If you want to configure x-cluster communication for TLS endpoints exposed on other remote clusters by enabling the client to initiate TLS (https) origin requests using DNS hostnames. You can add a flag to XCP Edge so that a passthrough is created for such DNS hostnames based x-cluster communication through https.
What is the use-case?
Imagine a situation where
sleep service from
Cluster-1 needs to connect to
https://foo.com which is exposed over a
Gateway in another remote cluster i.e
Enable TLS support for DNS hostnames in x-cluster communication
To enable DNS hostname based x-cluster communication at XCP edge, you will need to
xcp component in
ControlPlane CR or Helm values and add an environment variable
ENABLE_MULTICLUSTER_HTTPS_CLIENT with value
- apiVersion: install.xcp.tetrate.io/v1alpha1
- path: spec.components.edgeServer.kubeSpec.deployment.env[-1]
Refer to Multi-cluster traffic routing using EastWest Gateways for how to enable EastWest routing .