Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UpstreamTlsContext disappears when httpProxyHostname is added #7313

Closed
bdecoste opened this issue Oct 10, 2022 · 2 comments · Fixed by #7397
Closed

UpstreamTlsContext disappears when httpProxyHostname is added #7313

bdecoste opened this issue Oct 10, 2022 · 2 comments · Fixed by #7397
Assignees
@jbohanon
Labels
Type: Bug Something isn't working
Milestone
1.13 rc cut proposed

Comments

@bdecoste
Copy link
Contributor

Gloo Edge Version

1.11.x

Kubernetes Version

No response

Describe the bug

When an upstream is configured with sslConfig or static.useTls: true the envoy cluster is correctly configured with an UpstreamTlsContext. When httpProxyHostname is added, the UpstreamTlsContext is removed and calls through the tunnel to an https target will fail with The plain HTTP request was sent to HTTPS port

Steps to reproduce the bug

apiVersion: gloo.solo.io/v1
kind: Upstream
metadata:
  name: connect
  namespace: gloo-system
spec:
  httpProxyHostname: postman-echo.com:443
  static:
    hosts:
    - addr: goproxy.default.svc.cluster.local
      port: 8080
    useTls: true

Expected Behavior

An HTTPS request is sent through the tunnel when sslConfig or static.useTls:true is configured.

Additional Context

No response
@bdecoste bdecoste added the Type: Bug Something isn't working label Oct 10, 2022
@chrisgaun chrisgaun self-assigned this Oct 13, 2022
@bdecoste bdecoste changed the title DownstreamTlsContext disappears when httpProxyHostname is added UpstreamTlsContext disappears when httpProxyHostname is added Oct 17, 2022
@nfuden nfuden assigned jbohanon and unassigned chrisgaun Oct 21, 2022
@nfuden nfuden added this to the 1.13 rc cut proposed milestone Oct 24, 2022
@solo-changelog-bot solo-changelog-bot bot mentioned this issue Nov 7, 2022
Merged
8 tasks
@jbohanon
Copy link
Contributor

Reopening until backports completed

@jbohanon jbohanon reopened this Nov 11, 2022
This was referenced Nov 11, 2022
Merged
Merged
Merged
Merged
@jbohanon
Copy link
Contributor

This functionality is released in the following Gloo OSS versions:

  • v1.9.30
  • v1.10.41
  • v1.11.45
  • v1.12.35
  • v1.13.0-beta26

and the following Gloo EE versions:

  • v1.9.27
  • v1.10.33
  • v1.11.49
  • v1.12.36
  • v1.13.0-beta11

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jbohanon jbohanon

Labels
Type: Bug Something isn't working
Projects
None yet
Milestone
1.13 rc cut proposed
Development

Successfully merging a pull request may close this issue.

Generate tunneling cluster once per upstream solo-io/gloo
4 participants
@bdecoste @chrisgaun @jbohanon @nfuden