Unable to access Istio addons via network Load Balancer
All add-ons are running fine, just I am unable to access it via Network LoadBalancer URL
[ec2-user@ip-10-0-0-60 ~]$ kubectl get vs,dr,gw -n istio-system
NAME GATEWAYS HOSTS AGE
virtualservice.networking.istio.io/grafana-vs [grafana-gateway] [grafana.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.u s-east-1.amazonaws.com] 32h
virtualservice.networking.istio.io/kiali-vs [kiali-gateway] [kiali.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us- east-1.amazonaws.com] 32h
virtualservice.networking.istio.io/prometheus-vs [prometheus-gateway] [prometheus.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.el b.us-east-1.amazonaws.com] 32h
virtualservice.networking.istio.io/tracing-vs [tracing-gateway] [tracing.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.u s-east-1.amazonaws.com] 32h
NAME HOST AGE
destinationrule.networking.istio.io/grafana grafana 32h
destinationrule.networking.istio.io/kiali kiali 32h
destinationrule.networking.istio.io/prometheus prometheus 32h
destinationrule.networking.istio.io/tracing tracing 32h
NAME AGE
gateway.networking.istio.io/grafana-gateway 32h
gateway.networking.istio.io/kiali-gateway 32h
gateway.networking.istio.io/prometheus-gateway 32h
gateway.networking.istio.io/tracing-gateway 32h
My source code where I kept the YAML files is below;
https://github.com/ameyaagashe/istio-addons.git
Pods are running fine, so is the case with service is fine as per below;
[ec2-user@ip-10-0-0-60 addons]$ kubectl get pods,svc -n istio-system
NAME READY STATUS RESTARTS AGE
pod/grafana-94f5bf75b-5vmwk 1/1 Running 0 37h
pod/istio-egressgateway-64f6cf8c5c-xfx5c 1/1 Running 0 37h
pod/istio-ingressgateway-7d494fc944-nfbgl 1/1 Running 0 37h
pod/istiod-559cbd785d-rxs5m 1/1 Running 0 37h
pod/jaeger-5c7675974-2tkg9 1/1 Running 0 37h
pod/kiali-667b888c56-2p9rt 1/1 Running 0 32h
pod/prometheus-7d76687994-7b8hp 2/2 Running 0 33h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/grafana ClusterIP 10.100.217.154 <none> 3000/TCP 37h
service/istio-egressgateway ClusterIP 10.100.124.234 <none> 80/TCP,443/TCP,15443/TCP 37h
service/istio-ingressgateway LoadBalancer 10.100.139.212 a77a61e85b85a46198645ac29a1ebbfd-1680121350.us-east-1.elb.amazonaws.com 15021:32196/TCP,80:30819/TCP,443:31500/TCP,31400:30624/TCP,15443:31551/TCP 37h
service/istiod ClusterIP 10.100.49.147 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 37h
service/jaeger-collector ClusterIP 10.100.117.234 <none> 14268/TCP,14250/TCP 37h
service/kiali ClusterIP 10.100.158.203 <none> 20001/TCP,9090/TCP 37h
service/prometheus ClusterIP 10.100.40.238 <none> 9090/TCP 37h
service/tracing ClusterIP 10.100.50.33 <none> 80/TCP 37h
service/zipkin ClusterIP 10.100.183.114 <none> 9411/TCP 37h
[ec2-user@ip-10-0-0-60 addons]$
Now, I cannot access them ...
[ec2-user@ip-10-0-0-60 addons]$ curl http://grafana.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
curl: (6) Could not resolve host: grafana.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://kiali.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
curl: (6) Could not resolve host: kiali.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://prometheus.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
curl: (6) Could not resolve host: prometheus.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://tracing.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
curl: (6) Could not resolve host: tracing.a77a61e85b85a46198645ac29a1ebbfd-e856e794d398b3ae.elb.us-east-1.amazonaws.com
[ec2-user@ip-10-0-0-60 addons]$
P. S; Please check my screenshot below,
So now, I should update my NLM string in each YAML file with a77* to learningservicemesh.com ?
