This repository has been archived by the owner on Jun 14, 2018. It is now read-only.
Support HTTPS routing #47
Comments
|
Why can't we go one level further and use the http connection manager (envoy) itself ? All we need are the cert files. We can use the kube secrets to pass them around. WDYT ? Am I missing something? |
|
If we want to terminate HTTPS then that's great, but I was referring to the case when the application container doesn't trust us with the certs. |
|
We need to add server-side SNI to Envoy to support opaque HTTPS services on the same ports. |
|
We went with TCP based routing instead of SNI for opaque HTTPS. |
|
Implemented (modulo port-sharing issue #237) |
Closed
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
We need to investigate how to route HTTPS traffic for pod ingress/egress traffic. TCP-level sufficient but maybe SNI works better.
The text was updated successfully, but these errors were encountered: