search

kubeshop / kusk-gateway

Kusk-gateway is an OpenAPI-driven API Gateway for Kubernetes
https://kubeshop.github.io/kusk-gateway/
MIT License
253 stars 21 forks source link

Envoy ConfigMap does not work with a root domain different from ".local" #1053

Open andrey-kondratov opened 1 year ago

andrey-kondratov commented 1 year ago

The ConfigMap resource for EnvoyFleet is created with an assumption that the XDS service FQDN will always end with .svc.cluster.local: see https://github.com/kubeshop/kusk-gateway/blob/1738346f75b9c666d81a8ba2b0c056f429ae3554/internal/controllers/envoyfleet_resources.go#L128.

It is not always the case, as the root domain can be changed to something like cluster-domain.example. In that case, the envoy will not be able to fetch the configuration from XDS.

A workaround would be to manually edit the config map after the initialization of the gateway. However, I believe it would be better to provide users with a parameter in the Helm chart to be able to override the DNS suffix according to their cluster's setup.

andrey-kondratov commented 1 year ago

Also found in https://github.com/kubeshop/kusk-gateway/blob/a2db0761bd9785ffcca9b67516d8917b49b006af/internal/controllers/parser.go#L791 https://github.com/kubeshop/kusk-gateway/blob/644f8763bb4069cb138bcd9b30da6bd847429db3/internal/webhooks/certs.go#L198

olensmar commented 1 year ago

Hi @andrey-kondratov - thanks for reporting this. Unfortunately we aren't actively maintaining kusk at the moment - but if you want to create a PR to fix this we will surely review and (hopefully) merge it.