New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
startTLS support in service entry #33345
Comments
@howardjohn how do we keep this issue from getting closed due to staleness? |
not stale - I am looking into the implementation |
Not sure this makes sense. STARTTLS means that the client starts with raw TCP and then 'upgrades' to TLS. Add STARTTLS origination could make sense though. |
This is not a stale issue - this still needs to be addressed. |
Can we get an update or ETA on when this will be addressed? |
@remansour there was a PR started here but was eventually abandoned as consensus could not be reached |
Is there an update on this? It seems like there was discussion and it was suggested that there will be a solution to that. Can it be re-open or be addressed? |
🚧 This issue or pull request has been closed due to not having had activity from an Istio team member since 2022-06-21. If you feel this issue or pull request deserves attention, please reopen the issue. Please see this wiki page for more information. Thank you for your contributions. Created by the issue and PR lifecycle manager. |
Describe the feature request
Since startTLS support has been added to envoy: envoyproxy/envoy#13112
Can it be used in the protocol section of service entries? something like:
apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
name: postgresql-service-entry
spec:
hosts:
location: MESH_EXTERNAL
ports:
number: 30101
protocol: STARTTLS
resolution: DNS
Describe alternatives you've considered
[ ] Docs
[ ] Installation
[x] Networking
[ ] Performance and Scalability
[ ] Extensions and Telemetry
[ ] Security
[ ] Test and Release
[ ] User Experience
[ ] Developer Infrastructure
Additional context
The text was updated successfully, but these errors were encountered: