p1-repo-sync-bot[bot]
commented
8 months ago charden commented:
This change will impact all/most of the packages. We should consider creating an epic for it.
Open p1-repo-sync-bot[bot] opened 8 months ago
p1-repo-sync-bot[bot]
commented
8 months ago This change will impact all/most of the packages. We should consider creating an epic for it.
p1-repo-sync-bot[bot]
commented
8 months ago A couple of thoughts...
We recently made changes to egress for istio hardened services by adding sidecars that restrict cluster traffic to REGISTRY_ONLY and custom serviceEntries to allow access to external services.
We'll need to go through each package and add DestinationRules to define TLS and VirtualServices to route traffic to the correct gateway for those known external services.
Will TLS originate from the application or does the egress gateway need to perform TLS origination?
Do we want to setup networkpolicies to prevent bypassing the gateway?
I assume this is all voluntary and can be disabled in the overrides.
p1-repo-sync-bot[bot]
commented
8 months ago this might relate to https://repo1.dso.mil/groups/big-bang/-/epics/187
p1-repo-sync-bot[bot]
commented
7 months ago p1-repo-sync-bot[bot]
commented
4 months ago @benjamin.hester.6 this issue has been inactive for 30 days and is being labelled as ~stale. If this issue is still required please take action by removing the ~stale label and commenting with an update, status, or justification. If this issue is not required please close it or label it as ~delete-me. If no action is taken this issue will be auto closed in 60 days.
p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago p1-repo-sync-bot[bot]
commented
4 months ago
Bug
Description
specifying an egressGatway similar to
ingressGatewaysleads to a schema validation error because the logic to support that in the umbrella chart is not present. Ensure we can supplyistio.egressGatewaysvia the umbrella chart and ensure it makes it through to the istio chart.