## Description We are currently using Knative version 0.6 and it comes with Istio version 1.0.7. This Istio version does not allow egress to external services by default. It is necessary to whitelist all the external services you want to access from within the mesh, one by one, see https://istio.io/docs/tasks/traffic-management/egress/egress-control/#controlled-access-to-external-services. Example: ```yaml kubectl apply -f - <<EOF apiVersion: networking.istio.io/v1alpha3 kind: ServiceEntry metadata: name: gitlab-https-ext spec: hosts: - gitlab.com ports: - number: 443 name: https protocol: HTTPS resolution: DNS location: MESH_EXTERNAL EOF ``` ## Proposal Update Istio / configuration to use `mode: ALLOW_ANY` to enable egress to any external service by default. /cc @danielgruesso @DylanGriffith