I am using istioctl to install istio in an EKS cluster. However, for the moment I will be using an nginx ingress for externally facing services. How can I just deploy the istio service internally, or at least avoid the automatically created ELB?
You can do it by editing istio-ingressgateway.
Change service type from
LoadBalancer -> Exposes the Service externally using a cloud provider’s load balancer
to
ClusterIP -> Exposes the Service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster.
Let's edit ingressgateway
kubectl edit svc istio-ingressgateway -n istio-systemThen please change the type from LoadBalancer to ClusterIP and # or delete every nodePort since You won't use them anymore and it have to be # or deleted so You could actually edit the file, without it, it fails to edit and nothing is happening.
EDIT
I can do this at install with istioctl using a values.yaml file?
Yes, it's possible.
This is a value You need to change:
values.gateways.istio-ingressgateway.type
example
Creating manifest to apply istio demo profile with ClusterIP
istioctl manifest generate --set profile=demo --set values.gateways.istio-ingressgateway.type="ClusterIP" > $HOME/generated-manifest.yaml