-
Notifications
You must be signed in to change notification settings - Fork 504
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for SSL passthrough #1254
Labels
Comments
linkerd-tcp can already do this. Adding this functionality to linkerd is more difficult and would require finagle and netty changes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would simplify the configuration of some deployments of linkerd had the option of passing through SSL connections instead of trying to terminate and route it.
In my case I have a kubernetes cluster running l5d as a daemonset. The outgoing port is used to resolve both internal (k8s services) and external (AWS APIs, etc) endpoints. Not all tools/applications respect the conventional
http_proxy
andhttps_proxy
environment variables. For instance JRuby (9.1.7.0) does not look at thehttps_proxy
environment variable and just useshttp_proxy
. As a result, you can run into scenarios where SSL is sent to thehttp_proxy
.When this occurs, linkerd forwards along the
CONNECT
HTTP method (https://en.wikipedia.org/wiki/HTTP_tunnel#HTTP_CONNECT_tunneling) to the endpoint (e.g. AWS) resulting in a 400 Bad Request.The text was updated successfully, but these errors were encountered: