I have a virtual service in kubernetes as defined in the following file,

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: {{ .Chart.Name }}-vs
  namespace: istio-system
spec:
  hosts:
    - {{ .Values.virtualservice.host }}
    - {{ .Chart.Name }}.default.svc.cluster.local
  gateways:
    - {{ .Values.virtualservice.gateway }}
    - mesh
  http:
    - route:
        - destination:
            host: {{ .Chart.Name }}.default.svc.cluster.local
            port:
              number: {{ .Values.service.port }}
      corsPolicy:
        allowOrigin:
          - '*'
        allowMethods:
          - OPTIONS
          - GET
          - POST
          - PUT
          - DELETE
        allowCredentials: true
        allowHeaders:
          - '*'
        maxAge: "24h"

My actual service works fine when I port forward to it. It's a java app serving HTTP only.

However, when I try to hit it using HTTPS via the virtual service as defined above, it fails. The static pages load fine. But if hit something that causes the app to go backend and access another service, I get a failure. The app is actually a Zuul proxy and needs to hit backend services.

I am not able to figure out how to debug this or what could be causing this issue.

thanks

EDIT

A strange thing I noticed. All the services including the api-gw are listening on port 8080. They are all Spring-boot apps.

Fails:

• API-gw service, SpringBootApp and Docker container and kube service - 8080
• Back-end service, SpringBootApp , Docker container and kube service - 8080

Succeeds:

• API-gw service, SpringBootApp and Docker container and kube service - 11243 [anything except 8080]
• Back-end service, SpringBootApp , Docker container and kube service - 8080

what's the reason?

thanks