K
Q

How to bind gateway to a specific namespace?

1/3/2020

I have the following scenario: enter image description here

  • When the user A enter the address foo.example1.example.com in the browser, then it should call the service FOO in the namespace example1.
  • When the user B enter the address foo.example1.example.com in the browser, then it should call the service FOO in the namespace example2.

I am using istio, the question is, how to configure the gateway, that is bind specific to a namespace:

Look at an example of istio gateway configuration:

  $ kubectl apply -f - <<EOF
  apiVersion: networking.istio.io/v1alpha3
  kind: Gateway
  metadata:
    name: ns_example1
  spec:
    selector:
      istio: ingressgateway # use Istio default gateway implementation
    servers:
    - port:
        number: 80
        name: http
        protocol: HTTP
      hosts:
      - "example1.example.com"
  EOF

When I would deploy the gateway, then it will apply to current namespace but I would like to specify a namespace.

How to assign a gateway to specific namespace?

-- zero_coding
istio
kubernetes

Similar Questions

Traefik Dashboard - custom API path
What is the usage of include in helm
Istio - Kiali - upstream connect error or disconnect/reset before headers
DefaultCredentialsError when trying to collect Google default credentials for Google storage

1 Answer

1/3/2020

I think this link should answer your question.

There is many things You won't need, but there is idea You want to apply to your istio cluster.

So You need 1 gateway and 2 virtual services.

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: foocorp-gateway
  namespace: default
spec:
  selector:
    istio: ingressgateway # use istio default ingress gateway
  servers:
  - port:
      number: 80
      name: http-example1
      protocol: HTTP
    hosts:
    - "example1.example.com"
  - port:
      number: 80
      name: http-example2
      protocol: HTTP
    hosts:
    - "example2.example.com"
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: example1
  namespace: ex1
spec:
  hosts:
  - "example1.example.com"
  gateways:
  - foocorp-gateway
  http:
  - match:
    - uri:
        exact: /
    route:
    - destination:
        host: example1.ex1.svc.cluster.local
        port:
          number: 80
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: example2
  namespace: ex2
spec:
  hosts:
  - "example2.example.com"
  gateways:
  - foocorp-gateway
  http:
  - match:
    - uri:
        exact: /
    route:
    - destination:
        host: example2.ex2.svc.cluster.local
        port:
          number: 80

EDIT

You can create gateway in namespace ex1 and ex2, then just change gateway field in virtual service and it should work.

Remember to add namespace/gateway, not only gateway name, like there.

gateways:
  - some-config-namespace/gateway-name

Let me know if that help You.

-- jt97
Source: StackOverflow