I want to setting an Istio ingressgateway on a single node K8s cluster (taint nodes --all) hosted on private VMs for Dev purpose. Since I don't have a Load balancer, the istio-ingressgateway external IP is always on "Pending" mode (which is normal). In this configuration i need to use for example port 31380/31390 instead of 80/443.
What's the best practice to bypass this behavior ? can i patch the External IP of the istio-ingressgateway ? initialize the ingressgateway with a different type (NodePort) ? redirect the traffic with a local LB or anothier Ingress controler ?
Thanks in advance for your feedbacks. A.
As far as i know, Istio Ingressgateway can not use hostNetwork.
You may add externalIPs to your Service definition, e.g. add nodes IP addresses as externalIPs. Then once you hit node1_IP:443 - it will forward you to IngressGateway.
Like this:
kind: Service
apiVersion: v1
metadata:
name: my-service
spec:
selector:
app: MyApp
ports:
- name: http
protocol: TCP
port: 80
targetPort: 9376
externalIPs:
- node1_IP
- node2_IP
- node3_IPRead more here: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
Alternatively you can define IngressGateway pod to use hostNetwork. In that case it can also use 80 and 443 ports, but only using IP of the node which it is running on.