search

solo-io / gloo

The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
https://docs.solo.io/
Apache License 2.0
4.08k stars 438 forks source link

Generation of Consul TLS upstreams is not working #6644

Open bdecoste opened 2 years ago

bdecoste commented 2 years ago

Gloo Edge Version

1.11.x (latest stable)

Kubernetes Version

No response

Describe the bug

With settings.consulDiscovery.useTlsTagging: true, the generated upstream does not contain the desired sslConfig.

Steps to reproduce the bug

  1. Configure Consul with a Service and Service Instance with the glooUseTls tag
  2. Configure settings: 
    spec:
consul:
address: consul-server.consul.svc.cluster.local:8500
datacenter: dc1
dnsAddress: 8.8.8.8:53
serviceDiscovery:
  dataCenters:
  - dc1
consulDiscovery:
rootCa:
  name: httpbin-ca-cert-only
  namespace: gloo-system
splitTlsServices: true
tlsTagName: glooUseTls
useTlsTagging: true
  3. The resulting upstream looks like the following. Note there is no sslConfig and the upstream is not configured for tls: uid: 1b9270ce-0e35-40b2-820e-3d3286962a0d 
    spec:
consul:
dataCenters:
- dc1
serviceName: httpbin
serviceTags:
- glooUseTls

Expected Behavior

Generated upstream is configured for TLS. The splitTlsServices param also seems to be broken as only one upstream is generates.

Additional Context

Screen Shot 2022-06-26 at 6 30 11 AM Screen Shot 2022-06-26 at 6 29 57 AM

github-actions[bot] commented 4 months ago

This issue has been marked as stale because of no activity in the last 180 days. It will be closed in the next 180 days unless it is tagged "no stalebot" or other activity occurs.