I would need to deploy a second Azure Load Balancer for ingress gateway of an app (to be separated from the main Load Balancer deployed in the istio's default profile).
I have tried the suggestions on GitHub (https://github.com/istio/istio/issues/19263). However, the result was actually an additonal Frontend IP Configuration for the main Load Balancer, and not an additional Load Balancer. This ends up with "ERR_SSL_PROTOCOL_ERROR" error (if curl is used: error:1408F10B:SSL routines:ssl3_get_record:wrong version number), if the same port 443 is used in both istio ingress gateways.
istio version: 1.5.1
Any suggestions on how to deploy an additional Load Balancer for the second ingress gateway? Thanks
This is a tricky configuration as it needs to have an entire new second istio ingress gateway (not just a gateway object). There is an article about this here.
This approach creates new HorizontalPodAutoscaler, Deployment, Gateway, PodDisruptionBudget, Service, ServiceAccount for the second istio ingress gateway based on the default configuration.
After modifying all the names labels You can kubectl apply the manifest to Your istio cluster . As for the Loadbalancer, new one will be attached to new istio-ingress gateway automatically.
Hope it helps.