+
+Nowadays, by default, Istio will have mTLS automatically enabled, allowing the Istio Sidecars to **automatically** negotiate the TLS traffic between them.encrypted
+
+To avoid this behavior, the pod requires to not have a Istio Sidecar set to that pod, for that reason on this example we set up 2 deployments, 1 with a sidecar, and a second without a sidecar.
+
+From the Kiali dashboard we will review the mTLS label displayed
+
+> **Note:**\
+> If the PeerAuthentication is deployed in the `istio-system` namespace, it will affect all the namespaces in the cluster.
+
+
+
+# Walkthrough
+
+
+<!-- ### uninstall Istio (if installed) -->
+
+<!-- ```shell -->
+<!-- $ istioctl uninstall --purge -y -->
+<!-- All Istio resources will be pruned from the cluster -->
+
+<!-- Removed IstioOperator:istio-system:installed-state. -->
+<!-- Removed Deployment:istio-system:istio-ingressgateway. -->
+<!-- Removed Deployment:istio-system:istiod. -->
+<!-- Removed Service:istio-system:istio-ingressgateway. -->
+<!-- ... -->
+<!-- ``` -->
+
+<!-- ### Install Istio on privileged mode -->
+
+<!-- and auto mTLS disabled -->
+<!--   --set values.global.mtls.auto=true --set values.global.mtls.enabled=false -->
+
+<!-- ```shell -->
+<!-- $ stioctl install --set profile=default -y --set values.global.proxy.privileged=true -->
+<!-- ✔ Istio core installed -->
+<!-- ✔ Istiod installed -->
+<!-- ✔ Ingress gateways installed -->
+<!-- ✔ Installation complete -->
+
+<!-- Making this installation the default for injection and validation. -->
+
+<!-- Thank you for installing Istio 1.17.  Please take a few minutes to tell us about your install/upgrade experience!  https://forms.gle/hMHGiwZHPU7UQRWe9 -->
+
+<!-- ``` -->
+
+<!-- If you installed Istio with values.global.proxy.privileged=true, you can use tcpdump to verify traffic is encrypted or not. -->
+
+
+## Deploy the resources
+
+```shell
+ kubectl apply -f ./
+peerauthentication.security.istio.io/default-mtls created
+service/helloworld created
+deployment.apps/helloworld-nginx created
+service/byeworld created
+deployment.apps/byeworld-nginx created
+gateway.networking.istio.io/helloworld-gateway created
+virtualservice.networking.istio.io/helloworld-vs created
+```
+
+## Install telemetry addons
+
+[Source Folder](https://github.com/istio/istio/tree/master/samples/addons)
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/grafana.yaml && \
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/kiali.yaml && \
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/prometheus.yaml && \
+kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/addons/prometheus.yaml
+```
+
+## Wait for deployments to be ready
+
+```shell
+$ kubectl get pods -A -w
+```
+
+## Kiali
+
+## Access the Kiali dashboard
+
+The following command will tunnel from this device, towards the Kiali dashboard running, automatically accessing through the default browser.
+
+```shell
+istioctl dashboard kiali
+```
+
+## Display services menu
+
+![Kiali menu, displaying 3 services. helloworld, byeworld and kubernetes][./src/06-kiali-services.png]
+
+> **Highlight:**\
+> On the column located at the right, we can notice a note saying `Missing Sidecar`
+
+> **Note:**\
+> If there are no resources being displayed, at the top left, select the corresponding namespaces where the resources are located.
+> On my case, it's the `default` namespace.
+
+### Byeworld
+
+On the service `byeworld` (reminder that it's pods had the Istio sidecar injection disabled), it displays the message `No mTLS`, meaning that mTLS (Mutual TLS between Istio sidecards) is not available.
+
+![][./src/06-kiali-services-byeworld.png]
+
+### Helloworld
+
+On the service `helloworld`, it displays the message `mTLS`
+
+![][./src/06-kiali-services-helloworld.pngk]
+
+## Test resources
+### Curl / LB requests / requests from external traffic
+
+#### helloworld
+
+The service works as intended as we can reach the `helloworld` service.
+
+```shell
+$  curl 192.168.1.50/helloworld -s | grep "<title>.*</title>"
+<title>Welcome to nginx!</title>
+```
+
+#### byeworld
+
+The `byeworld` service also seems to work, even tho the deployment has no sidecar enabled, and for such the `PeerAuthentication` rule is not being maintained. \
+Yet, as there is no sidecar, this rule is not applied, and for such the traffic is allowed towards the service and pod.
+
+```shell
+$  curl 192.168.1.50/byeworld -s | grep "<title>.*</title>"
+<title>Welcome to nginx!</title>
+```
+
+### Connectivity between the deployments
+
+#### helloworld towards byeworld
+
+It works.
+
+```shell
+$  kubectl exec -i -t "$(kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}')" -- curl http://byeworld.default.svc.cluster.local:9090 | grep "<title>.*</title>"
+<title>Welcome to nginx!</title>
+```
+
+#### byeworld towards helloworld
+
+It fails.
+
+Currently the rule from `PeerAuthentication` that requires the traffic to use mTLS, is currently being applied by the Istio sidecar from the `helloworld` pod.
+
+As `byeworld` pods don't have the Istio sidecar enabled, the mTLS traffic is not being managed, and for such, it fails to obvey the rule set by the `PeerAuthentication` configuration set, resulted on this issue.
+
+```shell
+$  kubectl exec -i -t "$(kubectl get pod -l app=byeworld | tail -n 1 | awk '{print $1}')" -- curl http://helloworld.default.svc.cluster.local:8080
+curl: (56) Recv failure: Connection reset by peer
+command terminated with exit code 56
+```
+
+## Delete the PeerAuthentication configuration set
+
+
+```shell
+$ kubectl delete peerauthentications.security.istio.io default-mtls
+```
+
+### connectivity between byeworld towards helloworld
+
+As the rule is no longer being set, and for such not being applied, the traffic from `byeworld` is able to reach the service `helloworld` without having the need to using mTLS.
+
+```shell
+$ kubectl exec -i -t "$(kubectl get pod -l app=byeworld | tail -n 1 | awk '{print $1}')" -- curl http://helloworld.default.svc.cluster.local:8080 | grep "<title>.*</title>"
+<title>Welcome to nginx!</title>
+```
\ No newline at end of file
diff --git a/Istio/02-traffic_management/06-mTLS/authentication.yaml b/Istio/02-traffic_management/06-mTLS/authentication.yaml
new file mode 100644
index 0000000..e7d85d4
--- /dev/null
+++ b/Istio/02-traffic_management/06-mTLS/authentication.yaml
@@ -0,0 +1,8 @@
+apiVersion: security.istio.io/v1beta1
+kind: PeerAuthentication
+metadata:
+  name: default-mtls
+  namespace: default
+spec:
+  mtls:
+    mode: STRICT
\ No newline at end of file
diff --git a/Istio/istio-classic/traffic_management/06-mTLS/deployment.yaml b/Istio/02-traffic_management/06-mTLS/deployment.yaml
similarity index 95%
rename from Istio/istio-classic/traffic_management/06-mTLS/deployment.yaml
rename to Istio/02-traffic_management/06-mTLS/deployment.yaml
index 36e6b76..6039be0 100755
--- a/Istio/istio-classic/traffic_management/06-mTLS/deployment.yaml
+++ b/Istio/02-traffic_management/06-mTLS/deployment.yaml
@@ -8,8 +8,9 @@ metadata:
     service: helloworld
 spec:
   ports:
-    - port: 80
+    - port: 8080
       name: http
+      targetPort: 80
   selector:
     app: helloworld
 ---
diff --git a/Istio/02-traffic_management/06-mTLS/deployment_2.yaml b/Istio/02-traffic_management/06-mTLS/deployment_2.yaml
new file mode 100755
index 0000000..ded5740
--- /dev/null
+++ b/Istio/02-traffic_management/06-mTLS/deployment_2.yaml
@@ -0,0 +1,50 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: byeworld
+  labels:
+    app: byeworld
+    service: byeworld
+spec:
+  ports:
+    - port: 9090
+      name: http
+      targetPort: 80
+  selector:
+    app: byeworld
+#---
+#apiVersion: v1
+#kind: ServiceAccount
+#metadata:
+#  name: istio-helloworld
+#  labels:
+#    account:
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: byeworld-nginx
+  labels:
+    app: byeworld
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: byeworld
+  template:
+    metadata:
+      labels:
+        app: byeworld
+        sidecar.istio.io/inject: "false"
+    spec:
+#      serviceAccountName: istio-byeworld
+      containers:
+        - name: byeworld
+          image: nginx
+          resources:
+            requests:
+              cpu: "100m"
+          imagePullPolicy: IfNotPresent #Always
+          ports:
+            - containerPort: 80
diff --git a/Istio/istio-classic/traffic_management/06-mTLS/gateway.yaml b/Istio/02-traffic_management/06-mTLS/gateway.yaml
similarity index 66%
rename from Istio/istio-classic/traffic_management/06-mTLS/gateway.yaml
rename to Istio/02-traffic_management/06-mTLS/gateway.yaml
index 8ba8a20..cf24f1f 100755
--- a/Istio/istio-classic/traffic_management/06-mTLS/gateway.yaml
+++ b/Istio/02-traffic_management/06-mTLS/gateway.yaml
@@ -29,8 +29,19 @@ spec:
             exact: /helloworld
       route:
         - destination:
-            host: helloworld
+            host: helloworld.default.svc.cluster.local
             port:
-              number: 80
+              number: 8080
+      rewrite:
+        uri: "/"
+    - match:
+        - uri:
+            exact: /byeworld
+      route:
+        - destination:
+            host: byeworld.default.svc.cluster.local
+            port:
+              number: 9090
+#            protocol: HTTPS
       rewrite:
         uri: "/"
\ No newline at end of file
diff --git a/Istio/istio-classic/traffic_management/README.md b/Istio/02-traffic_management/README.md
old mode 100755
new mode 100644
similarity index 54%
rename from Istio/istio-classic/traffic_management/README.md
rename to Istio/02-traffic_management/README.md
index 20c0e28..8fb3359
--- a/Istio/istio-classic/traffic_management/README.md
+++ b/Istio/02-traffic_management/README.md
@@ -1,3 +1,17 @@
+# Examples
+
+ALL NEEDS DOCUMENTATION
+
+- 01-2_deployments_method
+- 02-DirectResponse-HTTP-Body
+- 03-HTTPRewrite
+- 04-HTTPRedirect
+- 05a-FaultInjection-delay
+- 05b-FaultInjection-abort
+- 06-mTLS  (would need some documentation review, mainly go over the differences respective to the template/prior configuration used)
+
+
+# TODO
 
