I am creating istio service mesh and then trying to call an external service from istio pod.
I followed steps in link
https://istio.io/docs/tasks/traffic-management/egress/egress-gateway-tls-origination/till
2 Verify that your ServiceEntry was applied correctly by sending a request to http://edition.cnn.com/politics.but in place of "edition.cnn.com", used my service.
When I try to do curl inside my pod, I am getting the below error.
[2020-02-02T10:02:52.465Z] "GET / HTTP/1.1" 503 UF,URX "-" "-" 0 91 150 - "-" "curl/7.58.0" "fafa8680-bdf1-468a-b50f-1a4430707ceb" "service.abc.com" "173.25.13.66:80" outbound|80||service.abc.com - 173.25.13.66:80 10.44.0.6:47544 - defaultI can ping to service.abc.com, but how do I debug this error, and how to get more logs for analysis? As it did not mention to create steps for mtls and destination rules in above link, I did not create them.
Note: I am not facing any issue with edition.cnn.com, but getting issues when using my service which is external to mesh and is running in another server within my company network.
service.abc.com service supports only http or only https or both http and https? Is it configured to redirect http to https ? if you hit an endpoint with http and if its neither listening on port 80 nor redirecting http to https you are expected to get 503.
If you follow all the steps till 5 in the doc and assuming that service.abc.com is a https service it should work as expected because at step 5 even if you are sending a http request istio egress gateway is going to convert it to https(TLS origination) before it sends out the request to service.abc.com.