Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow Sidecar to be flexible to bind to any loopback address and not just 127.0.0.1 #13201

Closed
shakti-das opened this issue Apr 10, 2019 · 2 comments

Comments

1 participant
@shakti-das
Copy link
Contributor

commented Apr 10, 2019

Describe the feature request
Sidecar configuration uses loopback address as hard-coded 127.0.0.1. In our (Salesforce) configuration, we have existing listeners bound to 127.0.0.1, so we are using a different loopback address for the listeners created by Pilot, like 127.1.1.2.

The expected behavior that will work for the configuration:

  1. If egress Bind + Port is provided with CaptureMode: NONE, then use the provided Bind instead of using 127.0.0.1.

  2. If egress Bind is provided without Port with CaptureMode: NONE, then create bounded listeners for all Services with the provided Bind IP.

Describe alternatives you've considered
We have tried various combinations of Sidecar in-depth but the only way to generate the required listeners are with CaptureMode: DEFAULT, but it generates un-bound ("bind_to_port": false) listeners. This does not work for us as we are trying to use the Sidecar to avoid the IP_REDIRECT requirement.

Additional context
This configuration is required for a bare-metal app which has an istio-proxy sidecar. We are using Sidecar to configure the bare-metal istio-proxy instead of using IP_REDIRECT. This bare-metal app is part of the Service Mesh by a MESH_INTERNAL ServiceEntry resource.

@shakti-das

This comment has been minimized.

Copy link
Contributor Author

commented Apr 10, 2019

I have the changes which work locally for the above-mentioned configuration. I am going to link the PR here for a review of this enhancement.

@shakti-das

This comment has been minimized.

Copy link
Contributor Author

commented Apr 16, 2019

Closing this issue since the PRs to achieve the required functionality have been merged. Thanks.

@shakti-das shakti-das closed this Apr 16, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.