 
 
diff --git a/Istio/02-traffic_management/src/06-kiali-services-byeworld.png b/Istio/02-traffic_management/src/06-kiali-services-byeworld.png
new file mode 100644
index 0000000..10118da
Binary files /dev/null and b/Istio/02-traffic_management/src/06-kiali-services-byeworld.png differ
diff --git a/Istio/02-traffic_management/src/06-kiali-services-helloworld.png b/Istio/02-traffic_management/src/06-kiali-services-helloworld.png
new file mode 100644
index 0000000..43c654d
Binary files /dev/null and b/Istio/02-traffic_management/src/06-kiali-services-helloworld.png differ
diff --git a/Istio/02-traffic_management/src/06-kiali-services.png b/Istio/02-traffic_management/src/06-kiali-services.png
new file mode 100644
index 0000000..a5e4c09
Binary files /dev/null and b/Istio/02-traffic_management/src/06-kiali-services.png differ
diff --git a/Istio/MeshConfig/01-Outboud-Traffic-Policy/README.md b/Istio/MeshConfig/01-Outboud-Traffic-Policy/README.md
new file mode 100755
index 0000000..b42b823
--- /dev/null
+++ b/Istio/MeshConfig/01-Outboud-Traffic-Policy/README.md
@@ -0,0 +1,102 @@
+# Continues from
+
+- 05-hello_world_1_Service_Entry
+
+# Description
+
+On this example compares the behavior between setting up the MeshConfig `OutboundTrafficPolicy.mode` setting to `REGISTRY_ONLY` and `ALLOW_ANY`.
+
+- ALLOW_ANY: Allows all egress/outbound traffic from the mesh.
+
+- REGISTRY_ONLY: Restricted to services that figure in the service registry a and the ServiceEntry objects.
+
+More info regarding this configuration at the pertintent documentation (https://istio.io/latest/docs/reference/config/istio.mesh.v1alpha1/#MeshConfig-OutboundTrafficPolicy-Mode)
+
+## Runthrough
+
+### Set ALLOW_ANY outbound traffic policy
+
+```shell
+istioctl install --set profile=default -y --set meshConfig.accessLogFile=/dev/stdout  --set meshConfig.outboundTrafficPolicy.mode=ALLOW_ANY
+```
+
+### Deploy resources
+
+```shell
+$ kubectl apply -f ./
+service/helloworld created
+deployment.apps/helloworld-nginx created
+serviceentry.networking.istio.io/external-svc created
+gateway.networking.istio.io/helloworld-gateway created
+virtualservice.networking.istio.io/helloworld-vs created
+```
+
+### Get LB IP
+
+```shell
+$ kubectl get svc istio-ingressgateway -n istio-system
+NAME                   TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                                      AGE
+istio-ingressgateway   LoadBalancer   10.97.47.216   192.168.1.50   15021:31316/TCP,80:32012/TCP,443:32486/TCP   39h
+```
+
+### Test deployments
+
+```shell
+$ curl 192.168.1.50/helloworld -I
+HTTP/1.1 200 OK
+server: istio-envoy
+date: Thu, 20 Apr 2023 18:03:18 GMT
+content-type: text/html
+content-length: 615
+last-modified: Tue, 28 Mar 2023 15:01:54 GMT
+etag: "64230162-267"
+accept-ranges: bytes
+x-envoy-upstream-service-time: 73
+```
+
+```shell
+$ curl 192.168.1.50/external -I
+HTTP/1.1 200 OK
+date: Thu, 20 Apr 2023 18:03:24 GMT
+content-type: text/html
+content-length: 5186
+last-modified: Mon, 17 Mar 2014 17:25:03 GMT
+expires: Thu, 31 Dec 2037 23:55:55 GMT
+cache-control: max-age=315360000
+x-envoy-upstream-service-time: 228
+server: istio-envoy
+```
+
+
+### Test egress the helloworld deployment
+
+It returns a 301 code, meaning that it was able to reach the destination and it was attempted to redirect the traffic from HTTP to HTTPS.
+
+```shell
+$ kubectl exec -i -t "$(kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}')" -- curl wikipedia.com -I
+HTTP/1.1 301 Moved Permanently
+server: envoy
+date: Thu, 20 Apr 2023 18:06:57 GMT
+content-type: text/html
+content-length: 169
+location: https://wikipedia.com/
+x-envoy-upstream-service-time: 65
+```
+
+### Set REGISTRY_ONLY outbound traffic policy
+
+```shell
