Hey so I configured gateway for port 80 and 8083 for same domain i-e example.com. Now when I create attributes using below config file everything get up and running.
issue is I am using 8083 in service and virtualService but I get response from service at 80 where on 8083 getting connection timeout.
Unable to understand why service is responding on 80 not 8083. I want to keep both ports in gateway but when define in service and ingress port 8083 it should response on specifically on 8083.
Would appreciate your feedback in this.
apiVersion: v1
data:
my.databag.1: need_triage
kind: ConfigMap
metadata:
name: my-service-env-variables
namespace: api
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: my-service
name: my-service-service-deployment
namespace: api
spec:
replicas: 1
template:
metadata:
annotations:
traffic.sidecar.istio.io/excludeOutboundIPRanges: 0.0.0.0/0
labels:
app: my-service-service-deployment
spec:
containers:
- env:
- name: my.variable
valueFrom:
secretKeyRef:
key: my_token
name: my.variable
envFrom:
- configMapRef:
name: my-service-env-variables
image: imaagepath:tag
name: my-service-pod
ports:
- containerPort: 8080
name: mysvcport
resources:
limits:
cpu: 700m
memory: 1.8Gi
requests:
cpu: 500m
memory: 1.7Gi
---
apiVersion: v1
kind: Service
metadata:
name: my-service
namespace: api
spec:
ports:
- port: 8083
protocol: TCP
targetPort: mysvcport
selector:
app: my-service-service-deployment
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: my-service-ingress
namespace: api
spec:
gateways:
- http-gateway
hosts:
- my-service.example.com
http:
- route:
- destination:
host: my-service
port:
number: 8083
---
apiVersion: v1
items:
- apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
clusterName: ""
creationTimestamp: 2018-11-07T13:17:00Z
name: http-gateway
namespace: api
resourceVersion: "11778445"
selfLink: /apis/networking.istio.io/v1alpha3/namespaces/api/gateways/http-gateway
uid: 694f66a4-e28f-11e8-bc21-0ac9e31187a0
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- '*.example.com'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*.example.com'
port:
name: tomcat-http
number: 8083
protocol: HTTP
kind: List
metadata:
resourceVersion: ""
selfLink: ""Two issues with your configuration:
http-tomcat and not tomcat-http, see Istio requirements for named portsistio-ingressgateway service, with the port 8083 added: helm template install/kubernetes/helm/istio/ --name istio-ingressgateway \ --namespace istio-system -x charts/gateways/templates/service.yaml \ --set gateways.istio-egressgateway.enabled=false \ --set gateways.istio-ingressgateway.ports[0].port=80 \ --set gateways.istio-ingressgateway.ports[0].name=http \ --set gateways.istio-ingressgateway.ports[1].port=443 \ --set gateways.istio-ingressgateway.ports[1].name=https \ --set gateways.istio-ingressgateway.ports[2].port=8083 \ --set gateways.istio-ingressgateway.ports[2].name=http-tomcat \ | kubectl apply -f -Having said that, do you really have to enable ingress access to the port 8083? You can define some path in the VirtualService for the port 80, e.g. /tomcat/* and direct the incoming traffic from the port 80 to your service on the port 8083.