I have been at this for days, and cannot figure out for the life of me how to send egress http traffic (that has successfully arrived at the egress gateway) from the egress gateway and to its destination through a tcp forward proxy.
On the nodes, this proxy is set via environment variables:
HTTP_PROXY=http://myproxy.mycorporate.internal.domain:9081
HTTPS_PROXY=http://myproxy.mycorporate.internal.domain:9081
NO_PROXY=(list of things not to proxy)
I have tried to set these environment variables via ProxyConfig in the istio-system namespace, and directly on the istio-egressgateway deployment spec. In this case, if i exec into my istio-egressgateway pod and curl an external url, it succeeds through the forward proxy. But istio/envoy traffic does not seem to use these variables or go through the proxy.
I have tried many combinations of serviceentries and virtualservices for the proxy to no avail.
What am i missing?? I am banging my head as no traffic can get to the internet in my VPC without going through this corporate forward proxy. I should also add that istio is configured permissively for egress traffic with all allowed at this moment.