+istioctl install --set profile=default -y --set meshConfig.accessLogFile=/dev/stdout  --set meshConfig.outboundTrafficPolicy.mode=REGISTRY_ONLY
+```
+
+### Test (again) egress the helloworld deployment
+
+It returns a 502 code, meaning that it wasn't able to reach the destination.
+
+```shell
+$ kubectl exec -i -t "$(kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}')" -- curl wikipedia.com -I
+HTTP/1.1 502 Bad Gateway
+date: Thu, 20 Apr 2023 18:08:37 GMT
+server: envoy
+transfer-encoding: chunked
+```
\ No newline at end of file
diff --git a/Istio/MeshConfig/01-Outboud-Traffic-Policy/deployment.yaml b/Istio/MeshConfig/01-Outboud-Traffic-Policy/deployment.yaml
new file mode 100755
index 0000000..7bee5e1
--- /dev/null
+++ b/Istio/MeshConfig/01-Outboud-Traffic-Policy/deployment.yaml
@@ -0,0 +1,57 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helloworld
+  labels:
+    app: helloworld
+    service: helloworld
+spec:
+  ports:
+    - port: 80
+      name: http
+  selector:
+    app: helloworld
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: helloworld-nginx
+  labels:
+    app: helloworld
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: helloworld
+  template:
+    metadata:
+      labels:
+        app: helloworld
+    spec:
+      containers:
+        - name: helloworld
+          image: nginx
+          resources:
+            requests:
+              cpu: "100m"
+          imagePullPolicy: IfNotPresent #Always
+          ports:
+            - containerPort: 80
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: ServiceEntry
+metadata:
+  name: external-svc
+spec:
+  hosts:
+    - help.websiteos.com
+    # /websiteos/example_of_a_simple_html_page.htm
+#    - http://help.websiteos.com/websiteos/example_of_a_simple_html_page.htm
+  ports:
+    - number: 80
+      name: http
+      protocol: HTTP
+  resolution: DNS
+  location: MESH_EXTERNAL
+---
\ No newline at end of file
diff --git a/Istio/MeshConfig/01-Outboud-Traffic-Policy/gateway.yaml b/Istio/MeshConfig/01-Outboud-Traffic-Policy/gateway.yaml
new file mode 100755
index 0000000..7e96565
--- /dev/null
+++ b/Istio/MeshConfig/01-Outboud-Traffic-Policy/gateway.yaml
@@ -0,0 +1,52 @@
+# https://github.com/istio/istio/blob/master/samples/helloworld/helloworld-gateway.yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+  name: helloworld-gateway
+spec:
+  selector:
+    istio: ingressgateway # use istio default controller
+  servers:
+    - port:
+        number: 80
+        name: http
+        protocol: HTTP
+      hosts:
+        - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: helloworld-vs
+spec:
+  hosts:
+    - "*"
+  gateways:
+    - helloworld-gateway
+  http:
+    - match:
+        - uri:
+            exact: /helloworld
+      route:
+        - destination:
+            host: helloworld
+            port:
+              number: 80
+      rewrite:
+        uri: "/"
+
+    - timeout: 3s
+      match:
+        - uri:
+            exact: "/external"
+      route:
+        - destination:
+            host: help.websiteos.com
+            port:
+              number: 80
+      rewrite:
+        uri: "/websiteos/example_of_a_simple_html_page.htm"
+      headers:
+        request:
+          set:
+            HOST: "help.websiteos.com"
\ No newline at end of file
diff --git a/Istio/MeshConfig/README.md b/Istio/MeshConfig/README.md
new file mode 100644
index 0000000..821446a
--- /dev/null
+++ b/Istio/MeshConfig/README.md
@@ -0,0 +1,10 @@
+
+# Examples
+
+- 01-Outboud-Traffic-Policy
+
+
+
+## Additional
+
+https://istio.io/latest/docs/tasks/observability/distributed-tracing/mesh-and-proxy-config/
\ No newline at end of file
diff --git a/Istio/README.md b/Istio/README.md
index d830f78..9a35360 100755
--- a/Istio/README.md
+++ b/Istio/README.md
@@ -24,3 +24,29 @@ https://kubebyexample.com/learning-paths/istio/intro
 My current issues:
 
 - Understanding authentication
+
+
+https://tetrate.io/blog/istio-how-to-enforce-egress-traffic-using-istios-authorization-policies/
+
+
+
+
+
+
+
+
+Multiple Ingress
+
+https://youtu.be/QIkryA8HnQ0
+
+
+
+https://github.com/redkubes/otomi-core/blob/main/charts/team-ns/templates/istio-gateway.yaml
+
+
+https://istio.io/latest/docs/ops/diagnostic-tools/proxy-cmd/
+
+
+
+Using service accounts
+
diff --git a/Istio/istio-classic/ingress.yaml b/Istio/ingress.yaml
similarity index 100%
rename from Istio/istio-classic/ingress.yaml
rename to Istio/ingress.yaml
diff --git a/Istio/istio-classic/README.md b/Istio/istio-classic/README.md
deleted file mode 100755
index 219995b..0000000
--- a/Istio/istio-classic/README.md
+++ /dev/null
@@ -1,35 +0,0 @@
-
-# Examples
-
-ALL NEEDS DOCUMENTATION
-
-- 01-2_deployments_method
-- 02-DirectResponse-HTTP-Body
-- 03-HTTPRewrite
-- 04-HTTPRedirect
-- 05a-FaultInjection-delay
-- 05b-FaultInjection-abort
-
-
-# TODO
-06-mTLS (pending)
-
-
-
-
-
-Multiple Ingress
-
-https://youtu.be/QIkryA8HnQ0
-
-
-
-https://github.com/redkubes/otomi-core/blob/main/charts/team-ns/templates/istio-gateway.yaml
-
-
-https://istio.io/latest/docs/ops/diagnostic-tools/proxy-cmd/
-
-
-
-Using service accounts
-
diff --git a/Istio/istio-classic/traffic_management/06-mTLS/README.md b/Istio/istio-classic/traffic_management/06-mTLS/README.md
deleted file mode 100755
index 6b19839..0000000
--- a/Istio/istio-classic/traffic_management/06-mTLS/README.md
+++ /dev/null
@@ -1,9 +0,0 @@
-https://istio.io/latest/docs/concepts/security/#authentication-policies
-
-https://istio.io/latest/docs/tasks/security/authentication/mtls-migration/
-
-
-
-# Continues from
-
-- 01-hello_world_1_service_1_deployment
diff --git a/Istio/istio-classic/monitoring/tmp.yaml b/Istio/monitoring/tmp.yaml
similarity index 100%
rename from Istio/istio-classic/monitoring/tmp.yaml
rename to Istio/monitoring/tmp.yaml
diff --git a/Istio/sidecar/01-ingress-proxy-forwarding/README.md b/Istio/sidecar/01-ingress-proxy-forwarding/README.md
index 9efd6c8..b551f03 100755
--- a/Istio/sidecar/01-ingress-proxy-forwarding/README.md
+++ b/Istio/sidecar/01-ingress-proxy-forwarding/README.md
@@ -2,7 +2,9 @@
 
