You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TL;DR: Are Gateways with multiple port definitions supported by Maistra's IOR controller and/or is there a way to automatically redirect HTTP to HTTPS on the Route or Gateway level using Maistra's IOR?
My scenario:
I have a deployment and an associated HTTP service.
I would like to create a Gateway (and associated VirtualService, etc.) which allows ingress to this HTTP service.
I would also like to expose this service as HTTPS to the outside world, and automatically redirect any incoming HTTP ingress traffic to HTTPS (using either the Gateway's spec.servers.tls.httpsRedirect: true field, or the Route's spec.tls.insecureEdgeTerminationPolicy: Redirect field).
I would like to use IOR to expose both the HTTP and HTTPS ports of the Gateway via an OpenShift Route.
When deploying a ServiceMeshControlPlane with spec.istio.gateways.istio-ingressgateway.ior_enabled: true, the IOR controller creates the following route which only listens for HTTPS traffic:
Troubleshooting steps I've taken:
When removing either the HTTP or HTTP port blocks from the Gateway, the generated Route is correctly configured for either HTTP or HTTPS. However, when both ports are specified in the Gateway (as shown above), the route doesn't allow redirecting HTTP traffic to HTTPS.
I would expect that the IOR controller can either forward HTTP and HTTPS traffic to the Gateway and configure HTTP redirection to HTTPS on that level, or it should set the spec.tls.insecureEdgeTerminationPolicy to Redirect on the Route level.
Is there a way to automatically redirect HTTP to HTTPS on the Route or Gateway level using Maistra's IOR?
The text was updated successfully, but these errors were encountered:
@jwendell@knrc Apologies if this isn't the correct place to open issues for Maistra. If it's not, could you please direct me to the right place? Thanks.
I suppose an alternative solution would be to terminate HTTPS at the Route and have the Gateway just configured for HTTP traffic, but I'm not sure if that's possible to configure with IOR.
TL;DR: Are
Gateways
with multiple port definitions supported by Maistra's IOR controller and/or is there a way to automatically redirect HTTP to HTTPS on theRoute
orGateway
level using Maistra's IOR?My scenario:
Gateway
(and associatedVirtualService
, etc.) which allows ingress to this HTTP service.Gateway
'sspec.servers.tls.httpsRedirect: true
field, or theRoute
'sspec.tls.insecureEdgeTerminationPolicy: Redirect
field).Gateway
via an OpenShiftRoute
.Here is my example
Gateway
:When deploying a
ServiceMeshControlPlane
withspec.istio.gateways.istio-ingressgateway.ior_enabled: true
, the IOR controller creates the following route which only listens for HTTPS traffic:Troubleshooting steps I've taken:
When removing either the HTTP or HTTP port blocks from the
Gateway
, the generatedRoute
is correctly configured for either HTTP or HTTPS. However, when both ports are specified in theGateway
(as shown above), the route doesn't allow redirecting HTTP traffic to HTTPS.I would expect that the IOR controller can either forward HTTP and HTTPS traffic to the Gateway and configure HTTP redirection to HTTPS on that level, or it should set the
spec.tls.insecureEdgeTerminationPolicy
toRedirect
on theRoute
level.Is there a way to automatically redirect HTTP to HTTPS on the
Route
orGateway
level using Maistra's IOR?The text was updated successfully, but these errors were encountered: