search

openservicemesh / osm

Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
https://openservicemesh.io/
Apache License 2.0
2.58k stars 277 forks source link

injector: Allow for customizations of iptables config based on OSM Controller observed context #2344

Closed draychev closed 3 years ago

draychev commented 3 years ago

With GitHub Issue https://github.com/openservicemesh/osm/issues/2243 we are going to make iptables config from a static bash script to dynamicly generated in Go.

This task is to take this a step further and provide a way for specific traffic to bypass Envoy proxy.

For instance certain kinds of payload may need to access local node's metadata service. In these Kubernetes configurations, we need to configure OSM so that this kind of traffic is allowed / unaffected through Envoy. This could be done via the OSM ConfigMap, command line arguments, CRD etc.

draychev commented 3 years ago

related issue: https://github.com/openservicemesh/osm/issues/1670

shashankram commented 3 years ago

I'll look into this, should be straightforward.