 - 01-hello_world_1_service_1_deployment
 
-# TO TRAFFIC PATH DIAGRAM    etc -> "POD" -> sidecar -> service container
+# TO TRAFFIC PATH DIAGRAM
+
+`etc -> "POD" -> sidecar -> service container`
 
 # Description
 
diff --git a/Istio/sidecar/01-ingress-proxy-forwarding/deployment.yaml b/Istio/sidecar/01-ingress-proxy-forwarding/deployment.yaml
index 66e06fe..603c10e 100755
--- a/Istio/sidecar/01-ingress-proxy-forwarding/deployment.yaml
+++ b/Istio/sidecar/01-ingress-proxy-forwarding/deployment.yaml
@@ -4,7 +4,7 @@ kind: Service
 metadata:
   name: helloworld
   labels:
-    app-name: helloworld
+    app: helloworld
 spec:
   ports:
     - port: 8080
diff --git a/Istio/sidecar/02-egress-proxy-forwarding/README.md b/Istio/sidecar/02-egress-proxy-forwarding/README.md
deleted file mode 100755
index 658b675..0000000
--- a/Istio/sidecar/02-egress-proxy-forwarding/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Continues from
-
-- 01-hello_world_1_service_1_deployment
-
-# Description
-
-
-This example configures the sidecar proxy on the pods created, to forward the traffic ongoing (egress)
-
-- Configure egress to a different namespace?
-
-
diff --git a/Istio/sidecar/02-egress-proxy-forwarding/sidecar.yaml b/Istio/sidecar/02-egress-proxy-forwarding/sidecar.yaml
deleted file mode 100755
index aadfae5..0000000
--- a/Istio/sidecar/02-egress-proxy-forwarding/sidecar.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: networking.istio.io/v1alpha3
-kind: Sidecar
-metadata:
-  name: helloworld-sidecar
-spec:
-  workloadSelector:
-    labels:
-      app: helloworld
-  ingress:
-    - port:
-        number: 8080
-        protocol: HTTP
-        name: ingressport
-      defaultEndpoint: 127.0.0.1:80
diff --git a/Istio/sidecar/README.md b/Istio/sidecar/README.md
index 68aee8f..c0fed2d 100755
--- a/Istio/sidecar/README.md
+++ b/Istio/sidecar/README.md
@@ -7,6 +7,7 @@
 
 
 
+Duplicate 01, and show how it also affects traffic between services.00
 
 
 
@@ -17,9 +18,55 @@ mtls
 
 
 
+examples showing application priority (root < namespace < workload)
+
+
+
+
+istioctl install profile=default --set meshConfig.outboundTrafficPolicy.mode=REGISTRY_ONLY
+
+
+
+
+```shell
+$ kubectl get istiooperators.install.istio.io -n istio-system
+NAME              REVISION   STATUS   AGE
+installed-state                       8d
+```
+
+kubectl patch istiooperators installed-state -n istio-system --patch-file patch.txt
+
+
+kubectl patch istiooperators installed-state -n istio-system --patch-file patch.yaml  --type merge
+
+
+
+
 
 
 ---
+Set the default behavior of the sidecar for handling outbound traffic from the application. If your application uses one or more external services that are not known apriori, setting the policy to ALLOW_ANY will cause the sidecars to route any unknown traffic originating from the application to its requested destination.
+
+
+
+---
+https://stackoverflow.com/questions/75093144/istio-sidecar-is-not-restricting-pod-connections-as-desired
+
+https://github.com/istio/istio/issues/33387
+
+https://gist.github.com/GregHanson/3567f5a23bcd58ad1a8acf2a4d1155eb
+
+
+https://istio.io/latest/docs/tasks/traffic-management/egress/egress-control/?_ga=2.259114634.1481027401.1681916557-32589553.1681916557#change-to-the-blocking-by-default-policy
+
+
+
+
+
+
+
+https://docs.tetrate.io/service-bridge/1.6.x/en-us/operations     ?
+
 
