I try to configure istio ingress using openshift route. As I understand the request path is as follows:
request -> route -> ingress service -> gateway -> virtual service -> app service -> app
So, I apply follow config:
Route.yml:
kind: Route
...
spec:
host: my-app.com
to:
kind: Service
name: ingress-service
weight: 100
port:
targetPort: http
...
ingress-service.yml:
kind: Service
metadata:
name: ingress-service
...
spec:
ports:
- name: status-port
protocol: TCP
port: 15020
targetPort: 15020
- name: http
protocol: TCP
port: 9080
targetPort: 9080
selector:
app: ingressgateway
istio: ingressgateway
type: ClusterIP
ingress-gateway.yml:
kind: Gateway
metadata:
name: ingress-gw
...
spec:
servers:
- hosts:
- my-app.com
port:
name: http
number: 9080
protocol: HTTP
selector:
istio: ingressgateway
ingress-virtual-service.yml
kind: VirtualService
...
spec:
hosts:
- my-app.com
gateways:
- ingress-gw
http:
- route:
- destination:
host: my-app
port: 9080
exportTo:
- .
I dont set up port 9080 in deployment for ingressgateway pod. And it works. But only if I send request to http://my-app.com:80
Where did I go wrong and how to make only path accessible http://my-app.com:9080 ?
The exposed port numbers for external depend on Router(HAProxy) pod listening ports on OpenShift. If you want to 9080 port instead of 80, you should change the port on Router(HAProxy) pod. Or you can handle the port number on LB to use other port numbers.
The access flow is as follows.
LB(80, 443)
-> Router pod(80, 443)
-> Ingress-Gateway pod
-Through Gateway and VirtualService -> Backend pod