Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support Egress gateway and enhance observability of outbound traffic. #1130

Open
2 tasks
LiZhenCheng9527 opened this issue Dec 20, 2024 · 0 comments
Open
2 tasks

support Egress gateway and enhance observability of outbound traffic. #1130

LiZhenCheng9527 opened this issue Dec 20, 2024 · 0 comments
Labels
kind/enhancement New feature or request

Comments

@LiZhenCheng9527
Copy link
Collaborator

LiZhenCheng9527 commented Dec 20, 2024
edited
Loading

What would you like to be added:

  • support REGISTER_ONLY and ALLOW_ANY mode of egress gateway.
  • Add result of connection failed in accesslog. Let the user know if it's a normal failure due to authz or an abnormal failure.

Why is this needed:
"Network perimeter security" is a key concern for any enterprise operations team. Network outbound traffic also needs to be secured.
But Kmesh doesn't do anything about outbound traffic right now. While there is no handling of this in ambient mesh either, the handling of outbound traffic is controlled in istio sidecar mode using REGISTER_ONLY and ALLOW_ANY.
Once the outbound traffic has been controlled, we need to add the reason for the connection failure in the accesslog. So that the user knows whether the link failed because of an expected or unexpected result.
@LiZhenCheng9527 LiZhenCheng9527 added the kind/enhancement New feature or request label Dec 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LiZhenCheng9527