Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Minor
Fix Version/s: None
Affects Version/s: OSSM 2.4.0
Component/s: Customer Impact, Maistra
Labels:
- federation

Blocked:
False
Blocked Reason:
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:

How to reproduce:
1. Create ServiceEntry:

kind: ServiceEntry
metadata: 
  name: external-service
spec: 
  exportTo: '.'
  hosts: 
  - fake.external.com
  location: MESH_EXTERNAL
  resolution: DNS
  endpoints: 
  - address: external.default.svc.cluster.local
  ports: 
  - name: https
    number: 443
    protocol: HTTPS

2. Execute request using fake IP and specify Host header:

curl -H "Host: fake.external.com" https://1.1.1.1:443

The request above should succeed, but it fails.

I figured out this issue when I was rebasing federation, so it seems that federation somehow affects service registry. I reproduced this issue in maistra/istio 2.4 (I didn't try 2.3 and 2.2), and therefore I didn't try to fix it, because it's an existing bug.

I believe we will not need to fix it, because it wasn't reported by customers so far and it does not seem to be important use case.

Assignee:: Unassigned

Reporter:: Jacek Ewertowski

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2023/09/08 2:19 PM

Updated:: 2023/09/08 5:50 PM

Details

Description

Attachments

Activity

People

Dates