Configure HTTP Egress Traffic using Wildcard Hosts


With the use of an additional SNI proxy container, we have a way to route HTTPS traffic through the egress gateway without having to specify particular hosts:

Is there a way to similarly configure HTTP traffic (without TLS) to be routed from application container, through sidecar, then to egress gateway and out? So far I have only found a way to do this by creating ServiceEntries for specific external servers not for wild-carded destinations.

@vadimeisenbergibm, @frankbu @geeknoid: Your suggestions would be much appreciated.



Perhaps the envoy Original destination host request header can be used?


@skydoctor You can do it, I tested various proxy options here

The problem is however, with performance, since the additional Nginx proxy will not respect the original keep-alive directive, and the connections will not be kept alive.


@vadimeisenbergibm does configuring “keepalive” on NGINX keep the connection open?


I do not remember currently, there was some problem with it.