Istio VirtualService HTTPRedirect to https

Marcos · June 16, 2021, 12:09am

Hi,

How can I specify that a redirect is done via HTTPS in a Virtual Service?

The HttpRedirect doesn’t seem to have any configuration about that, and if I create a Virtual Service like this:

...
  http:
  - match:
    - uri:
        exact: /redirect
    redirect:
      authority: somedomain.com
      uri: /redirected
...

With a request to /redirect, I get a < location: http://somedomain.com/redirected.

To get around this, I created an Envoy Filter with this:

function envoy_on_request(request_handle)
  local headers = request_handle:headers();
  local path = headers:get(":path")
  local pathWithoutQueryString = string.match(path,"^([^%?]+)")

  if pathWithoutQueryString:match("^/redirect$") then
    local qstring = string.match(path,"(%?.*)")
    request_handle:respond({[":status"] = "301", ["Location"] = "https://somedomain.com/redirected" .. (qstring or "") }, "301 Moved Permanently")
  end
end

This works, but I think it’s better to mantain this in Virtual Service.

Is there any way to do this without EnvoyFilter?

alexlo-corp · June 25, 2021, 8:44pm

You want probably want TLS origination

Topic		Replies	Views
HTTPRedirect to https url	1	1818	July 5, 2019
Virtual Service HttpRedirect Networking	0	389	June 2, 2020
Istio ingress virtualhost based service redirection Networking	0	1114	February 13, 2020
Istio Ingress http redirect to https Networking	1	4996	February 1, 2021
mTLS origination from egress gateway does not handle Redirect that contains `https` in the location	0	542	August 8, 2019

Istio VirtualService HTTPRedirect to https

Related topics