mirror of https://github.com/linkerd/linkerd2.git
4f16a234aa
The proxy has a default, hardcoded set of ports on which it doesn't do protocol detection (25, 587, 3306 -- all of which are server-first protocols). In a recent change, this default set was removed from the outbound proxy, since there was no way to configure it to anything other than the default set. I had thought that there was a default set applied to proxy-init, but this appears to not be the case. This change adds these ports to the default Helm values to restore the prior behavior. I have also elected to include 443 in this set, as it is generally our recommendation to avoid proxying HTTPS traffic, since the proxy provides very little value on these connections today. Additionally, the memcached port 11211 is skipped by default, as clients do not issue any sort of preamble that is immediately detectable. These defaults may change in the future, but seem like good choices for the 2.9 release. |
||
|---|---|---|
| .. | ||
| cli | ||
| integration | ||