application-gateway-kubernetes-ingress icon indicating copy to clipboard operation
application-gateway-kubernetes-ingress copied to clipboard

Published 20 hours ago verified publisher icon Azure

Not able to use TCP/TLS proxy

Open ptrautberg opened this issue 1 year ago • 2 comments

Describe the bug Application Gateway is now offering TCP/TLS proxy, eg. for connecting to DB instances (link). Similar, this functionality can be used to access cluster-hosted dbs (statefulsets) using APP GW's private FE, but AGIC annotations do not include that.

image [source]

Also, the same is missing for health-checks. There is no such annotation like appgw.ingress.kubernetes.io/health-probe-protocol, which would allow to set custom health probe protocol. This is a must-have when using APP GW with TCP PROXY.

To Reproduce Configure ingress using TCP/TLS protocol, instead of HTTP(S).

Ingress Controller details Image: mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.7.4

ptrautberg avatar Jul 12 '24 15:07 ptrautberg

This feature would be extremely helpful for using CAC (Common Access Card) authentication through an App GW into an Azure K8S cluster and be able to leverage application-gateway-kubernetes-ingress.

Azure documentation article as of 9/06/2024 does state this is currently unsupported Application Gateway TCP/TLS proxy overview.

MichaelChristopherson avatar Nov 20 '24 15:11 MichaelChristopherson

Is there any plan for when this would be available?

This is a feature that we are all waiting for.

gameiro avatar Feb 17 '25 14:02 gameiro