 https://istio.io/latest/docs/reference/config/networking/sidecar/
 
diff --git a/Istio/sidecar/02-egress-proxy-forwarding/01-namespace.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/01-namespace.yaml
similarity index 100%
rename from Istio/sidecar/02-egress-proxy-forwarding/01-namespace.yaml
rename to Istio/sidecar/__02-egress-proxy-forwarding/01-namespace.yaml
diff --git a/Istio/sidecar/02-egress-proxy-forwarding/deployment.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_1.yaml
similarity index 96%
rename from Istio/sidecar/02-egress-proxy-forwarding/deployment.yaml
rename to Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_1.yaml
index 66e06fe..603c10e 100755
--- a/Istio/sidecar/02-egress-proxy-forwarding/deployment.yaml
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_1.yaml
@@ -4,7 +4,7 @@ kind: Service
 metadata:
   name: helloworld
   labels:
-    app-name: helloworld
+    app: helloworld
 spec:
   ports:
     - port: 8080
diff --git a/Istio/sidecar/02-egress-proxy-forwarding/02-deployment.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_2.yaml
similarity index 65%
rename from Istio/sidecar/02-egress-proxy-forwarding/02-deployment.yaml
rename to Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_2.yaml
index 0a34d4b..d9ec4c5 100644
--- a/Istio/sidecar/02-egress-proxy-forwarding/02-deployment.yaml
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/02-deployment_2.yaml
@@ -2,38 +2,41 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: helloworld
+  name: internal
   labels:
-    app-name: helloworld
-  namespace: not-default
+    app: internal
+  namespace: foo
 spec:
   ports:
     - port: 8080
       name: http
+    - port: 80
+      name: http-default
   selector:
-    app: helloworld
+    app: internal
+
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: helloworld-nginx
+  name: internal
   labels:
-    app: helloworld
-    namespace: not-default
+    app: internal
+  namespace: foo
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: helloworld
+      app: internal
   template:
     metadata:
       labels:
-        app: helloworld
-#      namespace: not-default
+        app: internal
+        service: apache
     spec:
       containers:
-        - name: helloworld
-          image: nginx
+        - name: internal
+          image: httpd
           resources:
             requests:
               cpu: "100m"
diff --git a/Istio/sidecar/__02-egress-proxy-forwarding/03-default-sidecar.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/03-default-sidecar.yaml
new file mode 100644
index 0000000..06b38dc
--- /dev/null
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/03-default-sidecar.yaml
@@ -0,0 +1,71 @@
+apiVersion: networking.istio.io/v1beta1
+kind: Sidecar
+metadata:
+  name: root-default
+#  namespace: default
+  namespace: istio-system
+spec:
+#  workloadSelector:
+#    labels:
+#      app: helloworld
+  egress:
+    - hosts:
+        - "./*"
+#        - "istio-system/*"
+#  ingress:
+#    - port:
+#        number: 8080
+#        protocol: HTTP
+#        name: ingressport
+#      defaultEndpoint: 127.0.0.1:80
+---
+apiVersion: networking.istio.io/v1beta1
+kind: Sidecar
+metadata:
+  name: helloworld-default
+  namespace: default
+#  namespace: istio-system
+spec:
+  #  workloadSelector:
+  #    labels:
+  #      app: helloworld
+#  egress:
+#    - port:
+#        number: 8080
+#        protocol: HTTP
+#        name: egresshttp
+##        - "internal.foo.svc.cluster.local"
+#      hosts:
+#        - "foo/*"
+#    - hosts:
+#        - "istio-system/*"
+  ingress:
+    - port:
+        number: 8080
+        protocol: HTTP
+        name: ingressport
+      defaultEndpoint: 127.0.0.1:80
+---
+apiVersion: networking.istio.io/v1beta1
+kind: Sidecar
+metadata:
+  name: internal-default
+  namespace: foo
+spec:
+  workloadSelector:
+    labels:
+      app: internal
+  egress:
+    - hosts:
+        - "./*"
+        - "istio-system/*"
+        #- "wikipedia.com"
+  ingress:
+#    - hosts:
+#        - "./*"
+#        - "istio-system/*"
+    - port:
+        number: 8080
+        protocol: HTTP
+        name: myingressport
+      defaultEndpoint: 127.0.0.1:80
\ No newline at end of file
diff --git a/Istio/sidecar/__02-egress-proxy-forwarding/README.md b/Istio/sidecar/__02-egress-proxy-forwarding/README.md
new file mode 100755
index 0000000..d0f1f70
--- /dev/null
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/README.md
@@ -0,0 +1,51 @@
+# Continues from
+
+- 01-ingress-proxy-forwarding
+
+# Description
+
+This example configures the sidecar proxy on the pods created, to forward the traffic ongoing (egress)
+
+- Configure egress to a different namespace?
+
+
+> the configured meshconfig.rootNamespace namespace (istio-system by default)
+https://istio.io/latest/docs/ops/best-practices/traffic-management/#cross-namespace-configuration
