Here's my problem: I've got a kubernetes cluster with external proxy. In prior to use internet connection (like external services, apis etc) i need to set http/s_proxy and no_proxy variables. With this configuration everything works great. I can easily curl google or any k8s service.
And here comes Istio. With the same variables the only response i get (no matter if external or internal) is 400 bad request from external proxy (squid).
I found i need to set up ServiceEntry in Istio so i did with configuration seen below:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: proxy
spec:
hosts:
- my-company-proxy.com # ignored
addresses:
- $PROXY_IP/32
ports:
- number: $PROXY_PORT
name: tcp
protocol: TCP
location: MESH_EXTERNALThe thing is that i can curl any external endpoint like google but all the internal traffic is also forced to use the proxy which of course returns problems with unknown dns record.
It seems like Istio ignores no_proxy variable and forces all the traffic to use the proxy.
My question is: what to do now? Do i need to setup anything else?