Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

consider Consul TLS config in envoy bootstrap hook #7567

Closed
shoenig opened this issue Mar 31, 2020 · 1 comment
Closed

consider Consul TLS config in envoy bootstrap hook #7567

shoenig opened this issue Mar 31, 2020 · 1 comment
Labels
theme/consul/connect Consul Connect integration theme/consul type/bug

Comments

@shoenig
Copy link
Member

shoenig commented Mar 31, 2020

Currently the envoy bootstrap task runner hook directly uses the value from the agent's consul.address parameter for passing into the invocation of consul connect envoy -boostrap -http-addr flag. This value is used by the invoked Consul CLI to communicate with the specified Consul agent for generating the envoy bootstrap config. We are not respecting the TLS/auth config options, which I think we can pass through using environment variables when doing the exec consul
shoenig added a commit that referenced this issue Apr 2, 2020
@shoenig
connect: set consul TLS options on envoy bootstrap
fb0bd3c 
Fixes #6594 #6711 #6714 #7567

e2e testing is still TBD in #6502

Before, we only passed the Nomad agent's configured Consul HTTP
address onto the `consul connect envoy ...` bootstrap command.
This meant any Consul setup with TLS enabled would not work with
Nomad's Connect integration.

This change now sets CLI args and Environment Variables for
configuring TLS options for communicating with Consul when doing
the envoy bootstrap, as described in
https://www.consul.io/docs/commands/connect/envoy.html#usage
@shoenig shoenig mentioned this issue Apr 2, 2020
Merged
@shoenig shoenig closed this as completed Apr 3, 2020
@github-actions
Copy link

I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 10, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
theme/consul/connect Consul Connect integration theme/consul type/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shoenig