+
+
+
+
+CANT MAKE IT WORK CANT MAKE IT WORK CANT MAKE IT WORK
+
+
+
+
+
+
+istioctl install --set profile=default -y --set meshConfig.accessLogFile=/dev/stdout  --set meshConfig.outboundTrafficPolicy.mode=REGISTRY_ONLY
+
+
+
+
+
+
+---
+
+kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}'
+
+kubectl exec -i -t "$(kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}')" -- /bin/bash
+
+kubectl exec -i -t "$(kubectl get pod -l app=helloworld | tail -n 1 | awk '{print $1}')" -- curl internal.foo.svc.cluster.local
+
+
+curl helloworld.default.svc.cluster.local
+
+
+curl internal.foo.svc.cluster.local
+curl: (6) Could not resolve host: internal.foo.svc.cluster.local
+
+
+helloworld.default.svc.cluster.local:8080
+
+
+ kubectl exec -i -n foo -t "$(kubectl get pod -l app=internal -n foo | tail -n 1 | awk '{print $1}')" -- /bin/bash
\ No newline at end of file
diff --git a/Istio/sidecar/__02-egress-proxy-forwarding/patch/patch.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/patch/patch.yaml
new file mode 100644
index 0000000..407ba6d
--- /dev/null
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/patch/patch.yaml
@@ -0,0 +1,5 @@
+spec:
+  meshConfig:
+    outboundTrafficPolicy:
+      mode: REGISTRY_ONLY
+# Doesnt work
\ No newline at end of file
diff --git a/Istio/sidecar/__02-egress-proxy-forwarding/sidecar.yaml b/Istio/sidecar/__02-egress-proxy-forwarding/sidecar.yaml
new file mode 100755
index 0000000..05afc8a
--- /dev/null
+++ b/Istio/sidecar/__02-egress-proxy-forwarding/sidecar.yaml
@@ -0,0 +1,62 @@
+#apiVersion: networking.istio.io/v1beta1
+#kind: Sidecar
+#metadata:
+#  name: helloworld-default
+#  namespace: default
+##  namespace: istio-config
+#spec:
+##  workloadSelector:
+##    labels:
+##      app: helloworld
+##  egress:
+##    - hosts:
+##        - "./*"
+##        - "istio-system/*"
+#  ingress:
+#    - port:
+#        number: 8080
+#        protocol: HTTP
+#        name: ingressport
+#      defaultEndpoint: 127.0.0.1:80
+---
+#apiVersion: networking.istio.io/v1alpha3
+#kind: Sidecar
+#metadata:
+#  name: helloworld-sidecar
+#spec:
+#  workloadSelector:
+#    labels:
+#      app: helloworld
+#  ingress:
+#    - port:
+#        number: 8080
+#        protocol: HTTP
+#        name: ingressport
+#      defaultEndpoint: 127.0.0.1:80
+#---
+#apiVersion: networking.istio.io/v1beta1
+#kind: Sidecar
+#metadata:
+#  name: helloworld-default
+#  namespace: default
+##  namespace: istio-system
+#spec:
+#  workloadSelector:
+#      labels:
+#        app: helloworld2
+#  egress:
+#    - port:
+#        number: 9080
+#        protocol: HTTP
+#        name: httpingress
+#      hosts:
+#        - "foo/*"
+#    - hosts:
+#        - "istio-system/*"
+#  ingress:
+#    - port:
+#        number: 8080
+#        protocol: HTTP
+#        name: ingressport
+#      defaultEndpoint: 127.0.0.1:80
+#---
diff --git a/Istio/troubleshooting/README.md b/Istio/troubleshooting/README.md
new file mode 100644
index 0000000..bcac82e
--- /dev/null
+++ b/Istio/troubleshooting/README.md
@@ -0,0 +1,11 @@
+IDK put some text in thQereSQ
+
+
+
+### Start the packet capture process
+
+```shell
+$ kubectl exec -n default  "$(kubectl get pod -n default -l app1 =helloworld -o jsonpath={.items..metadata.name})" -c istio-proxy -- sudo tcpdump dst port 80  -A
+tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
+listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
+```
diff --git a/metallib/README.md b/metallib/README.md
index 88b238a..3113b58 100755
--- a/metallib/README.md
+++ b/metallib/README.md
@@ -37,53 +37,5 @@ EOF
 ```
 
 
-```sh
-kubectl delete -f - << EOF
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  namespace: metallb-system
-  name: config
-data:
-  config: |
-    address-pools:
-    - name: default
-      protocol: layer2
-      addresses:
-      - 192.168.1.50-192.168.1.130
-EOF
-```
-
-
-
-```sh
-kubectl apply -f - << EOF
-apiVersion: metallb.io/v1beta1
-kind: IPAddressPool
-metadata:
-  name: first-pool
-  namespace: metallb-system
-spec:
-  addresses:
-  - 192.168.1.50-192.168.1.130
-EOF
-```
-
-
-
-
-```sh
-kubectl delete -f - << EOF
-apiVersion: metallb.io/v1beta1
-kind: IPAddressPool
-metadata:
-  name: first-pool
-  namespace: metallb-system
-spec:
-  addresses:
-  - 192.168.1.50-192.168.1.130
-EOF
-```
-
 
 # https://github.com/metallb/metallb/blob/main/design/pool-configuration.md
\ No newline at end of file
diff --git a/metallib/deployment.yaml b/metallib/deployment.yaml
deleted file mode 100755
index 7f97379..0000000
--- a/metallib/deployment.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-#kubectl create deployment demo --image=httpd --port=80
-#kubectl expose deployment demo
-#
-#kubectl create ingress demo-localhost --class=nginx \
-#--rule="demo.localdev.me/*=demo:80"
-#
-#
-#
-## kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8080:80