summaryrefslogtreecommitdiffstats
path: root/sidecar/tproxy-config/src/main/bin
AgeCommit message (Collapse)AuthorFilesLines
2018-10-29Route Incoming TCP Traffic Via the Reverse ProxyIanB1-0/+2
By default any container is accessible from any pod inside a Kubernetes cluster. It is therefore possible to send requests directly to the primary microservice even if sidecar security is enabled. An additional netfilter rule will redirect any incoming TCP requests to the Reverse Proxy. The Reverse Proxy service listens on the hard coded port (10692) Issue-ID: AAF-591 Change-Id: I9afccadb08add4312cef770221702942d811cbdd Signed-off-by: IanB <IanB@amdocs.com>
2018-10-17Exempt Cassandra traffic from fproxyRavi Geda1-0/+4
The connection to cassandra is not http/https. Hence bypassing it from going through the forward proxy. Change-Id: Ic4f65222fca5f3698d6ed806333b265d0e392314 Issue-ID: AAF-572 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-10-10Correct the forward proxy portRavi Geda1-4/+1
Change-Id: I1531731713729dec57590f014dfe0c947ef55d37 Issue-ID: AAF-553 Signed-off-by: Ravi Geda <gravik@amdocs.com>
2018-09-20Initial drop of tproxy-config init containerBlackwell, Ian (ib733q)1-0/+29
The tproxy-config init container sets up a pod's internal network routing such that any traffic outbound from the primary service is routed through the forward proxy. Change-Id: Ieca438fbed07db5fe7bce6162811634237c61b2a Issue-ID: AAI-1664 Signed-off-by: Blackwell, Ian (ib733q) <ib733q@att.com>