Please assist.
Did exactly as you suggested but no charm...
[ec2-user@ip-10-0-0-60 addons]$ kubectl get vs,gw,dr -n istio-system
NAME GATEWAYS HOSTS AGE
virtualservice.networking.istio.io/grafana-vs [grafana-gateway] [grafana.learningservicemesh.com] 6s
virtualservice.networking.istio.io/kiali-vs [kiali-gateway] [kiali.learningservicemesh.com] 6s
virtualservice.networking.istio.io/prometheus-vs [prometheus-gateway] [prometheus.learningservicemesh.com] 6s
virtualservice.networking.istio.io/tracing-vs [tracing-gateway] [tracing.learningservicemesh.com] 6s
NAME AGE
gateway.networking.istio.io/grafana-gateway 6s
gateway.networking.istio.io/kiali-gateway 6s
gateway.networking.istio.io/prometheus-gateway 6s
gateway.networking.istio.io/tracing-gateway 6s
NAME HOST AGE
destinationrule.networking.istio.io/grafana grafana 6s
destinationrule.networking.istio.io/kiali kiali 6s
destinationrule.networking.istio.io/prometheus prometheus 6s
destinationrule.networking.istio.io/tracing tracing 6s
[ec2-user@ip-10-0-0-60 addons]$ curl http://grafana.learningservicemesh.com
curl: (6) Could not resolve host: grafana.learningservicemesh.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://kiali.learningservicemesh.com
curl: (6) Could not resolve host: kiali.learningservicemesh.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://prometheus.learningservicemesh.com
curl: (6) Could not resolve host: prometheus.learningservicemesh.com
[ec2-user@ip-10-0-0-60 addons]$ curl http://tracing.learningservicemesh.com
curl: (6) Could not resolve host: tracing.learningservicemesh.com
[ec2-user@ip-10-0-0-60 addons]$
Solution
The issue was, subdomain was not created for learningservicemesh.com. Once I created a sub-domain, all started working perfectly fine.
- Amazon SES cannot find DNS Records for "custom MAIL FROM domain" (after some time)
- How to make inference to a keras model hosted on AWS SageMaker via AWS Lambda function?
- How to deploy a Pre-Trained model using AWS SageMaker Notebook Instance?
- AWS sts assume role in one command
- How to connect AWS Elasticache Redis cluster to Spring Boot app?
- AWS elastic Beanstalk / nginx : connect() failed (111: Connection refused
- AWS ECS exec /usr/local/bin/docker-entrypoint.sh: exec format error
- How can I delete folder on S3 with Node.js?
- Enable caching for url query parameters in aws api gateway with terraform
- AWS IAM role principal vs role session principal
- Setting directory owner and permission with appspec.yml through Amazon Web Service CodeDeploy
- How to update multiple items in a DynamoDB table at once
- https on S3 WITHOUT cloudfront possible?
- How to query Views in Athena in a AWS Glue ETL job
- AWS glue to extract json referenced by id
- Unable to delete AWS VPC Endpoint
- Amazon textextract I can't find trp module
- Can't find AWS Lightsail permissions policy for my IAM user
- How to query dynamoDB based on key + attribute?
- AWS Bedrock RAG - Unable to sync data source in a knowledge base
- How to duplicate a Redshift table schema?
- SpringBoot + AWS cognito, can't resolve issuerUri
- image failed to show when Upload from Lambda
- How to use dynamoose in AWS AppSync JS resolver?
- How message from AWS DLQ gets deleted?
- Template format error: unsupported structure seen in AWS CloudFormation
- AWS InvalidSignatureException, Signature expired when running from docker container
- AWS Glue - o109.pyWriteDynamicFrame. ERROR: relation "xyz" already exists
- AWS - NoCredentialsError: Unable to locate credentials
- Amazon Athena CREATE EXTERNAL TABLE mismatched input 'external' invalidrequestexception