Uploaded image for project: 'Maistra'
  1. Maistra
  2. MAISTRA-1490

IOR doesn't support all TLS termination types

    XMLWordPrintable

Details

    • Task
    • Resolution: Won't Do
    • Major
    • None
    • None
    • ior

    Description

      Currently IOR can only create passthrough TLS Routes, it is hardcoded.
      OpenShift Routes can have two other kind of TLS termination: reencrypt and edge.

      It should be possible to use Istio with re-encrypted or edge terminated Routes (most common use cases I've seen).

      I don't know if it's already doable today based on Gateway TLSmode, if upstream Istio needs to be extended for IOR to parse such settings or simply adding an openshift label on the Gateway resource to inform the IOR process how to handle the TLS termination in an OpenShift Route specific way.

      Attachments

        Issue Links

          is related to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. OSSM-212 [RFE] Remove dependency of istio-system namespace when creating gateways

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed

          Activity

            People

              Unassigned Unassigned
              edbafbmt Benjamin Merot
              Votes:
              4 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: