-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dynamic forward proxy with connect termination #24139
Comments
@batchamalick I noticed that you posted a config here that terminated CONNECT and creates tunnel to destination. I amt rying basically the same thing but all I get is 404s for some reason. |
is the port |
Oh yeah, 10010 is the kubernetes service's port that exposes the envoy deployment. My envoy port is 10000, and the service's port 10010 gets translated to 10000 |
I'm not sure what envoy you are running but with the same config you shared I can do the test.
My envoy version
|
cc @alyssawilk |
alright, so this is tricky and I don't quite know how to explain this. Here's what is happening:
Does this mean envoy forward-proxy is only to be used for traffic coming from sidecar? and not when exposed via a public IP (like how squid can be used)? |
Hi @alyssawilk , would you know what's going wrong here? Thanks! |
@shibin-george I tested your dynamic forward proxy on a kind cluster with metallb and it works fine. I think you need to configure an access log to find more information. If it won't be helpful, use wireshark to see what happens under the hood.
No, it's a general purpose proxy. |
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions. |
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions. |
I've tried your config, but got 503 error:
my envoy version is
|
@batchamalick any comment? |
Description:
I am trying to set up Envoy to act as a forward proxy for my internet-outbound needs.
essentially,
curl -x <Envoy-service's public IP>:<listener port> xyz.com
should result in Envoy starting a TCP tunnel between client (curl) and destination.
Here's the config that I'm using:
When I run
curl -x IP:10010 https://api.ipify.org -v
, here's the output I get:If the destination is http instead of https, its still a 404, but a different reason:
My config is borrowed from here but for DFP cluster type.
Appreciate any help in figuring out what's going wrong here.
squid as forward proxy is working but I don't want to use squid, if I can.
The text was updated successfully, but these errors were encountered: