contour icon indicating copy to clipboard operation
contour copied to clipboard

Published 20 hours ago verified publisher icon projectcontour

support fallback certificate in v1beta1/Ingress

Open stevesloka opened this issue 4 years ago • 7 comments

#2428 has a design to enable fallback certs in HTTPProxy. This issue is to follow up with thoughts around how to apply to Ingress v1beta1.

Originally posted by @stevesloka in https://github.com/projectcontour/contour/pull/2428

stevesloka avatar Apr 21 '20 18:04 stevesloka

I guess the logic to support fallback certificate feature in Ingress resource wouldn't be that different from HTTPProxy. If ingressResource.Spec.TLS is not set and an fallback annotation is set, add the hosts and corresponding route rules from that ingressResource to ingress_fallback route config during dag visit.

ravilr avatar Apr 28 '20 02:04 ravilr

Any updates on this feature?

echupriyanov avatar Jun 01 '21 10:06 echupriyanov

Cc @xaleeks if this is something on your priority list

If we were to support this on Ingress, would have to be via an annotation to enable it, however which vhost to apply a fallback cert to is problematic as an Ingress could have many. Might be ok to apply to all that are specified on an Ingress we would just have to be clear about documentation etc.

sunjayBhatia avatar Jun 01 '21 13:06 sunjayBhatia

Yes, I agree that it would need an annotation, and would also need clear documentation about what would happen in various Ingress cases (like multiple vhosts).

youngnick avatar Jun 02 '21 00:06 youngnick

See also this comment which asks a clarifying question about the expected ux

sunjayBhatia avatar Jun 29 '22 19:06 sunjayBhatia

same boat as https://github.com/projectcontour/contour/issues/4556 moving out of a milestone until we get more info

sunjayBhatia avatar Jul 19 '22 20:07 sunjayBhatia

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

github-actions[bot] avatar Feb 18 '24 00:02 github-actions[bot]

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

github-actions[bot] avatar Mar 22 '24 00:03 github-actions[bot]