kubernetesistiokubernetes-dashboard

kubernetes-dashboard exposing through istio [1.0.0] ingress --istio-ingressgateway


I have configured istio ingress with lets encrypt certificate. I am able to access different service on https which are running on different port by using gateways and virtualservice.

But kubernetes-dashboard run on 443 port in kube-system namespace and with its own certificate, How i can expose it through istio gateways and virtualservice.

I have defined sub domain for dashboard and created gateways,virtualservice and it was directing 443 trafic to kuberentes dashboard service , but its not working.

for https virtual service config i have taken reference from for istio doc


Solution

  • It sounds like you want to configure an ingress gateway to perform SNI passthrough instead of TLS termination. You can do this by setting the tls mode in your Gateway configuration to PASSTHROUGH something like this:

    apiVersion: networking.istio.io/v1alpha3
    kind: Gateway
    metadata:
      name: dashboard
    spec:
      selector:
        istio: ingressgateway
      servers:
      - port:
          number: 443
          name: https-dashboard
          protocol: HTTPS
        tls:
          mode: PASSTHROUGH
        hosts:
        - dashboard.example.com
    

    A complete passthrough example can be found here.