vadimeisenbergibm
commented
6 years ago You have to put a host with wild card in double quotes: "*".
Open bfleming-ciena opened 6 years ago
vadimeisenbergibm
commented
6 years ago You have to put a host with wild card in double quotes: "*".
bfleming-ciena
commented
6 years ago @vadimeisenbergibm - Thanks, yeah that works fine if I use kubetl, not istioctl.
How about allowing all ports? Or is the best option to add the envoy option to ignore a given subnet of IPs? That might work in my case, I just want my k8s cluster to have the ability to communicate with any EC2 instance in my VPC.
thank you very much!
wansuiye
commented
5 years ago @stonefury hi, can the serviceentry with a host "*" work well?
bfleming-ciena
commented
5 years ago @stonefury hi, can the serviceentry with a host "*" work well?
Thanks for the reply @wansuiye. Honestly, I am no longer exploring this. So I can't confirm if that would work. It would be nice if someone could confirm that to either resolve or keep this open as a feature request.
0.8.0
With istioctl my serviceentry object chokes on the wildcard.
Error: configuration is invalid: invalid host *
I used kubectl to create the serviceentry object with * and it's fine. So I guess that's how it's done?
Also, in general, is it possible to just allow all hosts and all ports? I wanted to add this to an existing k8s cluster but it will take some time to find all the possible external hosts and ports and add them into a serviceentry object. I rather open it up entirely and then start nailing it down, so I can at least do some performance testing with istio in place.
Thanks