old_issues_repo icon indicating copy to clipboard operation
old_issues_repo copied to clipboard

Published 20 hours ago verified publisher icon istio

Question: host wildcards possible?

Open bfleming-ciena opened this issue 7 years ago • 4 comments

0.8.0

With istioctl my serviceentry object chokes on the wildcard.

Error: configuration is invalid: invalid host *

I used kubectl to create the serviceentry object with * and it's fine. So I guess that's how it's done?

Also, in general, is it possible to just allow all hosts and all ports? I wanted to add this to an existing k8s cluster but it will take some time to find all the possible external hosts and ports and add them into a serviceentry object. I rather open it up entirely and then start nailing it down, so I can at least do some performance testing with istio in place.

Thanks

bfleming-ciena avatar Jun 05 '18 03:06 bfleming-ciena

You have to put a host with wild card in double quotes: "*".

vadimeisenbergibm avatar Jun 05 '18 07:06 vadimeisenbergibm

@vadimeisenbergibm - Thanks, yeah that works fine if I use kubetl, not istioctl.

How about allowing all ports? Or is the best option to add the envoy option to ignore a given subnet of IPs? That might work in my case, I just want my k8s cluster to have the ability to communicate with any EC2 instance in my VPC.

thank you very much!

bfleming-ciena avatar Jun 05 '18 15:06 bfleming-ciena

@stonefury hi, can the serviceentry with a host "*" work well?

wansuiye avatar Oct 29 '18 08:10 wansuiye

@stonefury hi, can the serviceentry with a host "*" work well?

Thanks for the reply @wansuiye. Honestly, I am no longer exploring this. So I can't confirm if that would work. It would be nice if someone could confirm that to either resolve or keep this open as a feature request.

bfleming-ciena avatar Nov 07 '18 22:11 bfleming-ciena