Code Review / aaf / cadi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 16b2d4d) | patch
Route Incoming TCP Traffic Via the Reverse Proxy 02/71402/1
authorIanB <IanB@amdocs.com>
Mon, 29 Oct 2018 15:05:30 +0000 (15:05 +0000)
committerIanB <IanB@amdocs.com>
Mon, 29 Oct 2018 15:31:48 +0000 (15:31 +0000)
commit125257739ceda7d01be1d6fa4b56bf4764c9ef9f
treeb96cc68ffba4c6c72adbffea0d868e1cbbe6a339tree | snapshot
parent16b2d4d78ac172b01e5e68d088390136b572d09ecommit | diff
Route Incoming TCP Traffic Via the Reverse Proxy

By default any container is accessible from any pod inside
a Kubernetes cluster. It is therefore possible to send requests
directly to the primary microservice even if sidecar security
is enabled.

An additional netfilter rule will redirect any incoming TCP
requests to the Reverse Proxy. The Reverse Proxy service
listens on the hard coded port (10692)

Issue-ID: AAF-591

Change-Id: I9afccadb08add4312cef770221702942d811cbdd
Signed-off-by: IanB <IanB@amdocs.com>
sidecar/tproxy-config/src/main/bin/start.sh diff | blob | history
ARCHIVED- 2022-02-15 at the request of the project