Open littlejiancc opened 1 month ago
cc @kyessenov @alyssawilk as internal-upstream code-owners.
there's lots of ways this could be misconfigured and as far as we know envoy does the right thing. I think you'll have to just debug your particular use case sorry.
@alyssawilk Hi, Thanks for your reply, I know envoy does the right thing, but I read the envoy documentation and found that transport_socket does not support settingenvoy.transport_sockets.internal_upstream
and envoy.transport_sockets.tls
at the same time.
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
If you are reporting any crash or any potential security issue, do not open an issue in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately.
Title: One line description How to access the https server through the tunnel with dynamically set hostname using dynamic metadata
Description:
client ----https---- server
Image from https://www.zhaohuabing.com/post/2022-09-11-ambient-deep-dive-1/
If do not use dynamic set hostname, use TCP passthrough and set tls, it works
But since internal_upstream needs to be set, there is no place to set tls.
envoy config
[optional Relevant Links:]